Privacy policy

Last updated on November 1, 2021

This Privacy Policy ("Policy") has been prepared based on Law No. 13,709/2018 (the "Lei Geral de Proteção de Dados (LGPD)) and sets out the privacy practices adopted by BS DE CASTRO INFORMÁTICA registered with the CNPJ under nº 13.076.798/0001-05 (hereinafter “Bybrand”, "we", "us" or "our").

Controller
For the purposes of this Policy, decisions regarding the treatment of personal data are the responsibility of
Bs de Castro - Web Solutions BS de Castro - Informatica tradings as Bybrand
Avenida Padre Guilherme Decaminada 1001 Lot 2 Block 9 Apt 203
Santa Cruz
Rio de Janeiro RJ
23575-000
Brazil

www.bybrand.io
privacy@bybrand.io

We at Bybrand, understand how relevant electronic records and personal data left by you ("User") when using our website ("Pages") are. This Policy sets forth in a simple, transparent and objective manner how we collect, use and transfer information from Users who access or use our Sites.

This policy applies to Bybrand Pages, which means all pages available on the Bybrand website accessible via www.bybrand.io and those of its affiliates and includes all of our products and/or services.

By using our websites and providing your personal data, you are aware of the provisions of this policy, which is written in accordance with the LGPD and other applicable regulations of the Brazilian legal system.

WHAT DATA DO WE COLLECT ABOUT YOU AND FOR WHAT PURPOSE?

Our Pages collect and use certain personal data from Users in order to provide services and improve the user experience.

Personal information we may collect

Personal information provided by you the owner of the data and/or automatically collected from your device include:

  • Cookie Preferences
  • Performance Cookies
  • Targeting cookies
  • Strictly necessary cookies
  • Browser data
  • Account username
  • E-mail
  • First and last name

Use of Your Personal Data

We may use Personal Data for the following purposes:

  • to provide and maintain our Service
  • for the performance of a contract
  • to contact you
  • to manage your requests
  • for business transfers
  • provision of support for our products and/or services
  • marketing
  • exercise of your and our rights under any applicable law
  • data leak prevention
  • confidentiality agreements
  • security of our pages and services

How do we collect your data?

We may collect and use personal information that identifies, relates to, describes, is reasonably capable of being associated with, or can be reasonably linked, directly or indirectly, to a particular User. We collect most of this information directly from Users - in person, by phone, by message or email, and/or through our Pages and applications - by filling out forms available through our Pages, information about our products or services, while browsing our Pages (through Cookies). We may also collect information from Users through databases accessible to the public (for example, public records), databases of third parties (for example, confirmation of data from the professional resume, depending on the function to be performed) or through the use of our Information Technology ("IT") systems.

WHAT ARE YOUR RIGHTS?

Bybrand ensures all its Users exercise their rights as personal data subjects under article 18 of LGPD. In this way, you may, free of charge and at any time rely on the nine fundamental rights:

  • The right to confirmation of the existence of the processing;
  • The right to access the data;
  • The right to correct incomplete, inaccurate or out-of-date data;
  • The right to anonymise, block, or delete unnecessary or excessive data or data that is not being processed in compliance with the LGPD;
  • The right to the portability of data to another service or product provider, by means of an express request;
  • The right to delete personal data processed with the consent of the data subject;
  • The right to information about public and private entities with which the controller has shared data;
  • The right to information about the possibility of denying consent and the consequences of such denial; and
  • The right to revoke consent.

HOW CAN YOU EXERCISE YOUR RIGHTS AS A DATA SUBJECT?

To exercise your rights as a data subject, you must contact Bybrand by e-mail: privacy@bybrand.io.
In order to ensure that you are correctly identified as the owner of the personal data that you are requesting, we may request documents or other evidence to prove your identity. In this case, you will be informed in advance.

HOW AND FOR HOW LONG WILL YOUR DATA BE STORED?

Your personal data collected by Bybrand will be used and stored for as long as necessary for the provision of the service or for the purposes indicated in this Privacy Policy, taking into account the rights of the data subjects and the Controller(s).

In general, your data will be kept for as long as the contractual relationship between you and Bybrand lasts. Once the storage period of your personal data has ended, it shall be deleted from our databases, except in the cases legally provided for in Article 16 of the LGPD, namely:

  • Compliance with a legal or regulatory obligation by the Controller(s) (incision I, Art. 16 of the LGPD);
  • Study by research body (clause II, Art. 16 of LGPD);
  • Transfer to a third party, provided the data treatment requirements set forth in clause III, Art. 16 of LGPD are met; or
  • Exclusive use of the Controller(s), with no access by third parties (clause IV, Art. 16 of LGPD).

That is, personal information about you that is indispensable for compliance with legal, judicial and administrative determinations and/or for exercising the right of defense in legal and administrative proceedings shall be kept, despite the exclusion of other data.

The storage of data collected by Bybrand reflects our commitment to the security and privacy of your data. We employ technical protection measures and solutions that are capable of ensuring the confidentiality, integrity and inviolability of your data. In addition, we also have security measures that are appropriate to the risks and control access to the information stored.

WHAT DO WE DO TO KEEP YOUR DATA SECURE?

To keep your personal information secure, we use physical, electronic and managerial tools geared to protecting your privacy. We apply these tools taking into consideration the nature of the personal data collected, the context and purpose of the processing and the risks that possible breaches would create to the rights and freedoms of the holder of the collected and processed data. Among the measures we have adopted, we highlight the following:

  • Only authorised persons have access to your personal data.
  • Access to your personal data is only made after a confidentiality agreement.
  • Your personal data is stored in a secure and reliable environment.

Bybrand undertakes to adopt best practices to avoid security incidents. However, it should be noted that no web page made available on the Internet is entirely safe and risk-free. It is possible that, despite all of our security protocols, problems may occur due to the fault of third parties, such as cyber attacks by hackers, or as a result of the User's own negligence or imprudence.

In case of security incidents that may generate relevant risk or damage to you or any of our Users, we will communicate to those affected and the National Data Protection Authority (ANPD) about the occurrence, in line with the provisions of the LGPD.

WITH WHOM MAY YOUR DATA BE SHARED?

For the purposes of preserving your privacy, Bybrand will not share your personal data with any unauthorized third party.

Your data may be shared with individuals within Bybrand or workin on our behalf who will receive your data only as necessary, such as in connection with corporate IT systems and applications that may store personal information we have about you, in reliance on one of the requirements under Art. 33 of LGPD for international data transfer.

In addition, your data may be shared with companies that provide services to Bybrand, with whom we may occasionally share information, always under contractual clauses on the protection of personal data, concluded between such processing agents. They receive your data only to the extent necessary to provide the contracted services and our contracts are guided by the data protection standards of the Brazilian legal system. However, our partners have their own Privacy Policies, which may differ from this one. We recommend reading these documents whenever possible.

In addition, there are also other circumstances in which your data may be shared:

  • Legal determination, request, requisition or court order, with competent judicial, administrative or governmental authorities.
  • In case of corporate movements, such as mergers, acquisitions and incorporations, automatically.
  • Protection of Bybrand's rights in any type of conflict, including legal ones.

International transfer of data

Some of the third parties with whom we share your data may be located or have facilities located in foreign countries. If so, your personal data will nonetheless be subject to the LGPD and other Brazilian data protection laws.

In this regard, Bybrand undertakes to adopt efficient cybersecurity and data protection standards and best efforts to ensure and comply with legislative requirements.

By using our websites and services and providing your personal data, you will have agreed to this sharing, which shall occur in accordance with the purposes described in this Privacy Policy.

Email Marketing

We may use your personal data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us. We use the Email Marketing Service Provider Mailchimp to manage and send emails to you. Mailchimp is an email marketing sending service provided by The Rocket Science Group LLC. For more information on the privacy practices of Mailchimp, please visit their Privacy policy: https://mailchimp.com/legal/privacy/

Payments

We may provide paid products and/or services within the Service. In that case, we may use third-party services for payment processing (e.g. payment processors). We will not store or collect Your payment card details. That information is provided directly to Our third-party payment processor Paddle whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. Paddle`s Privacy Policy can be viewed at https://paddle.com/privacy/

COOKIES OR BROWSING DATA

Bybrand may use Cookies on its Pages to facilitate your browsing experience and analyse how you use our Pages. Each website shall provide information on how you can better understand how Cookies work and how to use the tool available to configure them. For additional information, please refer to our Cookie Policy.

LIABILITY

Bybrand provides for the liability of agents acting in data processing processes, in accordance with articles 42 to 45 of the LGPD.

We undertake to keep this policy up to date, observe its provisions and ensure compliance with it.

In addition, we also undertake to seek technical and organisational measures that are suitable to protect the entire data processing process.

Should the ANPD require us to take steps in relation to the data processing carried out by Bybrand, we undertake to follow them.

Disclaimer

As mentioned in the above section, although we adopt high security standards in order to avoid incidents, no website is entirely free of risk. In this respect, Bybrandn is not liable for

  • Any consequences arising from Users' negligence, imprudence or lack of skill with regard to their individual data. We guarantee and accept sole responsibility for the security of the data processing processes and the fulfilment of the purposes described herein. We emphasize that the responsibility regarding confidentiality of access data lies with the User.
  • Malicious actions by third parties, such as hacking attacks, unless culpable or deliberate conduct by Bybrand is proven.

We emphasize that in case of security incidents that may generate risk or relevant damage to you or any of our Users, we shall notify those affected and the ANPD of the event and take the necessary measures.
Inaccuracy of the information entered by the User in the records required to use Bybrand's services; any consequences arising from false information or information entered in bad faith are entirely the responsibility of the User.

DATA PROTECTION OFFICER

For the purposes of this Policy and in accordance with Article 41 of the LGPD, we have appointed a Data Protection Officer ("DPO").

You may contact our Data Protection Officer by sending an e-mail to privacy@bybrand.io if you:

  • have any questions about this Privacy Policy,
  • wish to file a complaint about a possible violation of data protection laws,
  • have any requests related to your rights, and
  • wish to access, correct incomplete, inaccurate or outdated data.

Please note that deletion of information essential to Bybrand's account management and services may result in termination of your registration and consequent cancellation of services provided to you.

We will make every effort to respond to your requests in the shortest possible time, and always in strict compliance with applicable law. In some cases, requests for deletion may not be honoured immediately, due to a legal obligation.

CHANGES TO THIS PRIVACY POLICY

The current version of this Privacy Policy was last updated in November 2021. We reserve the right to modify this Privacy Policy at any time, in particular to conform to changes on our Sites or to changes in legislation. We recommend that you review it frequently. Any changes will be effective as soon as they are posted on our Sites.

By using our services and providing your personal data after such changes, you will have consented to the Privacy Policy modifications.

LAW AND JURISDICTION

This Policy shall be governed, interpreted and executed in accordance with the Laws of the Federative Republic of Brazil, especially Law No. 13.709/2018, regardless of the Laws of other states or Countries, being competent the jurisdiction of the domicile of the User to settle any doubt arising from this document.


Contact us

If you have any questions about this privacy policy, please contact us. privacy@bybrand.io