Privacy Policy

SECTION 2 – COLLECTED PERSONAL DATA (HOW DO WE COLLECT THEM? WHICH DATA DO WE COLLECT? HOW DO WE USE THEM?

We collect and use some personal data that belong to those that use our website. Upon doing it, we operate in the capacity of a data controller of those data and, as such, we are subject to the provisions in the Brazilian General Data Protection Law.

We care for the protection of your personal data and, therefore, we make available this Personal Data Protection and Privacy Policy so that everyone becomes aware of it, a document that contains important information, basically about: (i) who should use our website; (ii) which data are collected by us, and how we use them; (iii) your rights in connection with your personal data; and (iv) how to get in touch with us.

1. Who should use our site?

Our site should be used by people aged eighteen (18) and older.

2. Data collected by us and why we collect them

Our website collects and uses some of our users’ personal data, as set forth in this section.

Those data allow us to identify both user and visitor, besides ensuring safety and welfare to their needs.

When a user / visitor accesses the pages of our website, his/her information on interaction and access may, possibly, be collected to ensure the best experience to user and visitor. These data may deal with keywords used in a search, the sharing of a specific document, comments, page views, profiles, the URL from where user and visitor come from, the browser they use and their access IP, among other features, that may be possibly stored.

User’s and visitor’s personal data collected and stored by our website has the purpose of, among other purposes, improving the services we offer; expediting, streamlining, and meeting the commitments made between users and visitors, and our Firm; improving the navigation experience, by understanding how users and visitors use the site; providing important content, by taking into account the particularities of our area of practice; possibly, allowing user’s and visitor’s access to specific and exclusive contents for registered users; and, by and large, granting legal safety to the parties.

2.1. Personal data expressly provided by user

We collect  the following personal data that our users may supply to us, by their own free will when using our website. (i) full name; (ii) telephone number; and (iii) e-mail.

Possibly, we will also collect: (iv) professional data (for example:  name of the company in which user works, position held, corporate e-mail and telephone number), when shared by user in his message and/or subject-matter of the communication in our “contact” tab.

The collection of said data is done, exclusively, upon the optional filling in, by user, of a contact form.

Our website does not require that a document number and/or form should be filled in, and either the information on any personal data on a mandatory way. Sending personal data by the website users is up to them, if they wish to get in touch with us by digital means

Finally, as explained in the previous topic, for the purposes of optimization of our website users’ and visitors’ navigation, we may collect data in connection with the access to our website pages, key-words used in the search, recommendations, comments, interaction with other profiles and users, followed profiles, and IP address, etc..

2.2. Sensitive Data

Our users’ sensitive data will not be collected, thus understood as those defined in Articles 11 and following Articles of the GLDP. Therefore, there will be no collection of data about race or ethnic origin, religion, political opinion, enrollment with a union or religious, philosophic, or political organization, health- or sex life-related information, genetic or biometric information, among other data taken as sensitive ones.

2.3. Cookies

Cookies refer to text files sent by the site to user’s and visitor’s computer and that remain stored in it, with information about the site navigation. These pieces of information are related to access data, such as access location and time, and they are stored by user’s and visitor’s browser so that we may read them later, for the purpose of personalizing the website services, improving navigation, understanding user’s interaction with the website, etc.

Cookies do not allow any file or information to be extracted from user’s or visitor’s access device, and it will not be possible, even if, through them, one has access to personal information that has not been given by user or how the latter uses the site resources.

Our website users and visitors must inform they are aware of the use of the navigation data collection system through the use of cookies, and they will accept it or not, according to the cookie banners displayed on the website

1. The website cookies

These deal with small text files automatically downloaded to your device when you access and navigate through our site. Basically, they operate in a way that make possible to identify users’ devices, activities, and preferences.

Cookies in our site are sent to user’s and visitor’s computer or device exclusively by the own website.

1. Cookies management

User may deny the registration of cookies by the website; user just has to deactivate this option in their own browser. Further information on how to do this in some of the main current browsers may be accessed from the following links:

Internet Explorer:       
https://support.microsoft.com/pt-br/help/17442/windows-internet-explorer-delete-manage-cookies

Safari:
https://support.apple.com/pt-br/guide/safari/sfri11471/mac

Google Chrome:
https://support.google.com/chrome/answer/95647?hl=pt-BR&hlrm=pt

Mozila Firefox:
https://support.mozilla.org/pt-BR/kb/ative-e-desative-os-cookies-que-os-sites-usam

However, deactivating cookies may affect the website’s availability to some of its tools and functionalities, and this will jeopardize its correct and expected operation. An additional and possible consequence is the removal of users’ saved preferences, which will jeopardize their experience.

2.4. The collection of data that are not expressly provided for

Possibly, other types of data that have been not expressly provided for in this Privacy and Personal Data Protection Policy may be collected, if they have been supplied upon user’s consent or, further, that the collection is allowed in accordance with another legal provision.

2.5. Sharing personal data with third-parties

We do not share your personal data with third-parties. However, it is possible we may do it in order to comply with a legal or regulatory provision, or further, to meet an order issued by a government authority.

2.5.1. Personal data collected from third-parties

We may receive personal data, also, in an indirect way, from third-parties that are legally authorized to share them with us, that may be our business partners, suppliers, advertising nets, social network sites such as Facebook, Instagram, Twitter, and LinkedIn, research information providers, third-parties that enable the functionality of signalization and integration of social networks or other users and visitors. Furthermore, we may receive from our clients some third-parties’ personal data, in the scope of providing our services. Those data will be used only for the purposes set forth in this Personal Data Protection and Privacy Policy and we recommend data holders to access these third-parties’ policies in order to understand how their personal data are treated by them.

2.6. The time period your personal data will remain stored

Personal data collected by the website are stored and used for a time period that corresponds to the required time to meet the purposes listed herein and that takes into account the rights of its holders, the site controller’s rights, and the applicable legal or regulatory provisions.

Once the personal data’s storage periods expire, they will be removed from our database or anonymized, except in cases in which there is the likelihood or the need for storage due to a regulatory or legal provision

SECTION 3 – LEGAL BASES FOR THE TREATMENT OF PERSONAL INFORMATION

A legal basis for personal data treatment is nothing but a legal foundation, set forth in law, that justifies it. Thus, each personal data treatment needs to have a legal basis that corresponds to it.

We treat our users’ and visitors’ personal data chiefly in the following cases: (i) by consent of the personal data holder; (ii) for the compliance with a legal or regulatory obligation by controller; (iii) for the regular exercise of rights in court, out-of-court, or arbitration proceeding; (iv) whenever required to meet the controller’s or third parties’ legitimate interests; and (v) performance of an agreement between VFGQ and user and/or visitor, including communications carried out between company and user and/or visitor.

3.1. Consent

Some personal data transactions carried out in our website will depend on user’s previous agreement, who must do it  in a free, informed, and unquestionable way.

User may waive his/her consent at any time, and if there is no legal basis that allows or requires data storage, data supplied by consent will be excluded.

In addition, if they so wish, users may not agree to a personal data treatment operation based on consent. However, in these cases, it is possible that a specific website functionality that depends on that transaction may not be used. The consequences of the lack of consent for a specific activity are informed in advance to the treatment.

3.2. Compliance with a legal or regulatory obligation by Controller

Some personal data treatment operations, chiefly data storage, will be carried out so that we may comply with obligations set forth in law or other applicable normative provisions to our activities.

3.3. Legitimate interest

In some personal data treatment operations, we base ourselves exclusively on our legitimate interest, chiefly when the data holder’s consent is very hard to be achieved, the data holder’s consent may be considered unnecessary, and when there is a very small impact on the data holder and reasons for his/her use of the data.

In order to review the feasibility of using legitimate interest legal basis, we always apply the proportionality test, that aims at balancing, from one side, our company’s interests, and, on the other side, the personal data holder’s rights.

As an example, VFGQ avails itself of this legal basis to send required communications due to our agreement with customers and/or relevant information for keeping our relationship with user and visitor or bringing up to date their personal data and information in our records.

3.4. Execution of our agreement

In order to help us answer your questions and manage your requirements; allow the maintenance and to bring up to date the users’ and visitors’ registration information, as well as the performance, the access and use of our site and for your interaction with us; and make feasible to service user and visitor.

SECTION 4 – SITE VISITORS’ AND USERS’ RIGHTS

The site visitor and user have the following rights, granted by the GLDP: (i) confirmation of existence of treatment; (ii) data access; (iii) correction of incomplete, inaccurate, or outdated data; (iv) data anonymization, blockage, or elimination of unnecessary, excessive data, or data treated not in compliance with a provision set forth in law; (v) data portability to another supplier of service or product, by an express requirement, in accordance with the Brazilian authority, subject to business and industrial secrets; (vi) personal data elimination that were treated with data holder’s consent, except in cases set forth in law; (vii) information from government and private entities with which controller shared the use of data; (viii) information on the possibility of denying to give consent and on the consequences of the ensuing negative answer; and (ix) revocation of consent.

Note that, under the GLDP, there is no right to eliminate treated information based on legal provisions different from the consent, unless this deals with unnecessary, excessive information or data treatment that does not comply with provisions in law.

4.1. How holders may exercise their rights

Holders of personal information treated by us may exercise their rights by a request in this regard, by email, with confirmation of delivery and reading, addressed to the person in charge shown in Section 7 of this Privacy and Protection of Personal Information.

In order to ensure that a user that intends to exercise their rights is, actually, the personal information holder, the purpose of the request, we may require the submission of documents or information that may help the user’s correct identification, for the purpose of safeguarding our rights and third-parties’ rights. However, this will only be done if it is truly necessary, and applicant will receive all related pieces of information.

SECTION 5 – SAFETY IN TREATING PERSONAL INFORMATION

We use technical and internal organization measures that are ready to protect collected personal information by our website, including in situations for amending or destroying information. The measures always take into account data nature, collection context, the purpose of the treatment, damages that a possible violation could cause to holder, and at all times we will take the safest measures available in the market.

Thus, the VFGQ takes all measures that are within its reach to protect users’ and visitors’ personal information, and we emphasize the use of Wix platform, protected with SSL/TLS systems that are types of digital safety that allow encrypted communication between a website and a navigator.  Thus, the company’s website allows its users and visitors to browse and send information safely, including with HTTPS protocol.

However, even if we have resorted to everything that is within our reach to avoid security incidents, we do not rule out a possibility of the occurrence of a problem exclusively due to a third-party – as in case of hacker or cracker attacks or, further, in case of exclusive user´s fault, which occurs, for example, when user himself transfers his data to third-parties. Thus, although we are, by and large, liable for personal information that we treat, we exempt ourselves from any liability in case of occurrence of exceptional circumstances beyond our control. Anyway, if any safety incident occurs that may give rise to relevant risk or damage to any of our users, we will communicate the affected parties and the Brazilian Authority on Data Protection (ANDP, initials in Portuguese) about the occurrence, in compliance with the provision in the General Law on Data Protection.

By taking into account that we do not control internet safety, we will not be liable for the safety of information that you may choose to communicate online while you browse and transmit data, including for any loss of data during transmission. Thus, once it is not possible to ensure the full safety of transmitted data to us or through our website, we recommend and ask you to be careful with and pay attention to the transmission way and the choice of personal data that will be shared with us or, further, with any third-parties.

SECTION 6 – AMENDMENTS TO THIS POLICY

We reserve the right to amend, at any time, the herein contained provisions, especially to adapt them to any changes made in our website, whether for the availability of new functionalities, or for the suppression or changes of existing ones, as well for the purposes of adapting them to laws.

At all times a change is made to this Privacy and Personal Data Policy, it will be updated in our site, which will make it possible to be known by all users and visitors, without prejudice of any notification to them, by email or other feasible format.

SECTION 7 – HOW DO YOU GET IN TOUCH WITH US?

In order to answer any questions about this Privacy and Personal Data Protection Policy or, by and large, on personal data that we treat, please get in touch with us at the email address vgq@vgqlaw.com.br

This Privacy and Personal Data Protection Policy was last updated in April 2021.