This site is maintained and operated by ORYS Soluções e Serviços LTDA.

We collect and use some personal data that belongs to those who use our site. In doing so, we act in the capacity of data controller and are subject to the provisions of Federal Law no. 13.709/2018 (General Law of Personal Data Protection – LGPD).

We take care of the protection of your personal data and therefore provide this privacy policy, which contains important information about:

  • Who should use our site;
  • What data we collect and what we do with it;
  • Your rights in relation to your personal data; and
  • How to contact us.
  1. Data we collect and why we collect it

Our site collects and uses some personal data from our users, as set forth in this section.

  1. Personal data expressly provided by the user

We collect the following personal data that our users expressly provide to us when using our website:

  • Name;
  • Last Name;
  • Company;
  • Position;
  • Email;
  • Mobile Phone Number.

The collection of this data occurs at the following times:

Filling out a contact form

The data provided by our users is collected for the following purposes:

So that we can contact you with offers and marketing

  1. Sensitive Data

We will not collect sensitive data from our users, as defined in arts. 11 et seq. of the Personal Data Protection Act. Thus, there will be no collection of data on racial or ethnic origin, religious conviction, political opinion, membership of a union or religious, philosophical or political organization, data concerning health or sex life, genetic or biometric data, when linked to a natural person.

  1. Cookies

Cookies are small text files that are automatically downloaded to your device when you access and browse a website. They basically make it possible to identify devices, activities, and user preferences.

Cookies do not allow any file or information to be extracted from the user’s hard drive, and it is also not possible, through them, to gain access to personal information that has not come from the user or from the way he or she uses the site’s resources.

  1. Website Cookies

Site cookies are cookies that are sent to the user’s and administrator’s computer or device solely by the site.

The information collected via these cookies is used to improve and personalize the user experience, with some cookies being used, for example, to remember user preferences and choices, as well as to provide personalized content.

  1. Third-Party Cookies

Some of our partners may set cookies on the devices of users who access our site.

These cookies, in general, aim to enable our partners to offer their content and services to the user who accesses our site in a personalized way, by obtaining navigation data extracted from his/her interaction with the site.

The user can obtain more information about third-party cookies and how the data obtained from them are handled, as well as access a description of the cookies used and their characteristics, by accessing the following link:

Hubspot:

https://legal.hubspot.com/cookie-policy

Survicate:

https://survicate.com/wp-content/uploads/2019/04/Privacy-Policy-Survicate-3.0.pdf

Google Analytics:

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=pt-BR

The entities in charge of collecting the cookies may assign the information obtained to third parties.

  1. Cookie management

The user can oppose the use of cookies by the site, simply by deactivating them at the moment he/she starts using the service, by following the following instructions:

Upon entering the site, the user will have the option to block or allow the use of cookies by simply selecting the corresponding option in the popup dialog box automatically loaded as soon as our page is accessed.

Deactivating all cookies, however, will not be possible, since some of them are essential for the site to function properly.

In addition, disabling cookies that can be disabled may harm the user experience, since information used to personalize it will no longer be used.

  1. Sharing of personal data with third parties

We do not share your personal data with third parties. Nevertheless, it is possible that we do it to comply with some legal or regulatory determination, or to fulfill some order issued by a public authority.

  1. For how long your personal data will be stored

The personal data collected by the website are stored and used for a period of time corresponding to that necessary to achieve the purposes listed in this document and that takes into account the rights of its holders, the rights of the website controller and the applicable legal or regulatory provisions.

Once personal data storage periods have expired, they are removed from our databases or anonymized, except in cases where storage is possible or necessary by virtue of a legal or regulatory provision.

  1. Legal bases for processing personal data

A legal basis for processing personal data is nothing more than a legal ground, provided by law, that justifies the use of personal data. Thus, every personal data processing operation needs to have a legal basis corresponding to it.

We process our users’ personal data in the following cases:

  • Upon consent of the personal data subject
  • When necessary to meet the legitimate interests of the controller or a third party
  1. Consent

Certain personal data processing operations performed on our site will depend on the user’s prior agreement, which must be expressed freely, informed and unequivocally.

The user may revoke his or her consent at any time, and if there is no legal assumption that permits or requires the storage of data, the data provided with consent will be deleted.

In addition, if you wish, you may not agree to any personal data processing operation based on consent. In these cases, however, you may not be able to use some functionality of the site that depends on that operation. The consequences of lack of consent for a specific activity are informed in advance of the treatment.

  1. Legitimate interest

For certain personal data processing operations, we rely exclusively on our legitimate interest. To learn more about the specific cases in which we rely on this legal basis, or to obtain more information about the tests we perform to be sure that we can use it, please contact our Personal Data Protection Officer through any of the channels indicated in this Privacy Policy, in the section “How to Contact Us”.

  1. User Rights

The user of the site has the following rights, conferred by the Personal Data Protection Act:

  • Confirmation of the existence of treatment;
  • Data Access;
  • Correction of incomplete, inaccurate, or outdated data;
  • Anonymization, blocking or deletion of data that is unnecessary, excessive or processed in violation of the law;
  • Portability of data to another service or product provider, upon express request, in accordance with the regulations of the national authority, respecting commercial and industrial secrets;
  • Deletion of personal data processed with the consent of the data subject, except in cases provided for by law;
  • Information from public and private entities with which the controller has shared data use;
  • Information about the possibility of not providing consent and about the consequences of refusal;
  • Revocation of consent.

It is important to note that under the LGPD, there is no right to erasure of data processed on legal grounds other than consent, unless the data is unnecessary, excessive or processed in violation of the law.

  1. How the holder can exercise his rights

To ensure that the user who intends to exercise his/her rights is in fact the owner of the personal data that is the object of the request, we may request documents or other information that may assist in his/her correct identification, in order to protect our rights and the rights of third parties. This will only be done, however, if it is absolutely necessary, and the applicant will receive all related information.

  1. Security measures in the processing of personal data

We employ technical and organizational measures to protect personal data from unauthorized access and from the destruction, loss, misplacement or alteration of such data.

The measures we use take into account the nature of the data, the context and purpose of the processing, the risks that a possible violation would create to your rights and freedoms, and the standards currently employed in the market by companies similar to ours.

Among the security measures adopted by us, we highlight the following:

  • Our users’ data is stored in a secure environment;
  • We limit access to our users’ data so that unauthorized third parties cannot access it;
  • We use SSL (Secure Socket Layer) certificates, so that data transmission between users’ devices and our servers happens in an encrypted way;
  • We keep records of all those who have, in any way, contact with our data.

Even if you do everything in your power to prevent security incidents, it is possible that a problem may occur that is exclusively motivated by a third party – such as in the case of a hacking attack. hackers or crackers or, furthermore, in case of the user’s exclusive fault, which occurs, for example, when he himself transfers his data to third parties. Thus, although we are generally responsible for the personal data we process, we disclaim liability in the event of an exceptional situation such as this, over which we have no control whatsoever.

In any case, if any kind of security incident occurs that could generate relevant risk or damage to any of our users, we will notify those affected and the National Data Protection Authority about it, in accordance with the provisions of the General Data Protection Law.

  1. Changes to this policy

This version of this Privacy Policy was last updated on: 09/10/2020.

We reserve the right to modify, at any time, the present norms, especially to adapt them to eventual changes made to our site, either by making new functionalities available, or by suppressing or modifying those already existing.

Whenever there is a change, our users will be notified of the change.

  1. How to contact us

If you have any questions about this Privacy Policy or the personal data we handle, please contact our Personal Data Protection Officer through any of the channels mentioned below:

  • E-mail: dpo@orys.com.br
  • Phone: (11)3995-8161
  • Mailing address: Av. Iraí, 393 – Cj 41 – São Paulo – SP