PRIVACY POLICY
This Privacy Policy has been drawn up by Tuper S.A, a company based in São Bento do Sul, at Avenida Prefeito Ornith Bollmann, 1441, District of Brazil, State of Santa Catarina, registered in CNPJ 81.315.426/0001-36, and sets out below the Privacy Policy of the SITE in order to clarify the rights, obligations and responsibilities of its Users.
A
A
a
PRIVACY POLICY
A
1. INTRODUCTION
TUPER S.A. adopts a global data protection procedure, applied to the entire Group, which guarantees a standard of protection of personal data processed by it, in accordance with the General Data Protection Act (Law No. 13 709/2018).
This policy aims to show how TUPER S.A. collects and uses users’ personal data.
Other digital platforms or applications provided by TUPER S.A. have specific terms of use and privacy policies for the processing of personal data carried out on them and complement this policy.
A
2. ABOUT THE DATA WE COLLECT
A
2.1 How We Collect Data. Data, including Personal Data, may be collected when you provide it or when you interact with our environments and services.
You are generally not required to disclose your personal information as a condition of using a TUPER S.A. site or application.
However, during your interactions, TUPER S.A. will ask you to provide personal information, such as name, email, phone number and address, which is considered necessary personal information. If you choose not to provide some of this information, we may not be able to provide you with all or part of our services.
A
2.2 Data update and reliability. You are responsible for providing your personal data fully and truthfully. Therefore, in order for TUPER S.A. to maintain the truthfulness and accuracy of its data, we provide the customer service channel listed in section 7.4 below for you to request the correction and update of your incomplete, inaccurate or outdated data.
We are also under no obligation to process or handle any of your Data if there is reason to believe that such processing or handling may impose on us a violation of applicable law or if you use our environments for purposes that are illegal, unlawful or contrary to our Code of Conduct.
A
2.3 Database. The database created through the collection of Data is our property and we are responsible for it, and its use, access and sharing, where necessary, will be within the limitations and business purposes described in this Policy.
A
2.4 Cookies and similar technologies. Cookies are small text files that are placed on your computer by the websites you visit. They are used extensively to make the Sites work more efficiently and to provide your information to TUPER S.A. We also use cookies to store your preferences.
You can control the data collected by cookies through your internet browser. Learn more in our Cookie Policy available on the company’s website.
A
2.4.1 Find out more in our Cookie Policy available on our website. In addition to the use of cookies for session-based tracking to identify individuals on TUPER S.A. site(s) or application(s), several other tracking mechanisms are available. This includes ‘cache-based’ tracking mechanisms, which use client-based storage that used stores to identify browser instances and determine previously visited sites by using various caches:
I. Web Cache;
II. DNS Cache;
III. Operational cache.
In addition, a “Unique Identifier”‘ can be used to monitor activity on the site. This unique identifier may consist of one or more values that can be read by the web service when the user browses the website. In this way, the user can be tracked on several different websites belonging to different entities, which is not directly possible with cookies. Examples of traceable information:
I. Network and location;
II. Device;
III. OS instance;
IV. Browser version.
You can block the collection of data from these tracking mechanisms through your web browser by using the “Private or Anonymous Browsing” feature, if available. Otherwise, use a web browser that has this feature.
A
IMPORTANT: If you use “Anonymous or Private Browsing”, TUPER S.A. cannot guarantee its proper functioning or whether your browser will block any tracking mechanisms mentioned above. TUPER S.A. shall not be held liable for any damage caused to the Data Subject by the malfunctioning of the “Personal or anonymous browsing” function.
A
2.4.2 All technologies used shall always comply with applicable law and the terms of this policy.
2.5 If TUPER S.A. uses only automated solutions, we will provide clear information on the criteria and procedures used upon request, subject to commercial and industrial confidentiality.
A
3. HOW WE SHARE DATA AND INFORMATION.
A
3.1 Data sharing hypotheses. Collected Data and recorded activities may be shared:
I. between TUPER S.A. subsidiaries throughout the country;
II. With competent judicial, administrative or governmental authorities, whenever there is a legal determination, request, requisition or judicial order; and
III. Automatically, in the case of corporate movements such as mergers, acquisitions and incorporations.
A
4. HOW WE PROTECT YOUR DATA AND HOW YOU CAN PROTECT IT TOO
A
4.1 Password Sharing. You are also responsible for the confidentiality of your Personal Data and should always be aware that sharing passwords and login credentials violates this Policy and may compromise the security of your Data and our environments.
a
4.2 Information Security. The security of all personal data processed is extremely important to us. TUPER S.A. adopts technical and administrative measures to ensure information security in its systems through protocols, controls, policies, procedures and guidelines to maintain these measures.
a
4.3 Access to personal data, proportionality and relevance. Internally collected Personal Data is accessible only to duly authorized professionals, subject to the principles of proportionality, necessity and consistency with the purposes of our business, as well as the commitment to confidentiality and retention of your Personal Data under the terms of this Policy.
a
4.4 External Links. When using our environments, you may be directed through a link to other portals or platforms that may collect your information and have their own data processing policies.
a
4.4.1 It is up to you to familiarise yourself with the privacy and data processing policies of such portals or platforms outside our environment and it is your responsibility to accept or reject them. We are not responsible for the privacy and data handling policies of third parties, nor for the content of websites, content or services linked to environments other than our own.
4.5 Processing by third parties under our directive. Where third parties process on our behalf any Personal Data we collect, they will comply with the terms set out in this document and information security standards.
a
5. HOW WE STORE YOUR PERSONAL DATA AND ACTIVITY LOG
Collected Personal Data and activity records are stored in a secure and controlled environment and kept only for as long as necessary. TUPER S.A. has specific storage and management policies and procedures so that personal data is stored in accordance with the following criteria:
I. As long as the relationship between you and TUPER S.A;
II. For the period required to meet our global legal and contractual obligations.
a
5.1 Long-term storage. For audit, security, fraud control, credit protection, and rights preservation purposes, we may retain your Data record for a longer period of time where required by law or regulation, or to preserve your rights.
a
5.2 The Data collected will be stored on our servers located in Brazil, as well as in a cloud computing environment, which may require a transfer and/or processing of this Data outside Brazil.
a
6. WHAT YOUR RIGHTS ARE AND HOW TO EXERCISE THEM
a
6.1 Your Basic Rights. You can ask TUPER S.A. to confirm the existence of the processing of personal data, as well as the display or rectification of your personal data, by sending an email to dpo@tuper.com.br or by using the “Contact us”) available on the corporate website via the address tuper.com.br, which has a dedicated channel for data protection services.
a
6.2 Restriction, opposition and deletion of data. You can also apply by email at dpo@tuper.com.br:
I. The limitation of the use of your Personal Data;
II. Express your opposition and/or revoke consent to the use of your Personal Data; or
III. Request deletion of your personal data collected by us.
a
6.2.1 If you withdraw your consent for essential purposes for the normal functioning of our environments and services, such environments and services may become unavailable to you.
a
6.2.2 If you request deletion of your Personal Data, it may be that the data must be kept for a period longer than the deletion request, pursuant to Article 16 of the General Data Protection Act, to (i) comply with a statutory or regulatory obligation, (ii) research by a research authority and (iii) transfer to a third party (subject to data processing requirements set out in the same law). In all cases by anonymizing personal data whenever possible.
a
6.2.3 After the end of the maintenance period and if legally necessary, Personal Data is deleted using secure destruction methods or used in anonymous form for statistical purposes.
a
7. INFORMATION REGARDING THIS POLICY
Change in content and update. You acknowledge our right to change the content of this Policy at any time and without prior notice to you, and it is up to you to review it each time you access our environments or use our services for any purpose or necessity, such as for adequacy and legal compliance with the provisions of a law or regulation of equivalent legal force. The date of the last updated version is always stated at the end of this Policy.
a
7.1.1 If there are updates to this document that require new consent collection, you will be notified through the contact channels you have provided.
a
7.2 Non-applicability If the Data Authority or a court finds that any part of this Policy is unenforceable, the remaining terms shall remain in full force and effect.
a
7.3 Electronic Communication. You acknowledge that all communications made via email, SMS, instant messaging applications or any other digital, virtual and digital form, in accordance with the details provided in your registration, are also valid, effective and sufficient to disclose any matters relating to the services we provide, your details, and the terms and conditions of their provision or any other subject matter addressed therein, save only what this Policy provides as such.
a
7.4 Customer Service Channels. If you have any questions about the provisions contained in this Privacy and Data Processing Policy, you may contact us at dpo@tuper.com.br at https://www.tuper.com.br/fale-conosco/.
a
7.5 Applicable law and forum. This Policy shall be construed in accordance with Brazilian law in the Portuguese language, selecting the jurisdiction of your domicile to resolve any disputes relating to this document, unless applicable law retains specific personal, territorial or functional jurisdiction.
a
7.5.1 You, if not domiciled in Brazil, and due to the services offered by the Company only in the national territory, are subject to Brazilian law, agreeing, therefore, that in the event of a dispute to be resolved, the action must be proposed in the District of São Bento do Sul/SC.
a
8. GLOSSARY
For the purposes of this policy, the following definitions and descriptions should be considered for its better understanding:
I. Data: Any information entered, processed or transmitted through Our Environments.
II. Personal Data: Data relating to an identified or identifiable natural person.
III. Anonymization: Use of reasonable and available technical means during processing by which the possibility of directly or indirectly linking the data to an individual is lost.
IV. Cloud Computing: or cloud computing, is a service virtualization technology built from the interconnection of more than one server over a common information network (e.g., the Internet) to reduce costs and increase the availability of sustainable services.
V. Our Environments: Digital Platforms and Applications owned by TUPER S.A.
VI. Access Account: Certificate required to use or access exclusive features of our environments.
VII. Cookies: Small files sent by Our Environments, saved on your devices, which store your preferences and some other information in order to customize your navigation according to your profile.
VIII. Automated solutions only: These are decisions affecting a user that are programmed to work automatically, without the need for human intervention, based on automated processing of personal data.
IX. Treatment: Any operation performed with Personal Data, such as those related to the collection, production, receipt, classification, use, access, reproduction, transmission, dissemination, processing, submission, storage, removal, evaluation or control of the information, modification, communication, transfer, dissemination or retrieval.
a
a
Update: February 1, 2021.
