Privacy and Data Protection Policy
December, 2024
1. Purpose
1.1 Ciari Moreira Advogados (“Ciari Moreira”) is committed to respecting your privacy and takes the necessary measures to ensure that the processing of your Personal Data is in accordance with the best practices of the market.
1.2 The purpose of this privacy policy (“Policy”) is to provide you with information about the Personal Data we collect, how we use and share it and for what purposes, as well as about the Personal Data processed; the purposes of the processing; the period for which this Personal Data will be stored; and, finally, what security measures have been adopted and how you can contact us to exercise your rights.
2. Introduction
2.1 For the purposes of this Policy, “Users” are all individuals who in any way use the Ciari Moreira Platform or who access the physical premises of Ciari Moreira’s offices (“Visitors”), including, but not limited to, clients and third parties, suppliers and service providers contracted by Ciari Moreira (‘Suppliers’), as well as their employees and legal representatives (“Suppliers’ Employees”).
2.2. The term “Platform” means Ciari Moreira’s website, accessible through the link http://www.ciarimoreira.com.br/.
2.3 We do not collect or knowingly request information from anyone under the age of 18. Users under the age of 18 should not submit information to us through our Platform. If we become aware that we have collected information from an individual under the age of 18, we will disregard the information provided and will not maintain it in our databases.
2.4 In order for the Platform to be able to properly offer functionalities, it is necessary for it to have access to certain personal information about Users (“Personal Data”).
2.5 It is not possible to offer the Platform’s functionalities or allow Users access to Ciari Moreira’s physical premises without having access to this Personal Data. The processing of Personal Data is a condition for using the Platform and for physical access to our offices.
3. Personal data
3.1. Ciari Moreira collects or receives personal data when:
(i) the User registers on the Platform;
(ii) Visitors provide us with information directly, in person, during the registration process for access to the office’s physical units; and
(iii) receives information directly from the data subject or the data subject’s employers, during the negotiation and execution of contracts.
3.2 In addition to the active provision, when accessing our pages, Ciari Moreira may collect data related to the User’s browsing, in order to analyze their interaction with the page visited, date and approximate geolocation of access, version of their browser, IP, frequency of visits. Such measurements may also take place on the pages maintained by Ciari Moreira on Linkedin and/or on other pages owned by Ciari Moreira. These platforms have their own privacy policies, which you must also agree to in order to make full use of their functionalities.
3.3 We do not collect Personal Data through cookies, pixels, beacons or other similar tools. The use of cookies by the Platform is restricted to statistical analysis of the use of the Platform, without any link to the IP address or other Personal Data of the User.
4. Processing Purposes
4.1. By accessing the Ciari Moreira pages, you may provide the following personal data, for the specific purposes of:
(i) Sending a Newsletter: by providing your name, position, company and e-mail address in the specific field on the pages, as well as selecting the areas of interest for our communications, Ciari Moreira will be able to send you newsletters on its areas of activity, announcements, articles, newsletters and invitations to events. Ciari Moreira may analyze your interaction with these e-mails in order to improve the quality of the content, in addition to having access to the geolocation of the city, your IP address, the browser used and your navigability of links accessed through the message sent by us;
(ii) Disclosure and Analysis of Applications for Vacancies: Users may apply for vacancies available at Ciari Moreira units. For your application, Ciari Moreira may process data such as name, telephone number, e-mail address, experience in the field, registration number with a professional body and other data necessary for the application; and
(iii) Contact: You may send general messages to Ciari Moreira directly via the Platform. For this purpose, the personal data processed are those required by the e-mail provider you use, such as name and e-mail address, and others that you spontaneously wish to share with Ciari Moreira in your message. Ciari Moreira recommends that you share only the minimum necessary personal data when you make your initial contact.
4.1.1 The device information listed above may be processed to comply with legal obligations.
4.1.2 We do not use Users’ Personal Data for any purpose other than those described above.
5. Storage
5.1. Ciari Moreira only keeps Personal Data: (i) for as long as it is necessary for the purposes described above; (ii) to comply with legal obligations; or (iii) for the regular exercise of rights.
5.2 Ciari Moreira has implemented a monthly system for deleting personal data relating to the above platforms. The system deletes e-mail addresses that are inactive, in error, or that have opted out of receiving messages from Ciari Moreira (via the opt out tool).
5.3 If the user requests to be deleted from the database, provided that there is no legal basis that allows or requires Ciari Moreira to keep them in its network, the personal data will be deleted after confirmation of receipt of the request for deletion.
5.4 The retention period is determined by weighing up the nature of the data, the purposes for which it was collected and the legal requirements applicable in each case. Ciari Moreira will keep Personal Data in an anonymized form, i.e. without it being or being able to be linked to a User, for longer periods than those originally determined.
6. Sharing
6.1 The Personal Data collected may be shared with the third parties identified below, contracted to support us in carrying out the purposes mentioned above:
(i) Business partners;
(ii) Service Providers;
(iii) Judicial, police, governmental authorities or other third parties with whom Ciari Moreira is obliged by law, regulatory rule or court order; and
(iv) Third parties, for the regular exercise of our rights.
6.2 Ciari Moreira does not transfer Personal Data outside Brazil. If your Personal Data is eventually transferred to another country, Ciari Moreira will adopt the measures required by law to ensure that it remains protected.
7. Security measures
7.1. Ciari Moreira adopts the best technical, administrative and operational practices to protect Personal Data and all information processed in its environments, whether physical or digital, from unauthorized access, destruction, loss, alteration, communication or any form of inappropriate or unlawful treatment.
7.2 Third-party websites. Some of the content available on Ciari Moreira’s pages may include content and/or links from third parties. Ciari Moreira is not responsible for these websites and content and does not share, endorse, monitor, validate or accept the way in which these websites or content storage tools collect, process and transfer your personal and private information.
7.2.1 The User is aware that he/she must visit and agree to the terms of use and privacy policies applicable to the respective pages. The information security levels of third party sites are the sole and exclusive responsibility of the third party.
7.3 Should the User have any concerns or suspicions that their Personal Data is at risk, please contact us immediately at dpo@ciarimoreira.com.br.
8. User Rights
8.1. Under the terms of Federal Law no. 13.709, of August 14, 2018 – General Data Protection Law (“LGPD”), any User has the right to:
(i) confirmation that the User’s Personal Data is being processed;
(ii) access to the User’s Personal Data collected by Ciari Moreira;
(iii) correction of Personal Data that is incomplete, inaccurate or out of date;
(iv) anonymization, blocking or deletion of Personal Data that is unnecessary, excessive or processed in breach of the provisions of the LGPD;
(v) deletion of Personal Data processed on the basis of the User’s consent, except in the cases of retention of Personal Data provided for in the LGPD;
(vi) information on who your Personal Data will be shared with;
(vii) information on the possibility of not providing the User’s consent and the consequences, where applicable;
(viii) revocation of the User’s consent to the processing of their Personal Data, when the Personal Data is processed on the basis of their consent;
(ix) opposition to processing that violates the LGPD.
8.2 Any User may exercise any of the above rights by sending an e-mail to dpo@ciarimoreira.com.br.
8.3 Information to confirm the User’s identity may be requested for the purposes of responding to and fulfilling a request received through the service channel.
9. Consent
9.1 The LGPD establishes various situations in which the processing of Personal Data is permitted regardless of the consent of the holder of that Personal Data.
9.2 If there is a legal basis for processing data, under the terms of the applicable legislation, once the User chooses to use the Platform or is a Visitor to our physical facilities, Ciari Moreira may collect and process their Personal Data regardless of their consent.
9.3 In any case where collection depends on prior consent, Ciari Moreira will request the User’s express consent to use their Personal Data.
10. Communication and Governance
10.1 Users may contact Ciari Moreira via the e-mail addresses of our data protection officers:
| Fabricio Faggiani Dib | dpo@ciarimoreira.com.br |
| Natasha Midori Hinata |
11. Changes and Updates
Ciari Moreira may change the provisions of this Policy at our discretion and at any time.
11.1 In the event of material changes to the Policy, such changes will be valid, effective and binding after: (i) being posted on the Platform; (ii) being sent by e-mail to Users and/or (iii) being communicated in any other way to Users.
11.2 The User must check the updated version of this Policy every time they visit the Platform or are one of our Visitors.