1. MANAGEMENT COMMITMENT.
PLM values the privacy of its USERS’ personal data, such as Directors, Employees, Customers and Suppliers, and has created this Privacy Policy to demonstrate its commitment to protecting your privacy and personal data, under the terms of the General Data Protection Law. , as well as describe how your privacy is protected by PLM when collecting, processing and storing your personal information.
PLM follows the Code of Ethics which represents PLM’s mission, vision and values, designed to guide and portray the priority values since its inception, always aiming at an ethical performance of all its Employees towards the CLIENT and SUPPLIER.
1.1. DEFINITIONS.
USERS: all individuals who will make personal data available during the most diverse processes, sub-processes, activities and tasks during the Provision of Auditing, Consulting and Advisory Services by PLM, being as Director, Collaborator, legal representative of the Client and Supplier, over 18 (eighteen) years old or emancipated and fully capable of performing the acts of civil life or those who are absolutely or relatively incapable, duly represented or assisted. USERS are considered internal (Directors and Collaborators) and external (Customers and Suppliers).
PERSONAL DATA: means any information provided and/or collected in the processes, sub-processes, activities and tasks during the Provision of Audit, Consulting and Advisory Services by PLM, such as Director, Employee, legal representative of the Client and Supplier, by any means, even which audiences, which: (I) identifies, or which, when used in combination with other information handled by PLM, identifies an individual; or (II) through which an individual’s identification or contact information can be derived. Personal Data may be in any media or format, including electronic or computer records, as well as paper-based files. Personal Data, however, does not include business phone, business mobile number, business address, business email address. PERSONAL DATA will be considered internal (Directors and Employees) and external (Customers and Suppliers).
PURPOSE: the objective, the purpose that PLM wants to achieve from each act of processing personal data.
NEED: justification for which it is strictly necessary to collect personal data, to achieve the purpose, avoiding excessive collection.
LEGAL BASIS: legal basis that makes the processing of personal data for a certain prior purpose by PLM legitimate.
CONSENT: express and unequivocal authorization given by the User holding the personal data for PLM to process their personal data for a previously described purpose, in which the legal basis necessary for the act requires the express authorization of the holder.
This policy generally applies to all USERS (internal and external) and potential USERS (internal and external) of the services offered by PLM, including Users of websites or other means of relationships operated by PLM and summarizes how PLM may collect , produce, receive, classify, use, access, reproduce, transmit, distribute, process, archive, store, eliminate, evaluate or control information, modify, communicate, transfer, disseminate or extract the collected data, including personally identifiable information , in accordance with applicable legal bases and all applicable privacy and data protection laws.
By providing personal data, being the legal representative of the Client and Supplier, as well as the Company Collaborator in the form of USER, he declares to be at least 18 (eighteen) years old and to have full and express capacity to accept the terms and conditions of this Privacy Policy and of the Consent Term for all legal purposes.
If the USER does not fit the description above and/or does not agree, even in part, with the terms and conditions contained in this Privacy Policy, he/she shall not access and/or use the services offered by PLM, as well as the websites and services rendered by her.
2. COLLECTION AND USE OF PERSONAL INFORMATION.
The User is aware that he knowingly and voluntarily provides information through (specific form), or through the websites and media operated by PLM.
When the User registers and/or fills out forms offered by PLM, including on the websites and means of communication operated by it, certain Personal Data requested will be kept confidential and will be used only for the specific purpose that motivated the registration and will have a pre- -determined for elimination.
3. SHARING AND PROCESSING OF PERSONAL INFORMATION.
PLM will not make Personal Data collected on its websites and media available to mailing list brokers without your express consent.
PLM may disclose the Personal Data collected to third parties in the following situations and within the limits required and authorized by law:
3.1. With its customers and partners when necessary and/or appropriate for the provision of related services;
3.2. With companies and individuals contracted to perform certain activities and services on behalf of PLM;
3.3. With group companies;
3.4. With suppliers and partners to perform the services contracted with PLM (such as information technology, accounting, among others);
3.5. For administrative purposes such as: research, planning, service development, security and risk management.
3.6. When necessary as a result of legal obligation, determination of competent authority, or judicial decision.
In the event of sharing Personal Data with third parties, all subjects mentioned in items 3.1. to 3.6. shall use shared Personal Data consistently and in accordance with the purposes for which it was collected (or to which the User previously consented) and as determined by this Privacy Policy, other website privacy statements or countries, and all applicable privacy and data protection laws.
4. LEGAL REASONS FOR DISCLOSING YOUR DATA.
In certain circumstances, PLM may disclose Personal Data, to the extent necessary or appropriate, to government agencies, consultants and other third parties for the purpose of complying with applicable law or with a court order or subpoena, or if PLM believes good faith that such action is necessary to:
4.1. Comply with legislation that requires such disclosure;
4.2. Investigate, prevent or take action related to suspected or actual illegal activities or to cooperate with public bodies or to protect national security;
4.3. Execution of its contracts;
4.4. Investigate and defend against any third-party claims or allegations;
4.5. Protect the security or integrity of the services (for example, sharing with companies that are experiencing similar threats);
4.6. Exercise or protect PLM’s rights, property and safety;
4.7. Protect the rights and personal safety of its employees, users or the public;
4.8. In the event of the sale, purchase, merger, reorganization, liquidation or dissolution of PLM.
PLM will inform the respective Users of any legal demands that result in the disclosure of personal information, pursuant to what was exposed in item 4, unless such notification is prohibited by law or prohibited by a court order, or even if the request is emergency.
PLM may contest these demands if it considers the requests to be excessive, vague or made by incompetent authorities. other website privacy statements or countries, and all applicable privacy and data protection laws.
5. SECURITY OF PERSONAL INFORMATION.
All Personal Data will be stored in PLM’s database or in a database maintained “in the cloud” by service providers contracted by PLM, which are duly in accordance with current data legislation.
PLM and its suppliers use various security procedures to protect the confidentiality, security and integrity of your Personal Data, preventing the occurrence of possible damages due to the processing of this data.
6. DATA RETENTION.
PLM retains all data provided, including Personal Data, as long as the User’s registration is active and as necessary for the performance of its services.
PLM will retain your Personal Data and keep your data stored until a possible deletion request, or in accordance with the periods described by specific legislation.
PLM may keep your Personal Data after receiving your request for deletion or after the deadlines provided for in specific legislation, if necessary to comply with legal obligations, resolve disputes, maintain security, prevent fraud and abuse and ensure compliance with contracts. .
7. LEGAL BASIS FOR PROCESSING.
PLM only processes Personal Data in situations where it is legally authorized or with the User’s express and unequivocal consent.
As described in this Policy, PLM has legal bases to collect, produce, receive, classify, use, access, reproduce, transmit, distribute, process, archive, store, eliminate, evaluate or control the information, modify, communicate, transfer, disseminate or extract data about the User.
The legal bases include your consent (expressly and unequivocally collected in the Consent Term), contracts and preliminary contractual procedures (where processing is necessary to enter into the contract with the User) and legitimate interests, provided that such processing does not violate your rights and freedoms, as can be seen in the specific legislation.
Such interests include protecting the User and PLM from threats, complying with applicable legislation, regularly exercising rights in judicial, administrative or arbitration proceedings, enabling the performance or administration of business, including quality control, reports and services offered, managing transactions businesses, understand and improve business and customer relationships, and enable users to find economic opportunities.
The User has the right to deny or withdraw the consent provided to PLM, when this is the legal basis for the processing of personal data, and PLM may terminate the provision of its services for this user in the event of such request.
If you have questions about the legal bases for the collection, processing and storage of your personal data, please contact PLM and its Data Protection Officer at dpo@plmconsultoria.com.br
8. RIGHT TO ACCESS AND CONTROL YOUR PERSONAL DATA.
PLM offers the User several options of what to do with their Personal Data collected, processed and stored, including its deletion and/or correction. The User can:
8.1. Delete data: the User may request the deletion of some of their Personal Data (for example, if they are no longer needed to provide services).
8.2. Change or correct data: the User may edit or request the editing of some of their Personal Data. The User may also request updates, changes or corrections to their data in certain cases, especially if they are incorrect.
8.3. Placing Objections, Limits or Restrictions on the Use of Data: You may request to stop using all or some of your Personal Data (for example, if we do not have the right to continue using it), or to limit our use of such data (for example, if your Personal Data is incorrect or stored illegally), noting that PLM may process Personal Data in accordance with specific legislation.
8.4. The User has the right to access or take their data: the User may request a copy of their Personal Data and the data that the User has provided in a readable format in printed form or by electronic means.
The User may make the requests listed above by contacting our Data Protection Officer through the email: dpo@plmconsultoria.com.br and these requests will be considered in accordance with applicable laws.
9. WEBSITE AND COOKIES.
PLM treats personal data on its website as follows:
- Web site:
1) Through the contact form, through your name, e-mail, telephone and free message. This data is sent to our corporate email (atendimento@plmconsultoria.com.br) and used solely and exclusively to meet the user’s request according to the message sent. The forms are stored in a specific area of our cloud platform (Microsoft 365), with limited access control and user access log as well as access history and document modifications. The entire form of treatment, treatment time, objectives and other requirements described in the General Data Protection Law are described in the Consent Term for Data Processing for the contact form.
2) Through the work with us form, with the collection of full name, e-mail, telephone, desired position and attaching the curriculum vitae. The entire form of treatment, treatment time, objectives and other requirements described in the General Data Protection Law are described in the Consent Term for Data Processing related to the CV database, attached to this privacy policy. The CVs are stored in a specific area of our cloud platform (Microsoft 365), with limited access control and user access log as well as access history and document modifications.
3) Through the Personal Data Holder’s request form, with the collection of the full name, RG number, CPF number, e-mail and telephone. These data, as well as the demand of the holder of personal data, are forwarded through an automated form directly to the contact e-mail of the Data Controller to meet the demand of the holder of personal data. Requests are stored in a specific area of our cloud platform (Microsoft 365), with limited access control and user access log as well as access history and document modifications. The entire form of treatment, treatment time, objectives and other requirements described in the General Data Protection Law are described in the Consent Term for Data Processing specific to the personal data subject’s request form.
- Cookies: The first-party cookies used on our website are exclusive to visual plugins. They do not process the user’s personal data, but are used to identify the user’s browser and adjust it for better navigation performance on our website. The secondary cookie is used to adjust and direct access to corporate webmail. This cookie is only directed to employees who access the webmail and is not applied to common and public users.
10. POLICY REVISIONS.
If PLM modifies this Privacy Policy, such changes will be posted visibly on the PLM website (www.plmconsultoria.com.br). This Policy is valid from 09/17/2021. If the User has any questions regarding the privacy policies, please contact PLM through the Data Protection Officer (“DPO”) service channel dpo@plmconsultoria.com.br.
11. CONTACT.
PLM has appointed Director Filipe Medina da Silva as Data Protection Officer (“DPO”). The User may contact the DPO at the following email address dpo@plmconsultoria.com.br
12. MEDIATION AND ELECTION JURISDICTION.
This policy is subject to the Law of the Federative Republic of Brazil and the Judicial District of Niterói/RJ is competent to settle any dispute in relation to it.
In the event of an incident involving Personal Data, PLM reserves the right to appoint the Mediation Chamber capable of resolving issues involving the Users who own the data, pursuant to article 52, §7 of the General Data Protection Law.
Although PLM uses security measures and monitors its system for vulnerabilities and attacks to protect your Personal Data from unauthorized disclosure, misuse or alteration, the User understands and agrees that there is no guarantee that the information will not be accessible, disclosed , altered or destroyed for breach of any of the physical, technical or administrative safeguards.
Filipe Medina da Silva
Commercial Director
Luiz Fernando do Amparo Calegario
Technical Director
Marcio de Mendonça Fernandes
Technical Director
Paulo Ricardo L. Voltz
Commercial Director