es pt en

Privacy and Data Protection Policy

CADASTRA MARKETING DIGITAL LTDA, a legal entity governed by private law, registered as CNPJ No. 08.257.844/0002-24, established at Av. Eng Luís Carlos Berrini, nº 1511, 17th floor, São Paulo state, city of São Paulo, zip code 04.571-011 (“Cadastra”), processes some of your Personal Data to provide you with products and services. We are a hybrid and global company, focused on digital transformation, which brings together strategic consulting, performance agency, digital operations, technology, communication and digital education services. It’s been transforming brands for over 20 years in more than 10 countries, with multidisciplinary, dynamic and always up to date know-how, bringing companies the highest performance for the short, medium and long term.

This Privacy Policy is intended to inform all Customers, Partners and the Market in general how we treat Personal Data collected and/or received by our operation. The Privacy Policy also clarifies to our clients their main rights guaranteed by Law 13.709/2018 (the “General Data Protection Law” or “LGPD”) and in what way Cadastra – guided by ethics, transparency and conformity – is prepared to comply with this regulation and guarantee the privacy of players surrounding it. If you have any questions, please contact us through the channels indicated at the end of the Policy (10th topic).

 

  1. IMPORTANT DEFINITIONS

The following definitions are important for you to understand the position and role of each person involved in our business, what are the main concepts defined by the LGPD and how Cadastra is structured to protect the Privacy of all its Customers and Partners:

  • “Controller”: the company (or the subject) responsible for deciding how the Subject Data will be treated;
  • “Operator”: the company (or the subject) that carries out the processing of any Personal Data on behalf of the Controller;
  • “Personal Data”: information relating to any identified or identifiable natural person; in other words, any information passed by a Customer to the Supplier, for example, that identifies or may identify a natural person;
  • “Sensitive Personal Data”: Subject Data about background: racial or ethnic, religious, political, genetic, biometric origin, indicative of sexual preference or health status;
  • “Processing”: any operation involving Personal Data that is carried out directly by the company;
  • “Holder”: natural person to whom the Data to be processed in the operation refers;
  • “Anonymization​”: use of technical means available in the processing of Data, in which a Data loses the possibility of association, directly or indirectly, with an individual.;
  • “Shared Use of Data”: communication, dissemination, international transfer, interconnection of Personal Data or shared treatment of Personal Data bases by public bodies and entities in the fulfillment of their legal competences, or between these and private entities, reciprocally, with specific authorization , for one or more treatment styles allowed by these public entities, or between private entities;
  • Partner: Supplier and/or Third Parties linked to the operation that are related to the services provided by Cadastra in favor of the Holder of Personal Data for the purposes of processing Personal Data;

 

  1. WHAT PERSONAL DATA MAY WE COLLECT, PROCESS AND HOW DO WE DO IT?

Cadastra strictly collects and treats the Data necessary for the execution of its corporate purpose, such as, but not limited to, Data related to qualification (name, ID, occupation, gender, address) and/or those voluntarily provided by Users through the Sites / Apps / Tools. Any and all processing of Personal Data of Customers and Partners carried out by Cadastra strictly serves the following principles:

  • Purpose: the treatment must have a clear, specific purpose and previously informed to its Data Subject;
  • Adequacy: treatment must be compatible with the context informed to the Subject and respect the purpose;
  • Need: treatment must be limited to the minimum necessary to perform the operation;
  • Free Access: obligation to provide the Data Subject with immediate and free consultation on the processing of their Data;
  • Data Quality: need for proof to the Subject of clear, relevant and up-to-date Data storage;
  • Transparency: obligation to guarantee to the Holder clear, correct and easily accessible information at any time;
  • Security: obligation to use technical measures capable of preventing leaks, unauthorized access, loss and/or unauthorized alteration of Data;
  • Prevention: prior adoption of measures to prevent and contain possible violations of LGPD obligations;
  • Non-Discrimination: impossibility of processing Data for discriminatory, illegal or abusive purposes;
  • Accountability: agent’s obligation to prove the adoption of effective measures to ensure compliance with the law and all its principles;

 

Upon prior and express consent by the Subject, we may also – in order to make the service to Clients and Partners more efficient – collect Personal Data from the following sources:

  • Sales management platforms in physical stores and via the internet
  • Application Programming Interface (API): service that allows communication between two parties
  • Cookies: registration of the Subject’s activities on our Sites / Apps / Tools with the aim of optimizing searches, always with the Client’s consent. For more information, see our Cookies Policy (https://cadastra.com/pt/politica-de-cookies-e-uso-do-site).

NOTE: Any Data provided on Third Party websites and applications might be subject to Privacy practices that differ from the adopted by Cadastra. If Personal information is submitted to any of these websites, the information will be processed through the Privacy Policies of those sites.

 

  1. WHY DO WE COLLECT PERSONAL DATA?

We take appropriate steps to ensure that all processing of your Personal Information by us or our service providers is lawful. The legal basis for processing your Personal Information will depend on the purposes for which we process your information.

  • Consent: upon prior consent by the Data Subject, in applicable cases;
  • Customer Efficiency: through the Data collected and stored with the Owner’s consent, we can optimize search times when browsing, eliminate inefficient offers to the Customer and reduce transaction costs to focus on what really matters;
  • Legitimate Interest: use of Personal Data by Cadastra – always for legitimate and previously informed purposes – to promote essential activities and/or regular exercise of rights;
  • Protection of Acquired Rights: we use Personal Data to operate any contractual or legal right that must be protected towards Customers, Partners and the market in general, including to protect the right to Privacy of Cadastra and the Data Holders whose Data has been entrusted to it.

 

  1. WHO DO WE SHARE PERSONAL DATA WITH?

We guarantee that only people authorized by Cadastra and bound by the same criteria of security, confidentiality and purpose can access your Personal Data when strictly necessary for the purposes of managing our business relationship or complying with our legal obligations.

In addition, sharing – with consent or for the exercise of legitimate interest – may occur in the following cases:

  • Sharing in the Economic Group: sharing of Personal Data by Cadastra – upon consent or for the exercise of right – with the companies of the DBG Group, which may act as Operators in the treatment of this information specifically in order to guarantee commercial management and greater efficiency in the marketing campaigns;
  • Partners: Third parties who provide services to Cadastra, such as providers of information technology services, communication or marketing services, as well as statistical services, limited to the sharing of Personal Data strictly necessary for the execution of contracted activities and always with the prior consent of the Subject .
  • Media campaign management tools: with the aim of sending advertisements adapted to your selected preferences based on your browsing and/or your requests on the Sites;
  • Behavioral analysis tools: with the aim of improving the user experience regarding the use of the Site by storing cookies – always previously accepted by the User – or by analyzing Personal Data voluntarily provided by the Owner with prior knowledge and agreement for this purpose.

Upon prior knowledge and agreement, the sharing of Users’ Personal Data with Partners will be carried out in connection with one or more of the purposes described in the 2nd topic of this Policy, respecting the limits and purposes strictly necessary to carry out our activity.

Cadastra may also be required to communicate your Personal Data, upon receiving a binding order or subpoena, to any authority with jurisdiction over our activity to comply with legal, regulatory obligations and/or to respond to the subpoena received. In this case, the sharing will take place within the strict limits punctuated by the order given and, whenever possible, will be preceded by a notification to the Subject to take all appropriate measures in order to, if desired, seek appropriate measures to try to revoke the order of sharing.

Finally, in compliance with the principles mentioned above, at any time the Subject may request access to all of his Data from Cadastra.

 

  1. HOW DO WE STORE PERSONAL DATA?

The Registry seeks to make it easy for the Subject to keep their Personal Information accurate, complete and up to date. If the Subject deems it necessary to update his Personal Data, he may request the Registration through the channels mentioned at the end of this Policy (10th topic).

These rights conferred on the Subject apply exclusively in relation to their own Personal Data. Cadastra does not share any Third Party Data with the User, including Personal Data of other Users that have been collected in our operation.

We guarantee the Data Subject the following rights:

  • Existence and Access: the Holder has the right to obtain confirmation of the existence of the activity of processing their Personal Data. If there is processing, the Data Subject has the right of access, that is, to obtain a simplified or complete statement about the categories of Personal Data processed, the origin of the Data and the purposes of the treatment. If your Personal Data is processed based on your consent, or on a contract signed between the Subject and Cadastra, the Subject also has the right to obtain a full copy of the Personal Data that is processed based on the consent or contract;
  • Correction: the Holder has the right to request the correction of incomplete, inaccurate or outdated Data about them;
  • Anonymization, blocking and/or deletion: in certain cases, when Personal Data is unnecessary, excessive or is treated in disagreement with the LGPD, the Holder has the right to request the anonymization, blocking or deletion of such Data;
  • Portability: in certain cases, as defined and to the extent required by the ANPD, and always respecting the commercial and industrial secrets of Cadastra, the Subject has the right to portability of their Personal Data to another company.
  • Shared Use of Data: the Subject has the right to obtain information about the public and private entities with which Cadastra has made shared use of their Personal Data;
  • Withdrawal of consent: whenever Cadastra requests consent to process Personal Data, the Subject has the right to refuse consent. Cadastra always informs you about this right and the consequences of  choosing not to consent to a processing activity. In addition, whenever the Subject consents to the processing of their Personal Data for a specific purpose, they may revoke their consent at any time, with all the processing activities carried out up to the date of revocation being validated.
  • Opposition Right to object to certain types of processing, including processing for direct marketing (which we do only with your consent).
  • Deletion of Personal Data allows you to request the deletion or removal of your Personal Information if there is no compelling reason for us to continue to use it. Remembering that this is not a general right to erasure, except in cases of mandatory storage as provided by law.

For more information and/or requests, the Subject must contact us through the channels indicated at the end of this Policy (10th topic). The analysis and response period is up to 30 days.

 

  1. WHAT RIGHTS DO WE GUARANTEE TO THE HOLDER?

Cadastra processes Personal Data only for the purposes described in this Policy.

Personal Data is kept to the extent necessary for the purposes of processing, and must be deleted:

  • as soon as the reason for its use ends, or
  • within the period determined by law.

 

  1. COMMUNICATIONS AND MODIFICATION OF THIS POLICY

The security and confidentiality of your Personal Information is extremely important to us. We have technical, administrative and physical security measures in place to:

  • protect your Personal Information from unauthorized access and misuse;
  • protect our IT systems against leakage of Personal Data;
  • ensure that we can restore your information in situations where Data is corrupted or lost in a disaster recovery situation
  • when appropriate, use encryption or other security measures
  • review security procedures periodically considering appropriate new technologies and updated methods.

While no measure is 100% effective, we are committed to ensuring that your Personal Information remains secure.

 

  1. MINORS DATA

Cadastra’s products and services are not intended for minors.

 

  1. INTERNATIONAL TRANSFER OF PERSONAL DATA

We may transfer your Personal Information to DBG Group companies, IT providers and other Suppliers in other countries. For companies with whom we may share your Personal Data outside the Brazilian Economic Area, we ensure that it is done using specific and legally approved safeguards.

 

  1. RESPONSIBLE FOR PROCESSING PERSONAL DATA

The DBG Group, to which Cadastra belongs, has a Person in Charge of the Processing of Personal Data, responsible for guiding the conduct of our activities in accordance with the legislation, as well as for receiving complaints and communications from the Subjects of Personal Data and the Authorities, and providing them with clarifications.

 

In case of doubts, complaints or any indication of violation of the terms of this Privacy Policy, or to practice your rights as a Data Subject, contact us through:

  • Email to privacy@dbg.com.br
  • Mail to Av. Eng Luís Carlos Berrini, nº 1511, 17th floor, State of São Paulo, city of São Paulo, zip code 04.571-011 for the care of the Personal Data Officer (DPO).

 

  1. PRIVACY POLICY UPDATES

The DGB Group may, at any time, update this Privacy Policy to reflect improvements implemented. Please check this page regularly for updates.