1. WHO WE ARE
TATICCA is made up of member firms of their respective entities and lines of business, which we call Companies, therefore, this Privacy and Personal Data Protection policy applies only to the specific pages of the website listed above, it is important to highlight that we aim Always act on privacy and protection of personal data, as throughout the text we explain how to protect visitor information on our website.
In view of this, Taticca companies express their commitment to transparency with the treatment of their personal data in an ethical and responsible way,
From now on, we are available for any clarifications that may be necessary, about this document and regarding the Protection of Personal Data, so, talk to our Person in Charge/DPO by email email@example.com
2. GENERAL PROVISIONS
- Define the actions that will be carried out by the controlling company within the scope of the protection of personal data provided by the data subjects;
- Inform data subjects about any operation carried out with personal data by the controlling company;
- Justify the processing or transfer of data based on the LGPD; and,
- Ensure data subjects have clear, adequate and conspicuous access to the processing carried out with personal data.
We highlight and inform you how and what personal data we collect about you, how we will use it and for what purpose, how and where we store it, if we share it.
What types of personal data do we collect?
The personal data we collect may include: your name; email address; your title, phone number.
TATICCA, acting as a service provider, takes special care to protect all the interests of data subjects, thus ensuring that:
- All personal data collected are treated in accordance with the law, respecting the principles of minimization and proportionality;
- The collection of personal data will always have specific and legal purposes, not allowing further processing that is not suitable for the informed purpose;
- All personal data are stored in a way that allows the identification of data subjects; and,
- No more personal data will be collected than is strictly necessary to achieve the purpose of the treatment.
Protecting the dataset against unauthorized access;
3. ABOUT DATA PROCESSING ON THE PLATFORM
Taticca processes personal data for the purpose of forwarding newsletters and promoting services:
- Compliance with legal obligations, including tax and accounting regulations;
- Conduct judicial, arbitration, administrative, administrative, enforcement and mediation proceedings;
- Document the contractual relationships for purposes of proof for the limitation period of claims related thereto; carry out direct marketing of services or goods offered, including through email correspondence, such as newsletters, with the consent of the holders;
- Handling claims arising from rights under the warranty
We always act with the provision of services, we collect in the course of the provision of the services the personal data of the Customers can be transferred to third parties involved in the treatment of data and authorities of the public administration, being the responsibility of the controlling company to indicate them to the holders of the data.
Examples of third parties involved in the processing of personal data are companies that provide accounting, controllership, legal services, human resources, etc.
The parent company guarantees that all third-party companies involved in the data processing process have assignment contracts, delimiting responsibilities regarding privacy and protection of personal data.
The controlling company declares that it has implemented the appropriate technical and organizational measures that guarantee an adequate level of security corresponding to the risk related to the processing of personal data entrusted to it.
The company administrator undertakes to regularly check and update the technical and organizational measures used to provide an adequate level of protection for the personal data entrusted.
The parent company declares that, in order to guarantee the security of the processing of personal data, it has introduced the Personal Data Protection Policy, as provided for in art. 50, § 2, paragraph I of the LGPD, and should aim at the adequacy of its procedures for the processing of personal data.
The processing of personal data as part of the purposes indicated above in point 3 sec. 2 includes, in particular, its collection, modification, storage, viewing, updating, analysis and archiving.
Personal data will be stored by the parent company for the following periods:
- In situations where the legal basis for the processing of personal data is the fulfillment of a contractual obligation, the period contained in the contract will prevail or in situations where obligations to be fulfilled arising from the contract still survive. In this situation, the data may be stored until the expiration of the contract.
- In situations where the legal basis for the processing of personal data is the legitimate interest of the controlling company, the personal data will be stored for a period stipulated in the Personal Data Protection Policy. The parent company guarantees that it will periodically check, at least annually, whether the data contained in storage should be kept in accordance with its legitimate interest or should be deleted/deleted.
- In situations where the legal basis for processing personal data is compliance with a legal obligation, personal data must be kept for the minimum period indicated by law, regulations or regulation.
The personal data processed by the company providing electronic services are included in the event of necessity for the execution and fulfillment of the contract for the use of the Account, since it is a mere provider of the electronic services of the Site. Therefore, it may process the following personal data of the controlling company's customers:
- Name and surname;
Failure to provide the aforementioned personal data will affect the implementation of the contract for the provision of Electronic Services on the Site, being strictly necessary for contractual compliance.
The company providing the electronic services also processes anonymous data related to the use of the Site (for example, the number of Customers) to generate statistics on the use of the platform. This data is aggregated and anonymous, that is, it does not contain features that identify any data subject.
As a result, your personal data will be processed in the following cases:
(a) by providing your consent for the processing of your data, for example, to provide you with some marketing material. If you do not wish to continue receiving any marketing material from us, simply click on the unsubscribe function contained in the communication or email received.
(b) where there are legitimate interests in the provision and delivery of our services to you or our client, as well as for the effective and lawful functioning of our business, provided that such interests are not outweighed by your interests, fundamental rights and freedoms.
(c) observation of applicable legal and regulatory obligations that may require the collection, storage and sharing of your personal data in order to comply with legal and regulatory provisions, such as (i) record keeping for tax purposes or providing information to a body public or law enforcement agency; (ii) compliance with labor and social security obligations; (iii) compliance with anti-corruption, money laundering, fraud and irregular conduct obligations.
(d) to perform any contract, as well as to provide our services to you or our customer.
(e) to regularly exercise our rights, for example, to exercise our right of defense in any judicial or administrative proceeding.
(f) protection of your life or physical safety or that of a third party;
(g) protection of your health.
Likewise, your sensitive personal data will be processed in the following cases:
(a) by providing your specific and highlighted consent for the processing of your data;
(b) When necessary to comply with applicable legal or regulatory obligations that may require the collection, storage and sharing of your personal data in order to comply with legal and regulatory provisions, such as (i) maintaining records for tax purposes or providing information to a public body or law enforcement agency; (ii) compliance with labor and social security obligations; (iii) compliance with anti-corruption, money laundering, fraud and irregular conduct obligations.
(c) protection of your life or physical safety or that of a third party.
(d) guardianship of health.
(e) to regularly exercise our rights, for example, to exercise our right of defense in any judicial or administrative proceeding.
(f) guarantee of fraud prevention and its security, in the processes of identification and authentication of registration in electronic systems
4. ABOUT COOKIES AND PERFORMANCE DATA
The Service Provider does not process data contained in Cookies when using the Site.
5. ABOUT YOUR RIGHTS AS A DATA HOLDER
Taticca, through its communication channel, whenever required by the data subject, will provide the following information:
- Contact of the data protection officer;
- Right to erase your data
- Right to update data
- Right to carry out data portability
- The purposes of processing personal data and the respective legal basis;
- The personal data collected or categories of personal data;
- About the transfer of data with third parties, especially in situations involving international organizations;
- The maximum period of storage of personal data or the criteria that will determine this period; and,
- The consequences in situations where consent is denied by the data subject.
The controlling company will always inform the data subject in situations where the personal data is used for a purpose other than the one informed, respecting the requirements of the LGPD.
In situations of withdrawal of consent, this can be done at any time, without affecting the treatments already carried out by the controlling company.
When information regarding the personal data collected by the holder is requested, the controlling company will provide a copy of this collected data, being allowed to charge administrative fees for the service. Preferably, copies will be provided electronically.
When providing any of the aforementioned information, especially those containing collected personal data, the parent company will always provide it as clearly as possible, in a readable and easy-to-understand format, to facilitate the portability of personal data, in situations where it is requested by the holder. of data that the controlling company sends the data to third parties the data already collected.
In addition to providing the aforementioned information, the controlling company will maintain the communication channel for data subjects to submit suggestions, complaints and complaints regarding the data processing activity.
If the data subject or the controlling company identify that the personal data collected is incomplete, they may immediately correct them on the platform.
Also, in situations in which the data subject identifies the need for the treatment, he may request from Taticca the personal data that limits the treatment activities, guaranteeing that only treatments that have the purpose of protecting and maintaining the rights of the data subjects are carried out.
If requested by the holder of the personal data, Taticca must immediately eliminate the deletion or deletion of personal data from the platform, when applicable. The controlling company will eliminate or delete personal data without request from the holder in situations where:
- They are no longer needed for the purposes for which they were collected;
- They no longer have consent, if it is based on the respective legal basis;
- There is a justified opposition to the treatment by the data subject;
- Arising from improper collection or violations of the protection and privacy of personal data; and,
- The law, regulations or regulations require deletion.
It should be noted that the obligation to delete, eliminate, restrict and immediately correct personal data by the controlling company will not be valid in situations where the procedure is impossible or requires a disproportionate and significant effort.
Personal data processed by the parent company for direct marketing purposes, the data subject may object at any time to the processing of their personal data for marketing purposes.
Taticca guarantees that in direct marketing activities or any other activity in which automatic processing of personal data is carried out, no algorithmic decision will be taken in relation to personal data and their respective holders. All this to ensure the protection of the rights, freedoms and legitimate interests of data subjects.
We use a range of physical, electronic and managerial measures to ensure that your personal data remains secure, accurate and up to date. These measures include:
- Education and training of responsible staff so that they are aware of our privacy and data protection obligations when handling personal data;
- Administrative and technical controls to restrict access to personal data, conditional on the need for knowledge;
- Technological security measures, including firewalls, encryption and antivirus software;
- Physical security measures, such as employee security passes to access our facilities.
Although we use appropriate security measures, once we receive your personal data, the transmission of data over the internet (including via email) is never completely secure. We strive to protect your personal data, but we cannot guarantee the security of data transmitted to or by us.
Aiming at the proper protection and treatment of your personal data in accordance with the LGPD, in addition to other applicable laws, we are committed to:
- Adopt security, technical and administrative measures to protect personal data from unauthorized access and from accidental or unlawful situations of destruction, loss, alteration, communication or any form of inappropriate or illicit treatment;
- Keep a record of personal data processing operations carried out, especially when based on legitimate interest;
- Communicate, within a reasonable period, to the National Data Protection Authority and to the holder of the occurrence of a security incident that may cause significant risk or damage to the holders;
- Use for the processing of personal data systems that are structured in order to meet the security requirements, the standards of good practices and governance and the general principles provided for in the LGPD;
- Deleting personal data after the end of its treatment, within the scope and technical limits of the activities, authorized for conservation for the purposes provided by law; and
- Observe the guidelines, rules and regulations issued by the National Data Protection Authority (ANPD).
You have several rights in relation to your personal data, which can be exercised at any time, free of charge, through a request registered by you to our DPO / Person in Charge, through the Contact Us. In particular, you have the right to:
- Obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you;
- Request that we update the personal data we hold about you or correct data that you feel is incorrect or incomplete;
- Withdraw the consent granted for the processing of your personal data, as well as request its deletion (to the extent that such processing is based on consent);
- Request the portability of the personal data we have about you to another supplier of products or services, provided that commercial and industrial secrets are respected, as well as applicable confidentiality;
- Obtain information about who we share your data with;
- Request that your personal data that you understand as unnecessary, excessive or treated in non-compliance with the LGPD, be anonymized, blocked or eliminated;
- Request the review of decisions made solely on the basis of automated processing of personal data.
To exercise any of your rights, or if you have any other questions about the use of your personal data, please contact our DPO/Personal Person at firstname.lastname@example.org.
6. FINAL PROVISIONS
In situations where there are links on the website of the controlling company to domains and websites of third parties, the responsibility for the processing of data, including the Cookies Policy, will be the third owner of the domain or website.
In case of doubts regarding this policy or occurrences not listed in this policy, Taticca must resolve them, forward them through the following contact: email@example.com