Purpose

Present Data Privacy Policy purpose is evidencing commitment and responsibility with customer collected data handling, preserving information privacy and safety, as per provisions of Law Lei 13.709/2018 – General Data Protection Law – LGPD.

On data collected

Data collect is priority and required for product and/or service marketing and purpose execution proposed according to each situation previously reported to holders, that shall provide their data directly in our catchment channels.

We collect essential registry and financial data to validate proposals and develop contracts.

Personal data handling

Personal data care and handling are performed exclusively with the specific purpose, and according to legal precepts or holder consent. Every handling is performed in compliance with safety procedures in relation to data privacy and protection, according to guidelines provided by Law 13.709/2018 (General Data Protection Law).

To analyze your product acquisition, according to credit protection legal framework, we can perform query on credit information of your potential customers in institutions including Serasa, SCPC, public agency websites, among others.

Data purpose

Data collected is handled according to specific purposes to market your products. We highlight the main purposes: possibility that customers know products and/or services and provide information required.

We can perform data handling to other services, as long as it has the same clear purposes previously declared to the holder, with your consent, whenever required. If consented by holders, we can use data for publicity purpose, including e-mail marketing, telephone contacts through SMS or application messages, like WhatsApp.

At any time, data holder can request publicity database exclusion through the means available in notifications, by means of specific contact or e-mail [email protected]

Data share

We share customer data only to third parties which information is deemed essential for the purpose proposed, including submission to banks, in case of funding or payment in installments; for collection service providers; for card operators and third party companies in case of maintenance. Whenever required, sharing not described previously is performed in compliance with specific purposes, previous notification and consent of data holder.

Third party companies, with which we share data, must be committed with our customer data privacy and safety, by means of reasonable protection means, and based on contractual terms, keeping data preservation.

We do not share customer data with third parties interested in supplying, that is not linked to the group, on any account. If you contacted by any third party not identified, contact us through the e-mail available in this Data Privacy Policy, so that we can take actions required concerning the use of our brand without consent.

Data storage

We store all data required to keep the purposes, employing reasonable protection means and excluding data, whenever no longer required to comply with purposes or requested by holders, as long as the storage is not covered by legal framework provided by Law 13.709/2018 – LGPD.

Personal data holder rights

We assure to customers the compliance with their request based on provided data holder rights, as provided by Law 13.709 – LGPD.

  1. treatment existence confirmation;
  2. data access;
  3. incomplete, inaccurate or outdated data correction;
  4. unnecessary, excessive or handled data anonymization, block or elimination in non-compliance with Law provisions;
  5. data portability to other service provider or product by means of express request, according to national authority regulation, observing commercial and industrial secrets;
  6. handled personal data elimination with holder consent, except as provided by Law;
  7. public and private entity information with which the controller performed shared data use;
  8. information on the possibility of not granting consent and the consequences of the denial;
  9. consent revoking.

Holders can perform their rights through communication channels provided to this purpose.

Data holder is aware that the requests can be legally rejected, and they are justified to the holder, as provide by Law 13.709 – LGPD.

Protection measure

We are concerned with customer, supplier, employee and third party data protection, using safety measures to preserve data privacy and integrity.

We keep data access controls of our customers, as well as team training for correct data handling.

We use feasible technical means to protect electronic data, including antivirus; firewall to minimize invasion risk against hackers; antispam to protect against e-mails that can contain virus; full backup for data copy; and individual access control to computers, network and systems.

Use consent

As services are used or our products and/or services are acquired, providing personal information, data holder consents and agrees with present Privacy Policy.

As registry is performed, data holder declares to be aware and be able to perform the rights to cancel registry, access personal data and assures provided information veracity.

Data holder can request consent withdrawal, at any time, and he/she should contact us.

E-mail: [email protected]

Requests will be complied with within at most 15 days.

Privacy Policy Modifications

We reserve the right to perform modifications in present Privacy Policy at any time, due to that, it is recommended that data holder, as well as visitors, revise it frequently.

Modifications and clarifications shall take effect immediately upon their publication on the website, and they shall be notified to visitors whenever they are effective.

Providing information or using services upon modifications designed, denotes data holder agreement with new guidelines.

Cookies

We use cookies technology only concerning features provided on our website by third party companies, including marketing management system, customer portal and Google Analytics cookies.

These cookies are used only to monitor behaviors and optimize browsing experience, for instance, in purposes mentioned below:

  • Keeping a user visit origin reference to the website;
  • Keeping list of every page a visitor accessed within its domain, even before the conversion (only for accounts with access to Lead Tracking);
  • Assuring that a user always sees the same test version A/B, assuring result and experience consistency;
  • Previously answered quick field filling;
  • Not requiring that the same visitor answers to the same questions in a smart form;
  • Saving cookies preference answers and not asking again within this consent validity;
  • Preventing that the same pop-up is presented to the same visitor several times within a short time interval;

Information catchment significant remarks

We clarify that, apart from possibilities abovementioned, we present yet a few assumptions in which, within platform browsing or contact by other means, information collection can take places, even if the user does not perform registry on our website or virtual store.

  • IP address identification;
  • Information on the device used to browsing;
  • Products and categories researched or viewed;
  • View count;
  • Pages visited on other websites;
  • Social login information, whenever the user registers through a social media account, including Facebook, Google, Apple ID, consenting thus, with such collection;
  • Information made public, provided by the user him/herself or that is publicly available.
  • Information provided, voluntarily, by the user him/herself, by means of communications with De Marchi, on social media or in comments and product evaluations.