Form sent successfully!
INTRODUCTION
This document aims to provide transparency to the processing of personal data carried out and controlled by the FCC S.A.. We dedicate this document to explaining how personal data is used by our organization.
Your personal data may be processed by our organization in different situations or for different purposes. In all cases, the rules established by current legislation are followed.
This policy provides applicable guidelines and rules, in accordance with the General Personal Data Protection Law (Law No. 13,709/2018), for all types of personal data processing, however the FCC S.A. may implement its own terms and policies for specific relationships, such as relationships with employees and suppliers.
It is important to note that our personal data processing practices may undergo changes, always aiming to improve the experience of visitors, customers or suppliers, as well as data security. For this reason, it is important to check this policy regularly to find out when there are any changes to this privacy policy.
1. Processed data
Depending on the purpose of the respective processing, the data that our company needs to access, collect or process in general differs.
The data collected may include personal information such as: name; CPF; Identity or professional card; CNH, CTPS or passport; physical, digital or electronic signature; professional qualification; position; employer identification; tax amounts due and/or paid; image; ASO; email address; mobile or telephone number; naturalness.
Only data that is necessary for the purpose for which it is being collected will be processed. Personal data can be collected through physical forms, scanned or via the web, by telephone, email, or electronic messaging services.
For example, if the FCC S.A. needs to register a supplier company, the personal data of the company's partners and/or legal representatives will be processed and eventually, if necessary, some personal documents will be requested. Another example, in transactions involving payment or receipt of amounts, the data collected and saved by us may include name, telephone number, address, email and CPF, amount paid or received and possibly the data of the company where you work.
No excess data will be collected, only essential data will be processed for the respective purpose.
2. Purpose of the data processing
The processing of your personal data is necessary to ensure the execution of our activities, or so that the company you represent - whether as a partner, collaborator or outsourced - can provide us with a service or supply a certain product.
In general, the processing of personal data by the FCC S.A., that is, data relating to natural persons, occurs pursuant to a contract signed between the FCC S.A. and a supplier or client. The processing of data from individuals generally occurs due to the data subject's relationship with the company with which they have an employment, corporate or representation relationship. It may also happen that data from an individual who has a relationship with the FCC S.A. directly as a service provider, advisor or consultant is processed. It is worth noting that this policy does not apply to FCC S.A. employees, as for them there is a specific document on the processing of their personal data.
It is important to clarify that all your data eventually processed by our company is only processed to achieve some purpose based on the General Data Protection Law. Some of the reasons that lead to the processing of personal data by the FCC S.A. are: the formalization and fulfillment of a contract or preparatory acts for a contract; the registration of the person’s signature – whether natural or legal through their representatives – on some document; proof of the regularity of the representation of a third party company; making any payment or receiving amounts; carrying out internal and external audits; customer service; compliance with legal and regulatory obligations; protect the rights of FCC S.A. or third parties in possible judicial or administrative litigation; protection of the life or physical integrity of the holder or third parties; the need to meet the legitimate interests of the FCC S.A. or third parties; fraud prevention; our recruitment and selection processes in which you participate; facilitating communication with you and the contacts indicated by you, in the event of an emergency; ensuring FCC S.A. information and technology security; protection of FCC S.A. equipment and assets.
If there is any doubt about why any of your personal data was requested by the FCC S.A., or what is the legal basis for such processing, we kindly ask you to contact our person in charge, DPO, through the channels indicated at the end of this document, requesting any clarifications you understand relevant. Our company will be ready to provide you with all the information necessary to exercise your rights guaranteed by the General Personal Data Protection Law.
3. Cookies and other Technologies
When you visit or interact with our website or our communication channels, we or our authorized service providers may use cookies and other technologies to store information.
Cookies can be session or permanent. Session cookies expire at the end of the browser session to analyze traffic patterns or to provide a better user experience. Persistent cookies are stored on your device, allowing us to remember your preferred actions.
Own cookies are those defined by the FCC S.A. and third-party cookies are those defined by third parties. We may use third-party websites, applications, and platforms to offer, publicize and perform the services we provide, in this case, the cookies used are from third parties.
Necessary cookies are those essential for FCC S.A. pages to load correctly and allow you to browse our website and use all of the website's features.
We use Cookies and other technologies for the necessary functioning of our website, services and tools to improve our accessibility.
If the user does not accept Cookies, some functionalities of the website, applications and services provided may be compromised. Cookies can be accepted, deleted or rejected through your browser settings. If you have difficulty managing cookies, access the browser “help” menu or contact your browser vendor.
4. Sharing information
The FCC S.A. does not sell any person's personal data under any circumstances. However, data may be disclosed, transferred or shared with third parties or service providers (i) when necessary for the execution of activities developed by FCC S.A., which includes, but is not limited to, database providers, airlines, hotels, email providers, transporters and others; (ii) to preserve rights and/or comply with legal or regulatory obligations; (iii) when user information or activities are considered suspicious, illegal or harmful to the FCC S.A. or third parties; (iv) when requested by public authorities or to comply with a court order; (v) when transactions and corporate changes involving the FCC S.A. occur.
All suppliers or partners who have access to your data do so solely and exclusively for the purpose of fulfilling contractual obligations and within the strict limits established in the General Personal Data Protection Law.
These are activities that eventually require the sharing of your information: ‘cloud’ storage of data; data management through ERP; the transport of physical documents through a delivery company; the exchange of information electronically; chat and electronic messaging applications and services; bill generation; the selection of candidates for job vacancies; the cost of travel and accommodation; audits, consultancies, among others.
Your personal data is accessed by FCC S.A. employees, but access is limited to those who need to know your information for the purposes listed in this privacy term.
Your data may be transferred to other countries. The international transfer of data can be carried out to companies in the same economic group as FCC S.A., its controlling and/or controlled companies, our suppliers or international customers or to international authorities to comply with legal or regulatory obligations.
We also emphasize that in the event that any governmental, police or judicial authority requests your data stored with us, we will need to deliver it to the requesting authority, thus complying with the legal or regulatory obligation, under the terms of the General Personal Data Protection Law.
5. Storage and conservation period
The data processed by the FCC S.A. is archived only for the necessary time, in accordance with the FCC S.A.'s own retention policy.
The period of data conservation and storage varies according to the purpose for which the data was collected or stored.
Your data is stored in secure locations, on servers, data centers, located both in Brazil and in other countries, where our service providers have your data stored. For more information, you can contact the DPO by email, using the contact indicated below.
6. Data security
Various security measures are adopted so that your data is stored securely, complying with all legal measures imposed by the General Data Protection Law. Security measures aim, among others, to prevent unauthorized access, destruction, loss, alteration, or any form of inappropriate or illicit treatment of your data that is with us.
We emphasize, however, that unfortunately no digital platform is absolutely safe. The search for greater security is ongoing in our organization, but no security technology available on the market is infallible, this is a fact. FCC S.A. is not responsible for security incidents that may be generated or caused by third parties, through no fault of its own. Therefore, if you have any questions regarding the processing of your data, please feel free to contact us through our DPO so that we can assist you.
7. The rights of the holder of personal data
The request for any right involving the General Personal Data Protection Law, by the holder, must be made by filling out the relevant form, which must be requested from the DPO by email, through the contact indicated below, or obtained physically at the FCC S.A. headquarters. To request rights, it will be necessary to confirm your identity, therefore, our Manager/DPO will ask you for some data and documents.
The response deadline will be 10 (ten) business days, if there is no specific deadline for response in current legislation. This deadline may be extended, depending on the complexity and number of requests.
Data subjects may request revocation of consent, display, correction of inaccurate, incomplete or outdated data or anonymization, blocking or deletion of their data, deletion of data, except in cases where the maintenance of collected data is necessary to preserve rights and/or compliance with legal or contractual obligations.
Holders may request confirmation of the existence of processing, and access to their personal data processed by us with information about which of their data we keep and its purpose, except for issues of industrial and commercial secrets.
You can request a copy of your data processed by us. If your data has already been deleted or anonymized, it will not be possible to provide a copy of the data.
When your consent is necessary for the processing, you may not provide it, however, some services or the execution of a contract may be totally or partially unfeasible.
Holders may, at any time, revoke consent for future collection and processing of their personal data. Revoking consent may partially or completely make the provision of a service or the execution of a contract unfeasible. The processing carried out before revocation will remain valid.
If there is a request for data deletion, your data will be deleted from all FCC S.A. databases, except for those essential to comply with legal obligations or regulatory bodies, for the protection of our company's rights, in the event of any legal or administrative demand, or in case of transfer to a third party, as long as the data processing requirements set out in the General Data Protection Law are respected; or exclusive use by FCC S.A., access by third parties is prohibited, as long as the data is anonymized.
8. Changes in the privacy and data collection policy
Our privacy policy is constantly being refined and improved, which is why we reserve the right to modify it at any time, without prior notice. To be aware of the changes, we recommend that you visit our page periodically.
If the data subject does not agree with the changes, they must request the deletion of the data via email at dpo@fccsa.com.br.
9. General provisions
If you have any questions about this Privacy Policy, how we handle your personal data or would like to exercise any of your rights under the LGPD, or in case of violation, non-compliance or any irregularity related to the operation with personal data carried out by us or our partners/suppliers, please contact our person in charge of processing personal data/DPO, via email at dpo@fccsa.com.br.
Updated: August 27, 2021.