IN CONSTRUÇÃO DE MARCAS LTDA., a company governed by private law, with its principal place of business in the City of São Paulo, State of São Paulo, at Avenida Brigadeiro Faria Lima, nº 1912, Conj. 19M, Bairro Jardim Paulistano, Zip Code (CEP) 01.451-907, enrolled with the National Corporate Taxpayer's Register of the Ministry of Finance (CNPJ/MF) under No. 18.019.484/0001-86 ('IN'), has the website [https://in.com.br/] ('Website') to offer its services to the public, allowing users to contact IN by filling out an online form.
To facilitate the reading and understanding of this Policy, some important definitions are provided in the table below:
Any information related to an identified or identifiable individual, directly or indirectly.
Personal Data Sensitive Data
Special category of Personal Data referring to racial or ethnic origin, religious belief, political opinion, union membership or association with religious, philosophical or political organization, referring to health or sexual life, genetic or biometric data relating to an individual.
Individual to whom the Personal Data relates, such as former, current or potential clients and employees, contractors, business partners and third parties.
Any operation on Personal Data, such as collection, production, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, modification, transfer, diffusion, or extraction.
Use of reasonable technical means available, at the time of processing, to remove information that can be associated with an individual directly or indirectly.
Acronym for Brazilian Data Protection Authority – a body responsible for overseeing compliance with the Brazilian General Data Protection Law.
It means the website [https://in.com.br/] owned by IN.
User(s) or You
Users who visit the website, including those who contact IN by filling out the available form.
Collected Personal Data and Purposes
During your experience on the Website, IN may collect different types of Personal Data, whether automatically or provided directly by you.
The table below shows Personal Data that can be collected, the situations in which they are collected and the purposes of collection:
Source Personal Data Collected Purpose(s) Website Navigation
- IP Address
- Information about the device used for browsing activity
- Protect security;
- Activate essential features of the Website;
- Develop new features and improvements for the Website.
Filling Out the Contact Form
- Telephone Number
- Reply to your message and contact you to send the discount coupon or when needed.
Additionally, IN may process Personal Data, regardless of its source, for the purpose of:
- Ensuring compliance with legal or regulatory obligations;
- Ensuring due exercise of IN's rights in judicial, administrative and arbitration proceedings; and
- Collaborating with the fulfillment of a court order, competent authority or supervisory body.
IN may also process Personal Data based on its legitimate interest, always within the limits of what is expected by the Data Subject, mainly taking into account the existing relationship with IN, and never to the detriment of their interests, rights and fundamental freedoms.
IN does not intend to process Sensitive Personal Data and will only be able to do so if, in your interactions with IN, you voluntarily provide such data.
Non-Provision of Data: If the User opts not to share certain Personal Data when requested, IN may not be able to provide all the features made available on the Website or effectively respond to the User's messages.
Cookies are small text files stored directly on the User's device to provide information such as browser type, time spent on websites, pages visited, language preferences, and other anonymous traffic data.
If you do not wish to have your information collected via cookies, there is a simple procedure in most browsers that allows cookies to be automatically rejected, or gives you the option to accept or reject the transfer of specific cookie(s) from a particular website to your computer. However, this may affect how you experience the Website.
Sharing of Personal Data with Third Parties
IN may share your Personal Data with:
- Service providers or partners that process Personal Data on behalf of IN, such as providers of hosting and data storage services, user support, creation and personalization of content, advertising and marketing activities, IT services; and
Whenever Personal Data is shared, IN will limit access to it to the minimum necessary and will not allow its service providers to use such data for purposes other than those contracted.
IN may transfer Personal Data to entities located outside Brazil, such as for storage on cloud servers in other countries. In this case, IN will adopt the same level of protection for your Personal Data as IN adopts for its own information. Additionally, whenever necessary, IN will use the cross-border processing mechanism required by data protection laws.
Duration of Processing
The Personal Data processed by IN will be deleted when such data are no longer useful for the purposes for which they were collected, or when you request IN to delete your data, except if their retention is expressly authorized by applicable law or regulation, or within the statute of limitations defined by law in the case of any lawsuit or administrative proceeding.
Personal Data may also be retained for compliance with legal or regulatory obligations and exclusive use of IN, including for the exercise of its rights in any lawsuit or administrative proceeding.
LGPD guarantees the Data Subject several rights, which are fully observed by IN. These rights are shown below, so that you can exercise them upon request to IN:
- Confirmation: right to confirm whether IN processes your Personal Data.
- Access: right to access your Personal Data held by IN.
- Correction: correction of lacking data, inaccurate, or outdated data.
- Anonymization, Blocking or Deletion: right to required anonymization, blocking or deletion of unnecessary, excessive, or processed data in breach of the provisions of the law.
- Portability: right to request the Personal Data portability to use across different services.
- Deletion: right to have Personal Data processed with your consent deleted, to the extent permitted by law.
- Information: right to receive information from IN about the public or private entities with which your Personal Data has been shared and about the possibility of not providing consent and the consequences of the refusal.
- Withdrawing Consent: right to withdraw, through a free and facilitated procedure, your consent in relation to the Processing of your Personal Data.
Users' requests will be treated with special care so that IN can ensure the effectiveness of the Data Subjects' rights. It is important to mention that Users may be asked to provide proof of their identity to ensure that the Personal Data is only shared with the Data Subject.
IN will make its best efforts to respond to Users' requests as efficiently as possible; however, in certain cases, the request may not be satisfied due to IN's need to comply with legal or contractual obligations.
Safety and Responsibilities of Processing Agents
IN takes commercially reasonable technical, physical and organizational measures to prevent misuse or destruction, loss, alteration, disclosure, acquisition or accidental, illegal or unauthorized access to Personal Data. Furthermore, as a way of ensuring the security and confidentiality of your Personal Data, IN limits its access on a need-to-know basis, only to personnel who need to have access to it to perform their duties.
All agents processing your Personal Data based on IN's instructions are subject to a duty of confidentiality, and are required to prove compliance with LGPD and other data protection laws.
IN protects its systems from unauthorized access through various levels of access permissions and password controls. In the event of actual or suspected breach of the systems, we will notify you, ANPD and any other applicable authorities about the breach and the measures we have adopted to remedy it.
Although IN uses its best efforts to safeguard the privacy and secure your data, it is important to point out that no transmission of information is completely secure, so that IN cannot fully ensure that all information it receives or sends will not be target of unauthorized access through methods developed to obtain information improperly.
IN reserves the right to change this Policy at any time. We, therefore, recommend users to visit the Website to check any changes. All changes come into effect on the date of publication.
If there is a change to this Policy related to (i) the specific purpose of the Processing of Personal Data; (ii) the form and duration of the Processing of Personal Data; and/or (iii) the information about the shared use of Personal Data, Users will be promptly communicated, either through the contact information kept in IN's database or through notice posted on the Website.
If you have any questions about this Policy or to exercise any right as a Data Subject, please contact IN's Data Protection Officer (DPO) through the contact information below:
Applicable Law and Jurisdiction
Last updated on: December 10th, 2021.