FIRMARE is a consultancy specialized in the implementation of Food Safety and Quality Management Systems for Food Industries, Restaurants and other Food Service companies based on the following values:
In line with these values, FIRMARE recognizes that the privacy and protection of its customers' personal data is a priority and a commitment for FIRMARE, which is why it establishes this Privacy and Data Protection Policy, in which it undertakes:
This Privacy and Data Protection Policy is based on the concepts defined by the General Data Protection Law (LGPD) and, for its correct interpretation, the terms below must be understood in accordance with the definitions established herein:
Personal Data(s): Information related to an identified or identifiable natural person, being considered identifiable the one that can be identified, directly or indirectly, due to one or more data, such as, for example, a location, a physical identity , genetics, economics, among others.
Database: Structured set of personal data, established in one or several places, in electronic or physical support.
Holder of Personal Data: Natural person to whom the personal data that are subject to processing refer.
Controller: Natural or legal person, public or private, who is responsible for decisions regarding the processing of personal data.
Operator: Natural or legal person, public or private, that processes personal data on behalf of the Controller.
Person in charge: Person appointed by the Controller to act as a communication channel between it, the data subjects and the National Data Protection Authority.
Processing of Personal Data: Any operation carried out with personal data, such as those referring to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, diffusion or extraction.
Consent: Free, informed and unequivocal statement by which the Holder agrees with the processing of his personal data for the purpose previously communicated.
Deletion: Exclusion of data or a set of data stored in a database, regardless of the procedure used.
Shared use of data: Communication, dissemination, transfer, interconnection of personal data or shared treatment of personal databases by public bodies and entities in compliance with their legal competences, or between these and private entities, reciprocally, with specific authorization, for a or more modalities of treatment allowed by these public entities, or between private entities.
Website: Means the website http://www.firmareconsultoria.com.br.
The company responsible and controller for the Processing of Personal Data, for the purposes of this Policy, is the company FIRMARE GERENCIAMENTO E SERVIÇOS EM SEGURANÇA DE ALIMENTOS LTDA.-ME, hereinafter referred to as “Controller” or “FIRMARE”, registered with CNPJ/MF under No. 14.774 .314/0001-56, located at Rua Manoel da Nóbrega, 111, Suite 52, Paraíso, in the City of São Paulo, State of São Paulo, CEP: 04001-090.
FIRMARE may use, store, process and trat Personal Data to:
3.1. Improve and develop its Site, in accordance with the following purposes:
Achieve continual service improvement and enhance customer experience.
3.2. Evaluate, develop and improve the advertising and marketing of FIRMARE brand:
The Data Subject may opt out of receiving marketing communications by following the unsubscribe instructions included in marketing communications and on the Site. If you express your agreement with such receipt, the customer acknowledges and accepts that the information collected by FIRMARE may be used for the advertising purposes mentioned above.
The Site collects a set of data and general information when an automated system accesses it. This general data and information is stored in the server's log files. The collected data can be: (i) the types of browsers and versions used; (ii) the operating system used by the access system; (iii) the site from which an access system arrives at the Site; (iv) the sub-sites; (v) date and time of access to the Site; (vi) internet address (IP address); (vii) access system Internet access provider; and (viii) any other data and information that may be used in the event of attacks on our information technology systems.
The information will be necessary to: (i) deliver the Site's content correctly; (ii) optimize the content of the Site, as well as its advertising; (iii) ensure the long-term viability of our information technology systems and Site technology; and (iv) provide the authorities with the necessary information in case of intrusions or cyber-attacks.
Furthermore, when accessing or logging in through a social media service (Facebook, Instagram, among others) your user ID and/or the username associated with the social media service may be registered and, if so, may collect any information or content that the user has classified as public, for example, profile picture, email address, location, friends lists and others.
The Data Holder may register on the Site by providing his/her personal data such as full name, CPF, address, e-mail and cell phone, for the purposes set forth in Item 3 of this Policy.
When completing registration, the Data Holder expressly, freely and unequivocally consents to FIRMARE the right to collect, store and process his personal data in its database, including but not limited to the information provided by the Holder of Data.
This data is not communicated to third parties, with the exception of those provided for in Item 7 or unless imposed by legal rule or for criminal purposes.
The data subject has the right to obtain from the person responsible for the treatment confirmation that the personal data are being processed or not.
The data subject has the right to obtain free information from the controller about stored personal data at any time.
The holder of personal data has the right to obtain from the controller the correction of incorrect, inaccurate or outdated personal data.
The holder of personal data has the right to obtain from the controller the blocking or deletion of personal data and the controller has the obligation to block or delete, in whole or in part.
The data subject has the right to obtain from the person responsible for the treatment the information that the personal data are or are not being shared with other public and private entities, as well as information on the possibility and not to provide consent for the treatment. of your data.
The data subject has the right to revoke the consent to the processing of his personal data at any time.
In addition to the hypotheses provided for in this Policy and in the applicable legislation, the processing of personal data may also be carried out, even without the due authorization of the holder, in the following hypotheses:
I - For compliance with a legal or regulatory obligation by the Controller;
II - When necessary for the execution of a contract or preliminary procedures related to a contract to which the holder is a party, at the request of the data subject;
III - For the regular exercise of rights in judicial, administrative or arbitration proceedings, the latter under the terms of Law No. 9,307, of September 23, 1996 (Arbitration Law);
IV - When necessary to meet the legitimate interests of the controller or a third party, except in the case of prevailing fundamental rights and freedoms of the holder that require the protection of personal data; or
V- For credit protection, including the provisions of the relevant legislation.
According to the current Policy, personal data will not be transferred or shared with third parties, with the exception of sharing with the Operator itself, third parties that may be contracted for the storage of data or services necessary for data processing, commercial partners and, also, in the case of corporate transactions involving the Controller, in which case the transfer of information will be necessary for the continuity of services.
Personal data will be stored by the Controller for the time necessary for the processing of the data, in accordance with the nature and purpose of the processing.
In addition, the data may be deleted in the following cases:
I - Verification that the purpose has been achieved or that the data are no longer necessary or relevant to achieve the specific purpose sought;
II - Communication of the holder in the exercise of his right of revocation; or
III - Determination of the National Data Protection Authority.
Os dados pessoais que não sejam mais necessários para o cumprimento do contrato ou de uma obrigação legal correspondente são rotineiramente excluídos do Banco de Dados da Controladora.
This Policy is effective November 1, 2019 and will remain in effect for an indefinite period.
This Policy may be amended at any time with the publication of its most recent version, indicating the date on which the last amendment was made.
The Controller recommends that the data subject review this Policy at regular intervals. By visiting the Site, you also acknowledge that it is your responsibility to review this Policy periodically and see what changes may have been made.
In case of doubts related to this Policy or, even, if a data subject wants to exercise the rights related to the confirmation, access, correction, blocking, deletion, information or revocation of consent, he may contact the Data Protection Officer , Mr. _________________, or appointed representative, via email ..............
2022 © All rights reserved | Privacy Policy