PRIVACY NOTICE

PRIVACY NOTICE - PUPILA BRAND STUDIO

PUPILA BRAND STUDIO LTDA "PUPILA" is a platform for brand assets and guidelines that streamlines marketing efforts and empowers teams to collaborate smoothly and increase brand consistency. Thus, to enable the provision of PUPILA's services and access to our Platform, we process personal data of our clients, following the provisions of the law and always adopting the best practices available in the market.

Through this Privacy Notice "Notice", we seek to present to you, in a simple, clear, and objective manner, which of your personal data we collect, for what purposes, how they are used, stored, and with whom they can be shared, in accordance with the provisions of privacy laws, specially Brazilian Federal Law No. 13,709/2018 - General Data Protection Law "LGPD".

This Privacy Notice is not related to the PUPILA Terms of Use, which is a separate document. The Terms of Use outline the legal agreement between you and PUPILA to use the Platform. They also outline PUPILA’s rules and your user rights.

For us, the priority is to safeguard the privacy and security of your personal data. Thus, any information you provide to us will be treated in accordance with the limits established herein and the terms of the applicable legislation.

We do not intend to collect or in any way process personal data of individuals under 18 (eighteen) years of age, since our services are aimed only at companies and legal adults. Thus, if we become aware that we have collected personal data from an individual under 18 (eighteen) years of age, we will disregard the information provided and will not keep it in our databases.

We recommend that you read, carefully and in full, the terms of this Notice. If you have any questions, suggestions, or wish to exercise any of your rights as a data subject, please contact us at the email privacy@pupila.ai.

To facilitate access to information, we indicate below how our Notice is organized:

  1. What is the most relevant information in this Notice?
  1. Who is the recipient of this Notice?
  1. Who is the data controller of my personal data? And what is their role in this operation?
  1. How do we collect your personal data?
  1. What personal data of yours do we collect?
  1. What do we use your information for?
  1. What are Cookies and how do we use them?
  1. With whom are Personal Data shared?
  1. How long will the collected personal data be stored?
  1. How do we keep the collected personal data secure?
  1. What are your rights and how can you exercise them?
  1. Questions?
  1. Updates
  1. Technical Terms

1. What is the most relevant information in this Notice?

To facilitate the understanding of this Notice, we provide a summary table of the information that will be presented to you in this document:

WHO WILL PROCESS YOUR PERSONAL DATA? PUPILA is the entity responsible for Processing Personal Data and determines the respective purposes and means of Processing. Registered with CNPJ/MF under CNPJ/MF No. 54.172.052/0001-74, headquartered in São Paulo, at Rua Natingui No. 862, fifth floor, suite 509, Vila Madalena, ZIP Code: 05443-001.
HOW DO WE COLLECT YOUR PERSONAL DATA? The information we process about you may have been provided directly by you to PUPILA or collected automatically through our Platform.
WHAT DATA WILL BE PROCESSED? Registration data: full name; Contact information: phone and email; and Attributes associated with your electronic devices: access provider, operating system, browser (type, version, enabled options, and installed plugins), video settings (size/resolution and number of colors), access date and time, pages viewed through cookies, access device characteristics; IP (with date and time); IP origin; language preference; country setting; click information and geolocation. We do not collect sensitive personal data.
WHY DO WE NEED YOUR PERSONAL DATA? We use your Personal Data to meet a specific purpose: • Facilitate a service contracted by you; • To communicate with you; • To comply with our legal or regulatory obligations; • Allow the regular exercise of our rights; • Enable activities necessary for our Organization; • Execute a contract you have entered into with us or carry out pre-contractual diligences; • Prevent fraud and safeguard your security; and • Advertising.
HOW LONG WILL YOUR DATA BE KEPT? We store your Personal Data for as long as necessary to achieve the purposes for which they were collected. Where possible, we will maintain Personal Data in anonymized form, respecting the highest level of care and market security.
WHEN CAN YOUR PERSONAL DATA BE SHARED? We may share your Personal Data with Third Parties to achieve the purposes for which they were collected. Furthermore, sharing may occur when necessary to meet requests from judicial authorities or to comply with legal or regulatory obligations.
HOW TO EXERCISE YOUR RIGHTS AS A DATA SUBJECT? We are committed to complying with all your rights as a data subject and have a communication channel to resolve any doubts, suggestions, or requests regarding the Processing of the Personal Data collected. Please contact us via email: privacy@pupila.ai.

2. Who is the recipient of this Notice?

This Notice is intended for all data subjects, natural persons, who use PUPILA's services through our Platform ("USER").

3. Who is the data controller of my personal data? And what is their role in this operation?

This Notice is intended for all data subjects, natural persons, who use PUPILA's services through our Platform ("USER").Your personal data will be processed by PUPILA. We assume the predominant role of Personal Data Controller, that is, we decide how your personal data will be processed, applying good practices in data protection and following the provisions of the LGPD.

4. How do we collect your personal data?

The information we process about you may have been provided directly by you to PUPILA or collected automatically through our Website or Platform.

Let's better understand each of these data collection situations:

a. Information provided directly by you

From the beginning of your interaction with us, you voluntarily provide us with information about yourself. For example, when you sign up to use our Platform, contact us through social networks or our customer service channels, when you interact with the content of our Website or Platform, by email, or other tools.

b. Information obtained automatically

In some situations, we may also collect personal data automatically through the devices you use to access our Platform and Website. This information helps us generate access statistics and thus better understand our audience. This is important so that we can improve our services and adapt them to diverse audiences. Some of this data may be collected through cookies or similar technologies, as we will explain in a separate topic below.

5. What personal data of yours do we collect?

In order to respect your privacy, we understand that all processing of personal data should be limited to the minimum necessary, in a relevant and proportionate manner to allow the intended purpose to be carried out.

Therefore, the personal data we collect about you will vary depending on the relationship you choose to have with us. Below, grouped into categories, we present the main personal data that may be processed by us and the purpose of the processing:

  1. Registration data: full name;
  1. Contact information: phone and email; and
  1. Attributes associated with your electronic devices: access provider, operating system, browser (type, version, enabled options, and installed plugins), video settings (size/resolution and number of colors), access date and time, pages viewed through cookies, access device characteristics; IP (with date and time); IP origin; language preference; country setting; click information and geolocation.

We do not collect sensitive personal data on our Website/Platform.

6. What do we use your information for?

The Personal Data we collect can be used as described in the table below:

Category of Personal Data Purposes
Registration data; Contact information Enable a service contracted by you
• We will process your data to provide the service requested by you, as well as to enable access to the Platform.
• Execute a contract you have entered into with us
Registration data; Attributes associated with your electronic devices Communication, Management, and Improvement
We may process your personal data to respond to your requests or other interactions with us, such as by email or other Platform/Site tools.
Contact for requesting and/or providing feedback or for commercial purposes;
Send relevant notices about our activities;
Possible sending of institutional advertising, news, events, or conducting surveys related to PUPILA's activities;
Forward updates that impact your relationship with us regarding transparency, such as updates to this Privacy Notice;
Management, administration, provision, and improvement of the Site/Platform and services offered by PUPILA, adapting them to user preferences, as well as the development of new services.
All categories of personal data Compliance with our legal or regulatory obligations
Your personal data may be used to meet our obligations under law and/or regulations of government agencies and orders or requests from tax authorities, the Judiciary, and/or other competent authorities. For example, we may process personal data for issuing invoices.
All categories of personal data Allow the regular exercise of our rights
Even after the termination of your relationship with us, we may process some of your personal data to exercise our rights guaranteed by law, including as evidence in judicial, administrative, or arbitration proceedings.
All categories of personal data Enable activities necessary for our Organization
Based on our legitimate interest, we may also process your personal data in activities such as: improvements to our products and services, relationship with our customers and partners, company performance analysis and reports, and internal inquiries. In supporting activities of PUPILA's interests, we will always observe the limits of your expectation, and the processing of personal data will not prejudice your interests, rights, or fundamental freedoms.
Registration data Avoid fraud and safeguard your security
We may process your personal data to safeguard your security (and that of third parties) and to prevent identification fraud, especially during your access to our institutional website and internal systems, entry, or visit to our premises.
Contact information; Attributes associated with your electronic devices Advertising
We may use your Personal Data to create target audience segments and thus promote more suitable content for PUPILA's marketing campaigns. In this case, the option to unsubscribe from our database will always be available at the end of each communication we send, with the possibility of choosing to receive information such as offers and news about the latest trends from PUPILA.

7. What are Cookies and how do we use them?

Cookies are files or information that can be stored on your devices when you access PUPILA's Website/Platform.

We use cookies to facilitate usage and tailor our pages to the interests and needs of data subjects, as well as to compile information about the use of the Site, aiding in the improvement of its structure and content. Below, you can see the types of cookies and their respective purposes that justify the use of the information we collect, in accordance with the LGPD:

Kind of Cookie What they do?
Necessary/Essential These are essential cookies to enable the proper functioning of our Platform/Site, as well as to allow you to make use of all available functionalities.
Performance/Analysis These are cookies that help us understand how visitors interact with our Platform/Site, providing information about the areas visited, the time spent on the Platform/Site, and any problems encountered.
Functional These are cookies that allow us to remember your previous choices, such as browsing language. They provided a personalized experience.
Marketing/Advertising These are cookies used to provide more relevant and specific content for your interests. They can also be used to present advertising with greater targeting or limit the number of times it is displayed. They also allow the measurement of the effectiveness of a launched campaign.

8. Who are Personal Data shared with?

PUPILA may share the use of your personal data, in which case it will be restricted to the minimum necessary and required for the fulfillment of specific purposes previously informed to you in this Notice.

Thus, we may share your data with third parties in the following situations:

• Business partners and service providers, to enable the operation of communication and marketing channels, as well as the provision of necessary structures for the viability of our services, and

• In the event of a corporate operation, such as mergers, acquisitions, spin-offs, and incorporations, and

• With administrative and judicial authorities when necessary to comply with a legal obligation or to assist in the investigation of suspicious or illegal activities, and  

• With law firms, legal advisors, and other legal representatives when necessary to defend PUPILA's interests in administrative, arbitration, or judicial proceedings, and  

• With operators and service providers essential to our activities, including information technology services, data hosting, cloud database hosting, Power BI (Business Intelligence), among others, in accordance with the instructions and purposes provided for in the contractual instruments signed with PUPILA.

Finally, it is possible that some transfers may occur abroad, notably to companies providing cloud data storage services, on servers located outside of Brazil. On this occasion, PUPILA undertakes to do so observing all current legal determinations and best practices in security and privacy.

In any of the above cases, PUPILA will make its best efforts to establish responsibilities with the companies receiving personal data, through adequate contractual instruments, containing provisions on legal bases, purposes, forms of treatment, security measures, among other safeguards conferred to data subjects, in accordance with the LGPD.

9. How long will the collected personal data be stored?

To protect the privacy of data subjects, personal data processed by PUPILA will be automatically deleted when they are no longer useful for the purposes for which they were collected, or when the data subject requests their deletion, except if their maintenance is expressly authorized by law or applicable regulation.

We emphasize that information may be retained to comply with legal or regulatory obligations, transfer to third parties – provided that the data processing requirements are respected – and for the exclusive use of PUPILA in exercising its rights in judicial or administrative proceedings.

Finally, the data subject should be aware that their request may be legally rejected, either for formal reasons (such as their inability to prove their identity) or legal reasons (such as the request for deletion of data whose retention is permitted to PUPILA by current legislation).

10. How do we keep the collected personal data secure?

We use reasonable market means and those legally required to preserve the privacy of the personal data we collect. Thus, we adopt various precautions, in compliance with the guidelines on security standards established in Decree No. 8,771/2016, such as:

• Protection against unauthorized access to our systems,

• Authorization of access only to previously authorized persons at the location where the collected information is stored, including employees and representatives of PUPILA and/or duly authorized partners, and  

• Those who encounter personal data must commit to maintaining absolute secrecy. Breaking the confidentiality will result in civil liability in accordance with Brazilian law.

In addition to technical efforts, we also adopt institutional best practices aimed at protecting personal data. It is important to note that, although PUPILA makes its best efforts to preserve privacy and protect the data of data subjects, no transmission of information is completely secure, so we cannot guarantee fully that all data received or sent will not be subject to unauthorized access executed with methods aimed at obtaining information improperly.

11. What are your rights and how can you exercise them?

Regardless of the relationship you choose to establish with PUPILA, you have all the rights related to your personal data provided by law, including:

  1. Knowing if we process any of your personal data,
  1. Knowing which of your personal data are processed by us,
  1. Correcting incomplete, inaccurate, or outdated data,
  1. Requesting anonymization, blocking, or deletion of unnecessary, excessive, or possibly processed data in violation of the law,
  1. Requesting data portability to another service or product provider,
  1. Asking for a review of solely automated decisions that affect your interests,
  1. Requesting the deletion of data processed with your consent,
  1. Obtaining information about public or private entities with whom we share your data, and
  1. When processing activity requires your consent, you may refuse to consent. In this case, we will inform you about the consequences of not performing such activity. If you consent, you may revoke it at any time.

You can exercise your rights at any time by contacting us by email privacy@pupila.ai.

To do so, we ask that you identify yourself and indicate which right you intend to exercise. It is possible that other information and/or documents may be requested by PUPILA to confirm the identity or veracity of your information.

Requests involving personal data and/or documents of other data subjects will not be met, except by proxy, parental authority, or another hypothesis authorizing the exercise of another data subject's right by you.

It is important to inform that, in specific circumstances, your request may not be met. In these cases, we will explain the reasons for not meeting the request.

12. QUESTIONS?

If you have any questions, you can contact us by email privacy@pupila.ai.

13. update

Some of the information provided here may be updated or changed. Therefore, we advise you to periodically consult this Privacy Notice. When there is any change, we will inform you on our homepage.

This Privacy Notice was last changed and published on our Website/Platform in:

May/2024

14. technical terms

THE RIGHT TO UNDERSTAND: EXPLANATIONS ABOUT SOME TECHNICAL TERMS OF THIS NOTICE.

Term/Expression Meaning
Personal Data Any information capable of identifying a natural person, directly or indirectly.
Sensitive Personal Data Any Personal Data concerning racial or ethnic origin, religious belief, political opinion, union membership, or membership in a religious, philosophical, or political organization, as well as data concerning health or sex life, genetic or biometric data.
Data Protection Officer Professional responsible for acting as a communication channel between PUPILA, Data Subjects, and the ANPD. Its main objective is to ensure that PUPILA complies with laws and regulations related to privacy and data protection.
LGPD LGPD General Data Protection Law (Federal Law No. 13,709/2018)
Third Parties Any natural or legal person that PUPILA relates to or may relate to. This includes: service providers, suppliers, consultants, partners, contracted or subcontracted third parties, tenants, space assignees, regardless of formal contract or not, including those who use the Company's name, provide materials, interact with public officials, with the government or with other third parties on behalf of PUPILA.
Data Subject Natural person to whom personal data refers.
Controller Natural or legal person, public or private, responsible for decisions regarding the processing of personal data.
Processor Natural or legal person, public or private, who processes personal data on behalf of the controller.
Processing Any activity carried out with personal data, such as collection, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, disposal, evaluation, or control of information, modification, updating, communication, transfer, sharing, and extraction.
SUBSCRIBE TO GET OUR LATEST NEWS
THANKS!
Oops! Something went wrong while submitting the form.

All rights reserved @ 2024

All rights reserved @ 2024