ASM CONSULTORIA E DESENVOLVIMENTO DE SISTEMAS LTDA., headquartered at Avenida Brigadeiro Faria Lima, nº 1461/suite 41, Jardim Paulistano, São Paulo/SP, ZIP Code 01.452-002, registered with CNPJ/MF under nº 04.140.974/0001-21, is committed to respecting the privacy of its users, as well as protecting and securing their personal data.

This Privacy Notice (“Notice”) aims to clarify which information is collected from users of our websites and respective products and services (“Products” and “Services”) – and how this data is processed.

To offer Products and Services to its clients, ASM, through its website, platform, and applications, collects various data and information, primarily aiming to provide an increasingly better experience for you.

ASM recognizes that your privacy is very important, and therefore, we take all possible measures, within the best practices and existing solutions, to protect it. In this regard, this Notice aims to inform you how your personal data will be processed, with whom it may be shared, and what rights data subjects have regarding the protection of their personal data.

This document is an integral part of the Terms and Conditions of Use, which contains information about the use, disclaimers, and limitations of liability regarding the use of ASM’s website, platform, and applications.

This Notice has been written in a simple and accessible manner, precisely so that you can read and understand how we use your data to provide a safe and comfortable experience in using the Products and Services offered.

Your acknowledgment of this Notice will be considered formalized when you enter your information or register on our website, platform, or applications to use the Products and Services offered by ASM, even if free of charge. This will indicate that you are aware and in full agreement with how we will use your information and data.

If you do not agree with this Notice, please do not continue with your registration process to request the Products and Services provided or offered by ASM. However, we kindly ask you to inform ASM of any disagreement so that we can use your reasons to evaluate the revision of this Notice.

This Policy is divided as follows to facilitate your understanding:

1. INFORMATION WE COLLECT
2. SOCIAL MEDIA
3. PURPOSES AND LEGAL BASES
4. ABOUT ACCESS TO YOUR PERSONAL DATA
5. ABOUT DATA SHARING
6. INTERNATIONAL TRANSFERS
7. SECURITY MEASURES
8. YOUR RIGHTS
9. MODIFICATION/DELETION OF PERSONAL DATA
10. TERMINATION OF PROCESSING
11. DATA PROTECTION OFFICER (DPO)
12. CHANGES TO THE PRIVACY NOTICE

Any questions regarding this Notice can be clarified by contacting us via the email address privacidade@asmlatin.com, indicating “Personal Data Privacy” as the subject.

1. INFORMATION WE COLLECT

Information provided by you – From the information you provide by filling out the forms available on our website, platform, and applications, ASM will collect personal identification data, such as, for example, name, CPF, address, and business mobile phone.

Occasionally, additional information may be requested through direct contact from ASM with users, in person, via email, or by phone. Below are the personal data collected by ASM during your interactions with us on our website, platform, and applications:

ORIGIN	DATA COLLECTED	PURPOSE
Website Navigation	Navigation data: data collected through cookies or device IDs, including IP, access date and time, geolocation, browser type, visit duration, and pages visited.	Access record: we have a legal obligation to store some of your information (such as your IP, access date, and time) to potentially provide it to judicial authorities.
Contact (website)	Contact data (non-client): Name; email; company; position.	Contact: when you contact ASM through our website, the personal data indicated will be used for ASM to conduct the service.
Registration Form on the Website, Platform, and Application	Registration data: name; corporate email; CPF; company you work for; password. After account creation, additional data may be requested: position; company you work for; business mobile phone.	Registration: we will use this data for your registration on ASM’s website, platform, and application.

Website navigation information – When you access our website, platform, and application, a ‘cookie’ may be installed in your browser to identify how many times you return to our address. In this case, information such as IP address, geolocation, referral source, browser type, visit duration, and pages visited may be collected. For more information, access our Cookie Policy.

Contact history – ASM stores information regarding all contacts made with our users, such as in-person interactions, via phone, or email.

Data generated by the use of our Services or requests for our Products – If you use any of our Services or request our Products, ASM may collect additional information necessary to execute the service or product supply contract. In this case, contact data such as your full name, corporate email, phone number, CPF, location data such as country, city, state, workplace address, number, and address complement may be collected.

For registration and access to the technical solutions offered, we process identification data of our clients’ employees. This data, which is shared and controlled by our clients, includes name, CPF, corporate email, company, access credentials (login), and password.

2. SOCIAL MEDIA

ASM also uses social media to communicate and interact with its clients and consumers through third-party websites such as Facebook, Instagram, or LinkedIn. These third-party websites are internet-based technologies that are neither operated nor controlled by ASM. By interacting, sharing, or “liking” ASM’s page on Facebook, Instagram, LinkedIn, or other social media, you may disclose certain personal information to ASM or third parties.

We use “social buttons” to allow our users to share or bookmark web pages. These are buttons from third-party social media websites that may record information about your online activities, including this website. Please review the respective terms of use and privacy notices of these platforms to understand how they use your information and how to opt out or delete such information.

The amount of visible personal information will depend on your own privacy settings on Facebook, Instagram, LinkedIn, and other social media platforms.

3. PURPOSES AND LEGAL BASES

Below, we outline the purposes and legal bases for ASM’s data processing:

Fulfill the contract established with our clients.	Determined by our client, as the controller of personal data.
Comply with terms and conditions established in contracts.	Necessary for the performance of a contract in which the data subject is a party.
Recruitment and evaluation of suitability for job vacancies.	Justified based on the employee’s consent, if they express interest in receiving a specific benefit.
Administration of employee benefits.	Justified based on the employee’s consent, if they express interest in receiving a specific benefit.
Communication with you, in cases not specified in this table (including emergencies and to provide requested information).	Justified based on our legitimate interests to ensure proper communication and emergency management within the organization.
Compliance with legal requirements.	Necessary to comply with a legal obligation to which we are subject.
Monitoring your use of our systems (including monitoring the use of our website and any applications or tools you use).	Justified based on our legitimate interests to avoid non-compliance and protect our reputation.
Social listening (identifying and analyzing what is being said about ASM on social media [only publicly accessible content] to understand sentiment, intent, disposition, market trends, and the needs of our stakeholders to improve our services).	Justified based on our legitimate interests to protect our assets and brand on social media.
Improving the security and functionality of our website, application, networks, and information.	Justified based on our legitimate interests to ensure an excellent user experience and that our networks and information are secure.
Offering our products to you (unless you have objected to such processing).	Justified based on our legitimate interests to promote our business.
Defining profiles for ad targeting.	Justified based on our legitimate interests to support and promote ASM’s activities.
Providing information required by government authorities.	To comply with a legal obligation.

We only rely on our legitimate interests for specific purposes. These personal data processing activities do not override the interests, rights, and freedoms of data subjects in any way.

4. ACCESS TO YOUR PERSONAL DATA

Without prejudice to item 5 below, access to your personal information will be restricted to ASM employees, and among them, only those with specific internal authorizations. Occasionally, if your information is entered in actions created through partnerships, explicitly identified partners will also have access to the information. Except as otherwise provided by law, no personal data may be publicly disclosed without your prior and express authorization.

All your data is confidential, and any use of such data will comply with the law and this Policy.

ASM will make all reasonable market efforts to ensure the security of our systems and, consequently, your personal data. Whenever possible, all your information will be encrypted, unless this prevents its use by ASM.

Among other rights provided by law, you may, at any time and upon request, access your personal data stored in our systems.

ASM will retain your personal data and information only for as long as necessary or relevant for the purposes described in this Policy, or for periods predetermined by law, or until they are necessary to maintain ASM’s legitimate interests, as provided by law.

5. DATA SHARING

ASM does not practice the disclosure of information that can identify the data subject. This data is for exclusive internal use by the organization to achieve the purposes outlined in the previous section.

ASM may share your personal data with partners or third parties as reasonably necessary for the purposes set out in this Policy and for the proper provision of our services.

All data, information, and content about you may be shared with third parties when and to the extent strictly necessary, in the case of negotiations involving ASM.

Data may be shared with third parties only under the following conditions:

• By judicial decision or request from government oversight bodies;
• Data transferred to public entities to comply with current legislation, such as personal data included in electronic invoices and their respective XMLs or employee data necessary for INSS or FGTS payments;
• Data transferred to accounting or human resources service providers to meet tax and labor obligations;
• Data transferred to financial institutions to enable payment options for our clients or payments to our employees and service providers;
• Data transferred for the execution of the contract, as well as to protect ASM’s interests in any type of conflict, including lawsuits;
• In the case of corporate transactions such as mergers, acquisitions, transformations, splits, or partial or total asset sales, we may share, disclose, or transfer all data subjects’ data to the successor organization.

Some of the service providers mentioned above may be located abroad, and in such cases, ASM adopts additional safeguards to ensure an adequate level of personal data protection, in accordance with applicable Brazilian legislation.

6. INTERNATIONAL TRANSFERS

ASM will carry out international data transfers only for legitimate, specific, and explicit purposes, previously informed to data subjects, in compliance with the legal bases for processing. These transfers will be conducted using valid mechanisms that ensure adequate data protection, as provided by current Privacy Legislation.

ASM is committed to ensuring that all operations respect data protection principles, including transparency and accountability in the processing of personal information.

7. SECURITY MEASURES

To ensure the protection of your data, we use technical and administrative security measures to prevent unauthorized access and accidental and/or unlawful situations of manipulation, loss, destruction, and/or alteration of said data.

Security measures are continuously improved and adapted as applicable technology evolves, and best market practices are observed in this regard.

Whenever possible, all your information will be encrypted, unless this prevents its use for the purposes outlined herein.

8. YOUR RIGHTS

You may exercise your rights regarding the personal data processed by us, which include:

I. Confirmation of the existence of processing;

II. Access to the data;

III. Correction of incomplete, inaccurate, or outdated data;

IV. Anonymization, blocking, or deletion of unnecessary or excessive data;

V. Data portability to another service or product provider, upon express request, in accordance with national authority regulations, respecting commercial and industrial secrets;

VI. Deletion of personal data processed with the data subject’s consent;

VII. Information about public and private entities with which the controller has shared data;

VIII. Information about the possibility of not providing consent and the consequences of refusal;

IX. Revocation of consent;

X. Review of automated decisions.

Data subjects may exercise their rights by accessing the Data Subject Access Request (DSAR).

To fulfill your rights, we need to confirm that the person exercising these rights is indeed you or someone authorized to act on your behalf. Therefore, we may request additional data or information to verify the identity and authenticity of the data subject. This data and information will be protected during the storage period and deleted after the legal deadline for the regular exercise of rights.

Please note that rights are not absolute and may not apply in all cases, but we will always do our best to honor your rights under applicable data protection laws.

Thus, ASM will always evaluate the best way to fulfill your request to exercise any of your rights. However, ASM may refrain from fulfilling your request, in whole or in part, in specific situations protected by law, such as to comply with a legal obligation or a contract with you.

We emphasize the importance of keeping your personal data accurate and up to date. To this end, please keep ASM informed if your personal data changes or is incorrect.

In cases where ASM acts as a personal data processor, requests will be forwarded to the controller for evaluation and decision on the measures to be taken.

9. MODIFICATION/DELETION OF PERSONAL DATA

You may opt out of receiving further emails from ASM, except for emails essential to the continuity of our services or those that ASM is legally or regulatorily required to send to its users.

All emails we send include a link to request the cancellation of your registration, available in the last lines of the emails. By clicking this link, you will be automatically removed from the contact list.

It is important to note that filling out any form or registering again will result in the reinsertion of your email into ASM’s contact list. Therefore, you will need to request cancellation again if you wish to opt out.

All collected data will be deleted from our servers upon your request or when it is no longer necessary or relevant to provide our Products and Services, unless there is another reason for its retention, such as a legal obligation to retain data or the need to preserve it to protect ASM’s rights. To modify or delete your personal information from our database, simply send an email to privacidade@asmlatin.com.

10. TERMINATION OF PROCESSING

This Privacy Notice applies to the circumstances mentioned above throughout the period during which ASM stores personal data. We store and maintain your information: (a) for the time required by law; (b) until the termination of personal data processing, as detailed below; or (c) for the time necessary to safeguard ASM’s rights. Thus, we will process your data, for example, during the applicable statute of limitations periods or as long as necessary to comply with legal or regulatory obligations.

The termination of personal data processing will occur in the following cases: (a) when the purpose for which the personal data was collected is achieved, and/or the collected personal data is no longer necessary or relevant to achieving such purpose; (b) when the Data Subject requests the deletion of their data; (c) when there is a legal determination to that effect; and (d) when the termination of processing is determined by the Controller.

In cases of termination of personal data processing, except for the cases established by applicable legislation or this Privacy Notice, the personal data will be deleted.

11. DATA PROTECTION OFFICER (DPO)

ASM provides below the contact details of the Data Protection Officer (DPO), who is responsible for handling any requests from data subjects or the National Authority related to personal data.

For any questions, requests, or complaints regarding the processing of personal data, please contact our Data Protection Officer:

DPO EXPERT® (www.dpoexpert.com.br)

Responsible: Rafael Susskind

Substitute Responsible: Renata Adeli Franhan Parizotto

Contact: privacidade@asmlatin.com

If, despite our commitment and efforts to protect your data, you believe your data protection rights have not been met, we kindly ask you to contact our DPO. Additionally, you have the right, at any time, to file a complaint directly with the National Data Protection Authority if you believe your personal data rights have been violated.

12. CHANGES TO THE PRIVACY NOTICE

This Notice may be updated. Therefore, we recommend periodically visiting this page to stay informed about any changes. If significant changes requiring new authorizations are made, we will publish the updated Privacy Notice.

This Notice was last modified on December 17, 2024.