You probably already know that the General Law for the Protection of Personal Data 13.709/2018 was created to establish rules dedicated to the processing of personal data by public and private companies, so that the data of the holders are used adequately, with transparency and security.
Here at Semantix, our goal as a company operating in the Analytics, Big Data, and Artificial Intelligence segment is to transform companies into data-driven models, generating value, automation, and efficiency through intelligent solutions. Therefore, the privacy, protection, and security of our operations are a priority.
Our solutions are based on the concept of Privacy by Design, which incorporates the security of personal information throughout the entire lifecycle of the process, ensuring that privacy remains a central focus in our actions.
We have teams dedicated exclusively to the general themes of Information Security, Infrastructure, Privacy, Governance, and Technology Controls, which operate with the mission of ensuring compliance and protection of personal and confidential information through a robust Information Security and Data Privacy Management System, as well as a training and awareness program focused on the prevention and preparation of our collaborators.
We are certified and meet the most rigorous national and international standards of privacy and security, conducting periodic audits to maintain the global ISO/IEC 27001 (Information Security) and ISO/IEC 27701 (Privacy Management) certifications.
We believe that trust is one of the most important pillars in building connections, which is why we present below our Privacy Policy, which aims to provide transparency about how we use and protect your personal data.
Depending on your interaction with us, some personal data may be processed. These include:
Registration data: is the information collected through the contact form available on our site, so that Semantix can address requests, questions, and other interactions with the holder. This data includes full name, email address, and phone number.
Data collected for the effective execution of activities: is the data collected so that Semantix can effectively perform its activities, including providing its services, supplying its products, entering into partnership agreements and/or other contracts, among other related activities. Depending on the specific activity/purpose to be executed, data such as full name, position, company, email address, and phone number may be included.
For the effective provision of our services and products, clients may provide third-party data; in this case, the clients will be the Controllers and responsible for obtaining such data from the data subjects lawfully, with due transparency and with the necessary authorizations.
Browsing data on the site (Cookies): are the data collected when browsing our site, such as IP address, geographical location, referral source, type of browser, duration/frequency of visits, and pages visited. This information is usually obtained automatically through cookies installed in the browser. You can configure your preferences at any time and learn more about how we use cookies through our Cookie Policy.
Your personal data is stored only for as long as necessary to fulfill the purposes for which it was collected, unless there is any other reason for its maintenance, such as compliance with legal, regulatory, contractual obligations, among others, provided that it is based on a legal foundation.
Semantix has a Data Retention and Destruction Policy aimed at guiding and providing transparency to the process of storing and eliminating data in accordance with current legislation and in a secure manner. Whenever possible, we will consider your right to request the deletion or opposition to the processing of data, as described in this Privacy Policy.
Semantix may share personal data with companies in the same group and/or with partner companies and service providers, to the extent that such sharing proves reasonably necessary for the purposes established in this Privacy Policy and for the effective execution of its activities, among which are the provision of its services and the supply of its products.
We may also share data with public authorities and regulatory agencies, in compliance with legal and regulatory obligations.
Semantix may transfer personal data to service providers located abroad, including cloud service providers.
When your personal data is transferred outside of Brazil, Semantix will choose destination countries that have a level of protection equal to or greater than those provided for in Brazilian law and will adopt appropriate measures to ensure the adequate protection of your personal data in accordance with the applicable data protection legislation requirements, including the execution of appropriate data transfer contracts with third parties when required.
To ensure your privacy and the protection of your personal data, we have implemented appropriate technical and organizational measures, such as encryption techniques, access controls, and other data security management measures to prevent unauthorized or illegal processing and against accidental loss, destruction, or damage.
Your data is stored securely on protected equipment, and only a limited number of people will have access to it. In addition, our employees participate in regular awareness programs and training in information security and the protection of personal data.
Additionally, you can help us by adopting good security practices such as not sharing passwords with third parties and using only secure environments.
We are certified in Information Security and Data Privacy, and we conduct regular audits to verify and monitor our controls. To learn more about Semantix's certifications, please refer to the “Certificates” page.
You have rights related to your privacy and the protection of your Personal Data, and in addition to our concern for the security of this data, we also care that you have access to and knowledge of all your rights related to the processing of your Personal Data. These rights include:
Confirm access to the data;
Correct incomplete or outdated data;
Request portability to another company;
Request the revocation of consent;
Confirm the existence of the processing;
Request the deletion of excessive or processed data;
Inform about the consequences of not granting permission;
Inform which companies the data have been shared with.
In order for you to exercise your rights, Semantix provides a specific channel that can be accessed through our form.
Semantix reserves the right to change this Privacy Policy at any time by publishing the updated version on the website. Therefore, we recommend visiting this channel periodically so you are aware of the changes.
Updated on: 04/20/2023
Version: 05
If you have any other questions about how we use your Data, comments or suggestions related to this Policy, or if you believe that your Personal Data has been used in a manner inconsistent with this Privacy Policy or with your choices as a data subject, you can contact our data protection officer at the email encarregado@semantix.ai.
Name: Patrícia de Souza Lira Pachere
Email: encarregado@semantix.ai
LGPD
General Data Protection Law (Law No. 13,709/2018) in effect since 2018, contains guidelines and rules regarding the processing of personal data with the aim of protecting fundamental rights of freedom, privacy, and the free development of the personality of the natural person.
Treatment
Any and all operations performed with personal data. Some examples are: collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, and deletion.
Personal Data
Information related to individuals that can be identified directly or indirectly through a set of information such as name, address, among others.
Data holder
It is the person to whom the personal data refers.
Controller
A natural or legal person who decides how personal data will be processed, also referred to as the data controller.
Operator
Natural or legal person who processes personal data on behalf of the Controller, also referred to as the treatment agent in the position of Data Operator.
Sensitive Data
These are personal data that require greater protection, such as race, sexual orientation, health data, genetic information, or even biometrics, among others related to ethnic origin, religious beliefs, political opinions, affiliation with a union, or to an organization of a religious, philosophical, or political nature when linked to an individual.
ANPD
National Data Protection Authority, responsible for regulating, supporting, and overseeing the application of the LGPD rules.
Legal Bases
These are the legal hypotheses that authorize the processing of Personal Data – it can be your consent or the fulfillment of a legal obligation, for example, among others provided for in the Law.
Data Protection Officer
Person designated by the data processing agents (Controller and Operator) to act as a communication channel between data subjects, the National Data Protection Authority (ANPD), and other processing agents.