Privacy Policy

At DIBD OMIB CONSULTORIA LTDA, privacy and security are top priorities, and we commit to the transparent handling of the personal data of our users/clients. Hence, this Privacy Policy outlines how we collect, use, and transfer customer information.

By using our services, you understand that we will collect and use your personal information in the ways described in this Policy, under the rules of the Federal Constitution of 1988 (art. 5, LXXIX; and art. 22, XXX – included by EC 115/2022), the Data Protection norms (LGPD, Federal Law 13.709/2018), the consumer provisions of Federal Law 8078/1990, and other applicable Brazilian legal norms.

Thus, DIBD OMIB CONSULTORIA LTDA, hereinafter simply referred to as “DIBD”, registered under CNPJ/MF nº 07.799.440/0001-00, in the role of Data Controller, commits to the stipulations in this Privacy Policy.

1. What data do we collect and for what purpose?
Our company uses some personal data for contracts and for registering employees in e.social to enable the provision of services.

2. How do we collect your data?
Consent:
Your personal data is processed based on your consent. Consent is the free, informed, and unequivocal manifestation by which you authorize DIBD to handle your data. In accordance with the General Data Protection Law, your data will only be collected, processed, and stored with prior and express consent.
By using DIBD's services and providing your personal data, you are aware and consenting to the provisions of this Privacy Policy, as well as understanding your rights and how to exercise them.
At any time and at no cost, you can revoke your consent.

3. What are your rights?
DIBD ensures its users/clients their rights as data subjects provided in article 18 of the General Data Protection Law. Thus, you can, freely and at any time:

• Confirm the existence of data processing, in a simplified or clear and complete format.
• Access your data, requesting them in a legible printed form or through a secure and suitable electronic medium.
• Correct your data by requesting their editing, correction, or update.
• Limit your data when they are unnecessary, excessive, or processed in non-compliance with the law by anonymizing, blocking, or deleting them.
• Request the portability of your data through a report of registration data that DIBD processes about you.
• Delete your data processed based on your consent, except in cases provided by law.
• Revoke your consent, disallowing the processing of your data.
• Inform yourself about the possibility of not giving your consent and the consequences of refusal.

4. How can you exercise your rights as a data subject?
To exercise your data subject rights, you should contact DIBD through the available means:

• Email: rfp@dibdbrasil.com.br

To ensure your correct identification as the data subject, we may request documents or other evidence to verify your identity. In this case, you will be informed in advance.

5. How and for how long will your data be stored?
Your personal data collected by DIBD will be used and stored for the time necessary to provide the service or until the objectives listed in this Privacy Policy are achieved, considering the rights of data subjects and controllers.

In general, your data will be kept while the contractual relationship between you and DIBD persists. After the storage period at DIBD, they will be deleted from our databases, except for legally provided cases in article 16 of the general data protection law, namely:

I - compliance with the controller's legal or regulatory obligation;
II - study by a research entity, ensuring, whenever possible, the anonymization of personal data;
III - transfer to a third party, provided that the data processing requirements set out in this Law are respected; or
IV - exclusive use of the controller, with access by a third party prohibited, and provided that the data is anonymized.

That is, personal information about you that is essential to comply with legal, judicial, and administrative determinations and/or to exercise the right of defense in judicial and administrative proceedings will be kept, despite the deletion of other data.
DIBD's data storage reflects our commitment to the security and privacy of your data. We employ technical protection measures and solutions to ensure the confidentiality, integrity, and inviolability of your data. Additionally, we also have appropriate security measures against risks and control access to stored information.

6. What do we do to keep your data safe?
To keep your personal information safe, we use physical, electronic, and managerial tools aimed at protecting your privacy. 
We implement these tools considering the nature of the collected personal data, the context and purpose of the processing, and the risks that potential violations would pose to the rights and freedoms of the data subject.
Among the measures we adopt, the following stand out:

• Only authorized persons have access to your personal data.
• Access to your personal data is made only after a confidentiality commitment.
• Your personal data is stored in a secure and suitable environment.

DIBD commits to adopting the best postures to avoid security incidents. However, it is essential to point out that no electronic system is entirely secure and free from risks. Despite all our security protocols, issues exclusively due to third parties may occur, such as cyberattacks by hackers, or due to the user/client's negligence or imprudence.

In case of security incidents that may pose a significant risk or damage to you or any of our users/clients, we will notify those affected and the National Data Protection Authority in line with the General Data Protection Law's provisions.

7. With whom can your data be shared?
To preserve your privacy, DIBD will not share your personal data with any unauthorized third party.
Your data may be shared with our business partners. They receive your data only to the extent necessary to provide the contracted services, and our contracts are guided by Brazilian data protection norms.
Additionally, there are other circumstances in which your data can be shared:
I – Legal determination, request, requisition, or court order, with competent judicial, administrative, or governmental authorities.
II – In cases of corporate movements, such as mergers, acquisitions, and integrations, automatically.
III – Protection of DIBD's rights in any type of conflict, including legal ones.

7.1. International data transfer
Some third parties with whom we share your data may be located or have facilities located in foreign countries. In these conditions, your personal data will still be subject to the General Data Protection Law and other Brazilian data protection laws.
In this regard, DIBD commits to always adopt efficient cybersecurity and data protection standards to guarantee and comply with the legal requirements. By agreeing to this Privacy Policy, you agree to the sharing of your data with third parties abroad, being informed that your data will be protected, being processed in accordance with the terms set out in this clause.

8. Responsibility
DIBD provides for the responsibility of the agents who operate in the data processing procedures, in accordance with articles 42 to 45 of the General Data Protection Law.
We commit to keeping this Privacy Policy up to date, observing its provisions and ensuring its compliance.
Furthermore, we also undertake the commitment to seek technical and organizational conditions that are securely apt to protect the entire data processing procedure.
If the National Data Protection Authority requires the adoption of measures regarding the data processing carried out by DIBD, we commit to follow them.

9. Data Protection Officer
DIBD provides the following means for you to contact us to exercise your data subject rights: e-mail and phones.
If you have questions about this Privacy Policy or about the personal data we process, you can contact our Personal Data Protection Officer through the following channels:

REGINA FILOMENA PEREIRA MONTICELLI

rfp@dibdbrasil.com.br

Phones: (15) 3224-1030/3231-4442.