PRIVACY POLICY

INTRODUCTION: WHY A PRIVACY POLICY?

1.1. Thank you for connecting with GMG INTERNET SERVICE LTDA (“Gmg Ambiental”). Through this document (“Privacy Policy”), you will have access to information about all the possibilities of processing your personal data by GMG INTERNET SERVICE LTDA. Therefore, we recommend that you read this Policy carefully.

1.2. Whenever we go to a new place, we create expectations. We want to feel special and well treated. We at Gmg Ambiental know this, and one of our priorities is to offer the best experience for everyone who uses our Website (“Website”), visits our office in person or participates in our events. We know that each person has their own intentions and needs, so we need information that allows us to identify these particularities. Based on this information, we can create a personalized and useful environment for each of our users or visitors. The use of this data needs to be done responsibly and transparently, and for this reason, this Privacy Policy exists.

1.3. This Privacy Policy indicates the ways in which personal data is collected, accessed and used by GMG INTERNET SERVICE LTDA, CNPJ nº 23.729.069/0001-56, owner of the intellectual property rights over the website https://www.gmgambiental.com.br/, by those who simply visit the website https://www.gmgambiental.com.br/, (“user”), or visit our office or events (“visitors”).

1.4. In addition, in order for the User to access and browse the website, it is necessary to freely and expressly accept this Privacy Policy.

In this way, the User will be able to decide whether or not to use this website with much more awareness and transparency.

WHAT DATA DO WE COLLECT?

2.1. The Data we collect is set out in the following table:

CLASSIFICATION

DATA COLLECTED

WHY

CONTACT DETAILS

First name
Last name
Phone
Email
Message, comments, information contained in chat conversations (WhatsApp) and forms (Contact)

To identify you, answer your questions and queries, inform you about news (Newsletter) and measure your satisfaction with our services.

DIGITAL IDENTIFICATION

Date and time stamps;
Pages accessed;
Cookies;
Biometric data;
CCTV images

To identify and authenticate you, comply with legal obligations and ensure your security.

EVENTS

Name;
E-mail;
Telephone;
Company;
Position;
Biometric data;
Image and voice

To register your participation, authenticate your entry, publicize the event and maintain a historical archive.

2.2. Dados públicos: Dados pessoais cujo acesso é público, ou que foram tornados manifestamente públicos pelo Usuário, incluindo eventuais dados sensíveis constantes desses documentos (tais quais definidos pela legislação brasileira, como aqueles que revelem orientação religiosa, política ou sexual, convicção filosófica, participação em movimentos políticos ou sociais, informações de saúde ou genéticas) e conteúdo de acesso público, ressaltando que o tratamento desses dados deve levar em consideração a finalidade, a boa-fé e o interesse público que justificaram sua disponibilização.

NOTA ESPECIAL

3.1. Minors under 16: If you are under 16, you should not register on our sites. Parents and guardians must supervise the online activities of minors under 18.

3.2. Seniors: If you are over 60, we are aware of the necessary precautions to protect your personal data. We are committed to treating your data in a clear, simple, accessible and appropriate manner for your understanding.

DATA UPDATE AND ACCURACY

4.1. You are responsible for the accuracy and updating of your data.

4.2. We are not obliged to process your data if there is a suspicion that the processing may violate the law or if you are using our environments for illegal purposes.

USE OF COOKIES

5.1. Technologies such as “cookies” - a small data file - are used when browsing the Website to transmit, protect and extend Services and advertisements, both within and outside the Website Services, as well as to allow Gmg Ambiental to present the most relevant content to the User, improve its Services and help keep them more secure.

5.2. Cookies are small digital files in text format that are stored on the electronic device used when you access our environments. They store information related to your preferences, such as preferred language, location, frequency of your sessions and other variables that the developers of our environments consider relevant to make your experience much more efficient.

5.3. The specific names of the Cookies and similar technologies used may vary as the Services are improved and updated, but are generally limited to the categories of use exemplified below:

Essential cookies – These cookies enable essential functionality such as security, identity verification, and network management. These cookies cannot be turned off.
Marketing cookies – These cookies are used to track advertising effectiveness in order to provide a more relevant service and deliver adverts more tailored to your interests.
Functional cookies – These cookies collect data to remember choices users make and provide a better, more personalized experience.
Analytics cookies – These cookies help us understand how visitors interact with our website, discover errors, and provide better overall analytics.

5.4. You can set your Cookie preferences directly in your browser. To disable or delete Cookies, in a simple and intuitive way, we have listed below the necessary procedure to be followed according to each browser:

Firefox – “Private Browsing” and managing Cookies in the Firefox browser.
Internet Explorer – “Private Browsing” and managing Cookies from the Internet Explorer browser.
Chrome – “Incognito Browsing” and managing Cookies in the Chrome browser.
Safari – “Private Browsing” and managing Cookies from Safari.
Opera – “Private Browsing” and managing Cookies in the Opera browser.

WITH WHOM AND WHY DO WE SHARE YOUR DATA?

6.1. Personal data collected and recorded activities may be shared:

6.1.1. With competent judicial, administrative or governmental authorities, whenever there is a legal determination, request, requisition or court order; and
6.1.2. Automatically, in the event of corporate transactions, such as mergers, spin-offs, acquisitions and incorporations.

DATA ANONYMIZATION

7.1. For market research, press releases and advertising, personal data will be shared in an anonymized form.

HOW DO WE PROTECT YOUR DATA?

8.1. We have an Integrity Program that contains rules and guidelines for good practices, internal policies and procedures, which establish conditions for organization, training, guidance and mechanisms for supervision and mitigation of risks related to the Processing of Personal Data.

8.1.1. We are committed to establishing partnerships with companies that employ a high level of security in the storage of personal data, establishing contracts that do not violate the terms of this Policy.

8.2. Access restricted to authorized professionals, respecting the principles of proportionality, necessity, and relevance for the objectives of our business, in addition to the commitment to confidentiality and preservation of your privacy under the terms of this policy.

8.3. We do not use any type of solely automated decision that affects your interests.

HOW CAN YOU PROTECT YOUR DATA?

9.1. For the security of your data, it is also important that you protect it against unauthorized access. Learn how:

Do not share your password (if you have one);
Always log out of your account after using a shared computer;

When accessing external links, you must check the existence of their Privacy Policies and Terms of Use, carefully reading the conditions set out.

HOW DO WE STORE YOUR DATA?

10.1. Storage location: The Personal Data processed and activity records (logs) are stored in a secure and controlled environment, which may be on our servers located in Brazil.

10.2. Storage period: We store Personal Data only for as long as necessary to fulfill the purposes for which they were processed or to comply with any legal or regulatory obligations or to preserve rights.

10.3. Data Disposal: Once the retention period and legal need have expired, Personal Data will be deleted using secure disposal methods or used in an anonymized form for statistical purposes.

10.4. The database formed by the collection of personal data is our property and responsibility. Its use, access and sharing will be carried out in accordance with updates to this Policy.

WHAT ARE YOUR RIGHTS?

11.1. The Data is yours and the applicable Legislation provides a series of rights related to it, which may be exercised by you by making a request to our Data Protection Officer (DPO) through our “Contact” section, when filling out the form, or the “WhatsApp” section, or by email at dpo@gmgambiental.com.br.

11.2. See your rights, guaranteed by the LGPD:

Withdrawal of consent: You may choose to withdraw your consent for any purpose to which you have given consent. This withdrawal will not affect the legality of any Processing previously carried out. If you withdraw your consent for purposes essential to the regular functioning of our environments and services, these may become unavailable to you.
Correction: You may request the correction of your Personal Data that is incomplete, inaccurate or outdated.
Objection: You may object to the Processing of your Personal Data if you do not agree with any purpose.
Anonymization, blocking or deletion: You may request the Anonymization of your Personal Data, so that it can no longer be related to you, the blocking of your Personal Data, temporarily suspending the possibility of Processing for certain purposes, or the deletion of your Personal Data.
Access and Confirmation of Processing: You may request confirmation about the existence of Processing and access to your Personal Data, including by requesting copies of records we have about you.
Informações sobre o compartilhamento: Você poderá solicitar informações sobre terceiros com os quais compartilhamos os seus Dados Pessoais, limitando essa divulgação a informações que não violem nossa propriedade intelectual ou segredo de negócios.

11.3. For your security, whenever you submit a request to exercise your rights, we may request additional information to prove your identity, seeking to prevent fraud.

11.4. We may fail to comply with a request if the service violates our intellectual property or trade secrets, as well as when there is a legal or regulatory obligation to retain Data. In addition, we may fail to comply with your request if we need to retain the Data to enable our defense or that of third parties in disputes of any nature.

11.5. We at GMG undertake to respond to all requests within a reasonable time frame and always in compliance with applicable Law.

INFORMATION

12.1. Regarding changes to the content and updates of this Policy, you acknowledge our right to change it at any time, depending on the purpose or need. If there are any relevant updates to the Policy, you will be notified through the contact details you provide us or by posting them on our official profiles.

12.2. If any point of this Policy is considered unenforceable by a Data Authority or in court, the other conditions will remain in full force and effect.

12.3. This Policy will be interpreted in accordance with Brazilian Law, in the Portuguese language.

CUSTOMER SERVICE CHANNELS

13.1. Data Protection Officer or DPO: Patrícia de Paula Polacchini. Contact email: dpo@gmgambiental.com.br or juridico@gmgambiental.com.br.

GLOSSARY

14.1. We know that some definitions used in this Policy may not be as familiar to you in your daily life. For this reason, we have created a small glossary containing their meanings. (If you have any questions about another expression, please do not hesitate to ask us through the customer service channels provided in this Policy.

Anonymization: use of reasonable technical means available at the time of Processing, through which data loses the possibility of association, directly or indirectly, with an individual.

National Data Protection Authority – ANPD: public administration body responsible for overseeing, implementing and monitoring compliance with the General Personal Data Protection Law (Law No. 13,709/2018) throughout the national territory.

Database: structured set of Personal Data, established in one or more locations, electronic or physical.

CCTV: “Closed Circuit Television” or “Closed Circuit Television”, in free translation, Camera monitoring and surveillance system that sends images in real time to a video recorder and/or monitoring center through a wired system or IP.

Controller: a natural or legal person, under public or private law, responsible for decisions regarding the Processing of Personal Data.

Cookies: files installed on a user's device that allow the collection of certain information, including Personal Data in some situations, with a view to fulfilling different purposes.

Personal Data: data relating to a natural person that is capable of identifying them or making them identifiable. For example: name, email, ID number, personal preferences, IP address, geolocation.

Sensitive Personal Data: any Data about racial or ethnic origin, religious belief, political opinion, membership of a trade union or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person.

Data Protection Officer (DPO): person appointed by the Controller and Operator to act as a communication channel between the Data Subjects and the National Data Protection Authority (ANPD).

IP: abbreviation for “Internet Protocol”. It is the set of numbers and letters that identifies the device used by you to access our environments.

Applicable legislation: any law that deals with privacy and protection of Personal Data, especially Law No. 13,709/2018 (General Law on the Protection of Personal Data – LGPD).

Our Environments: refers to our electronic address and its subdomains, our physical units and the events promoted by Us.

Operator: natural or legal person, under public or private law, who carries out the Processing of Personal Data on behalf of the Controller.

Data Holder: natural person to whom the Personal Data that are subject to Processing refer.

Treatment: any operation carried out with Personal Data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination or extraction.

You: user, Personal Data Holder, that is, our customers, professionals, legal guardians or third parties, such as visitors.