Privacy Policy

CIA. DE FIAÇÃO E TECIDOS CEDRO E CACHOEIRA (“Cedro”), a legal entity under Private Law, registered with CNPJ under number: 17.245.234/0001-00, headquartered in Belo Horizonte (MG), at Rua Paraíba, No. 330, 9th floor, Funcionários District, Postal Code 30130-917, is committed to transparency, privacy and security of data of subjects throughout the entire processing cycle of personal data. Therefore, so that you better understand what information we process, this privacy policy (“Privacy Policy”) describes the information and personal data we collect, how they are used, stored, and shared, as well as what measures we apply to keep them safe.

1 – GENERAL TERMS

This policy is applicable to all our customers, service providers, employees, or people who for some reason Cedro may have to process data as a controller.

The practices described in this privacy policy only apply to the processing of your personal data in Brazil and are subject to applicable local laws, with emphasis on Law No. 13.709/2018 (General Personal Data Protection Law, or “LGPD”) and to the complementary rules that may be issued by the national data protection authority (“ANPD”).

The terms “Cedro”, “we” or “our” refer to the controller of your personal data, that is, the company CIA. DE FIAÇÃO E TECIDOS CEDRO E CACHOEIRA. The terms “user”, “you”, “your” or “yours” refer to you, our client, service provider, employee, collaborator, or applicant for employment.

2 – WHAT DATA IS COLLECTED BY CEDRO
See below what personal data we can collect in each situation, divided into categories:

Personal data provided by you:

  • Receive complaints and communications from holders, provide clarifications and adopt measures;
  • Data for drafting contracts, such as full name, photo, postal code, address, valid document number;
  • Contact data, such as telephone and email;
  • Banking and billing and/or payment details, as well as those related to credit cards;
  • For service provision contracts in which employees of the companies we hire come to work in our units, proof of payment of FGTS, INSS, payment of salaries and vacations.

Personal data we collect from third parties:

  • Registration data, such as: name, affiliation, date of birth, CPF, telephone number, address, among others; and

Public data:

We may collect information about you that is publicly available or that has been made public by you:

  • Information about mentions or interactions with Cedro; and
  • Testimonials regarding Cedro posted on profiles and pages on social media, along with name and image.

When analyzing and monitoring purchases or other transactions with customers and/or suppliers:

  • Registration data;
  • Product type;
  • Amount;
  • Value of the merchandise (unit);
  • Total value of the purchase or transaction;
  • Nature of the financial transaction;
  • Bank account information and other means used;
  • Income information.

On Cedro’s premises:

  • Access control data and images recorded by the Closed Circuit Television (CCTV) system.

Browsing and device data:

  • IP address of the mobile device used to access Cedro’s website;
  • Interactions carried out and usage profile of Cedro’s website;
  • Technical data, such as URL, network connection, provider, and device information;
  • Cookies;
  • Device attributes such as ID, operating system, browser, and model.

3 – HOW WE USE YOUR PERSONAL DATA

The data is processed as follows:

  • To correctly identify the customer, supplier, collaborator, employee, applicant, or visitor;
  • To fill an applicant position on our staff, in cases of selection process;
  • To provide information to government bodies or provide any benefit provided by law or by a union, in the case of employees and collaborators;
  • For drafting and executing contracts, invoicing and billing with providers and suppliers;
  • To send purchased products or offer communications;
  • To contact you when necessary. This contact may cover various topics, such as communication about promotions and offers, answers to questions, responses to complaints and requests, updates on orders placed and delivery information;
  • To assist in diagnosing and solving product problems;
  • To develop new features and improvements, improving your experience with our available services;
  • To consult your information in credit agency databases;
  • To collaborate in investigations and measures to prevent and combat illicit activities, fraud, financial crimes, and money laundering and/or terrorist financing crimes;
  • To ensure compliance with legal or regulatory obligations or ensure the regular exercise of Cedro’s rights. In these cases, we may even use and present the information in judicial and administrative proceedings, if necessary;
  • To collaborate with compliance with a court order, competent authority or supervisory body;
  • Navigation data: to assist in diagnosing and solving technical problems, as well as to develop new features and improvements, improving your experience with our available services;
  • To provide security for people who visit our facilities, we monitor access control data and images recorded by the Closed Circuit Television (CCTV) system.

4 – WHO WE SHARE YOUR DATA WITH

We may share your Data with third parties in the following cases:

Business partners, service providers and other third parties: so that we can make our products available and provide our services with quality, as well as the appropriate relationship with employees, collaborators, partners, and providers, we rely on the collaboration of several service providers, who process personal data collected on our behalf and in accordance with our instructions.

These service providers act primarily to assist us in audit analysis, legal analysis, information technology service providers, customer service, communication, statistical services, logistical services, research, marketing, financial services and payment methods and other third parties.

Judicial, police or government authorities and regulatory bodies: we must provide personal data of customers, providers or employees, in support of investigations and measures to prevent and combat illicit activities, fraud, crimes and guarantee the safety of Cedro’s customers, employees and providers; regular exercise of Cedro’s rights, including presenting documents in judicial, administrative and arbitration proceedings, if necessary; compliance with a court order, compliance with a request from a competent authority or supervisory body; and compliance with legal or regulatory obligations.

Some examples: information to the Federal Revenue Office and Ministry of Labor, carrying out an admission exam at an Occupational Safety and Medicine company, providing a transport card, providing a food/meal card and health insurance.

5 – HOW WE PROTECT YOUR DATA

We map the processes that process personal data and list the potential risks to Privacy and Data Protection, continually seeking to mitigate risks through training and the adoption of technical and organizational measures applied to our processes and information systems.

6 – RIGHTS AS SUBJECTS OF PERSONAL DATA

Transparency about the processing of your personal data is a priority for Cedro. In addition to the information provided in this Privacy Policy, you can also exercise the rights provided for in the General Data Protection Law, including:

  • Right to confirmation: you can confirm whether Cedro processes any of your personal data;
  • Right of access: you can also make a request to dpo.cedro@cedro.ind.br to obtain details of how your information is being used and have a copy of said information, with a delivery time to be agreed in each concrete case;
  • Right to correction: you may correct or remove any data that is incomplete, inaccurate or out of date;
  • Right to anonymization, blocking or deletion: you may request the anonymization, blocking or elimination of unnecessary, excessive, or processed data that does not comply with the purposes set out in this Policy, observing, for this purpose, other rules of the legal system;
  • Right to information: you can request that Cedro should inform which third parties it shared or received your personal data with;
  • Right to information portability: when the right to portability is regulated by the ANPD or if there is a technical possibility, you may ask Cedro for your personal data to be transferred to yourself or third parties, except for those that have already been anonymized and deleted by Cedro;
  • Right to revoke consent: if you have given your consent to the processing of your personal data, you can request the revocation of that consent. It is important that you know that some data may be kept for legal purposes;
  • Right to object to future processing for other legal bases: you may request the exclusion and interruption of any other service provided by Cedro, but also in this case it is important that you know that some data may be kept for legal purposes.

All requests will be handled free of charge and will be subject to a prior assessment of your identity and the viability of service, in order to comply with any obligations that prevent the complete fulfillment of requests from rightful subjects.

7 – STORAGE, RETENTION AND DELETION OF YOUR PERSONAL DATA

As long as you are a customer, partner, provider, employee, applicant, visitor or third party for whom data processing is necessary under the terms set forth, they will be kept in a secure environment controlled by Cedro.

When applicable, after the termination of the contract or relationship between you and Cedro, from which data processing resulted, and even if you choose to delete your personal data from our registration base, your personal data will be stored for an additional period, either for auditing purposes, compliance with legal or regulatory obligations, for the regular exercise of Cedro’s rights or else for the period necessary in accordance with the legal basis that justifies the retention of data. We will only keep strictly necessary data in our databases and for legally permitted and legitimate purposes.

8 – COOKIES

We do not record or store details of your activity through cookies.

Now, if you are a client, collaborator or representative, or if you are going to send your resume to our Talent Bank, we need to register and store small files on your computer to identify you as a user and grant you access to your profile information and we do this through what we call a cookie.

This cookie is triggered when you click on “Restricted Area” and is modified when you “Disconnect” from the website.

You can object to the use of these cookies by configuring your browser not to accept them, but without them you will not be able to register in the restricted area of the website.

You can delete the cookies stored on your device at any time.

Oh! Cedro does not share data with other companies.

9 – CONTACT US

To clarify any questions, make requests or for further information regarding Privacy and Protection of Personal Data, our Data Officer is Muzzi e Advogados Associados (CNPJ No. 02.081.025/0001-92), who is ready to assist you via email: dpo.cedro@cedro.ind.br.

We are always available to answer your questions and put you in control of your personal data.

You will be informed about updates to this Policy by email or notice on our website.

Count on us to keep you informed!