Privacy and Data Protection Policy of Courovale

The Courovale Privacy and Data Protection Policy has been created to ensure the privacy of the information collected from customers or users. This document clarifies the procedures for collecting, using, and storing personal data on the Courovale portal, in accordance with the current Brazilian legislation on privacy and personal data protection, especially Law No. 13,709/2018, as amended (General Data Protection Law – “LGPD”).

We kindly request and recommend that you take the time to read this document.

1 – Definitions
For the purposes of this privacy policy, the following definitions apply:

Cookies: Files sent by the portal server to visitors’ computers to identify the computer and obtain access data, such as pages browsed or links clicked, thereby customizing visitors’ navigation on the portal according to their profile.

Courovale: The term used in this document to identify the controller and owner of this portal, COUROVALE INDÚSTRIA DE COUROS LTDA, registered under CNPJ No. 06.126.956/0001-10, headquartered in the city of Portão/RS, at Rua Júlio de Castilhos, 2780, Portão Velho neighborhood, ZIP code 93180-000.

IP: Abbreviation for Internet Protocol. It is a set of numbers that identifies visitors’ computers on the internet.

Logs: Records of visitors’ activities on the portal.

Portal: Refers to the website

Visitor: Any person browsing the portal.

User: Visitors who are authenticated in the portal system.

Web Beacons: Lines of code in HTML pages that aim to obtain details of user navigation, such as how long the portal was open, and which address was visited next, among others.

2 – Data and Information Collection
2.1 – Data and information will be obtained when visitors interact with the various features on the portal by voluntarily providing information, such as in the “Contact” section, for example.

3 – Data and Information Storage
3.1 – All data and information collected from visitors will be incorporated into the portal’s database, with Courovale as the responsible party.

3.2 – The collected data and information will be stored in a secure environment, observing the available state-of-the-art technology, and may only be accessed by qualified and authorized individuals by Courovale.

3.3 – Considering that no security system is absolutely secure, Courovale disclaims any responsibility for any damages and/or losses resulting from database failures, viruses, or intrusions, except in cases of willful misconduct or as expressly provided by law.

3.4 – Courovale collects only the information necessary for the viability of its business.

4 – Use of Data and Information
4.1 – Data and information collected from visitors may be used for the following purposes:
a) Responding to any inquiries and requests from visitors.
b) Compliance with legal or judicial orders.
c) Establishing, defending, or regularly exercising rights in a judicial or administrative context.
d) Creating general statistics to identify the profile of visitors and develop Courovale’s campaigns but without personal identification.
e) Ensuring the security of visitors.
f) Keeping visitors’ records up to date for contact purposes via telephone, email, SMS, direct mail, or other communication methods.
g) Informing about news, promotions, and events of Courovale and its business partners.

4.2 – The database collected by the Courovale portal will not be shared, sold, assigned, transferred, reported, or rented to third parties.

4.3 – The acquired data can only be accessed by professionals duly authorized by Courovale, respecting the necessity for which they will be submitted, their relevance to the portal’s objectives, and the users’ interests, while preserving user privacy.

4.4 – If the user ceases to use the services offered by the portal, Courovale may, for audit and rights preservation purposes, retain their data and information for a maximum period of 5 (five) years, with the option to permanently delete them at its convenience.

5 – Responsibility
5.1 – Courovale envisages the responsibility of agents involved in data processing processes, in accordance with Articles 42 to 45 of the General Data Protection Law.

5.2 – We commit to keeping this Privacy Policy updated, observing its provisions, and ensuring compliance.

5.3 – Furthermore, we also undertake to seek technical and organizational conditions securely capable of protecting the entire data processing process.

5.4 – If the National Data Protection Authority requires measures regarding data processing carried out by Courovale, we commit to following them.

6 – Disclaimer of Liability
6.1 – As mentioned in the previous section, although we adopt high-security standards to prevent incidents, there is no entirely risk-free virtual page. In this sense, Courovale is not responsible for:
a) Any consequences arising from users’ negligence, recklessness, or lack of skill in relation to their individual data. We guarantee and are responsible only for the security of data processing processes and compliance with the purposes described in this document. Please note that the user is responsible for the confidentiality of access data.
b) Malicious actions by third parties, such as hacker attacks, unless Courovale’s willful or deliberate conduct is proven. We emphasize that in the event of security incidents that may pose a relevant risk or harm to you or any of our users/customers, we will notify the affected parties and the National Data Protection Authority about the incident and take the necessary measures.
c) The inaccuracy of information provided by the user/customer in the records required for the use of Courovale’s services; any consequences arising from false or bad faith information are entirely the responsibility of the user/customer.

7 – Rights of the Data Subject and Personal Information
7.1 – As the data subject, you may contact Courovale to exercise certain rights, such as requesting:
a) Confirmation of the existence of processing of your personal data.
b) Access to your data.
c) Correction of your incomplete, inaccurate, or outdated data.
d) Anonymization, blocking, or deletion of your data that is unnecessary, excessive, or processed in violation of applicable law.
e) Deletion of your personal data, except in cases provided by applicable law.
f) Information about the possibility of not providing consent and the consequences of your refusal.
g) Opposition to any processing of personal data for which your consent is not required, provided that there has been a breach of applicable law and the public interest justifying the continued processing is preserved.

8 – Cookies
8.1 – The portal may use cookies, and it is up to visitors to configure their internet browsers if they wish to block them. In this case, some portal functionalities may be limited.

8.2 – Additionally, the portal may use web beacons to collect visitor behavior data on pages, where the installation of files on visitors’ devices is not necessary.

8.3 – Other technologies may be used to collect user navigation data; however, they will always respect the terms of this policy and the user’s options regarding their collection and storage.

9 – General Provisions
9.1 – The provisions of this Privacy Policy may be updated or modified at any time, and it is the responsibility of visitors to check it whenever they access the portal.

9.2 – Visitors should contact us in case of any doubts regarding the provisions of this Privacy Policy through the “Contact” section.

9.3 – By placing information in a public area of the Courovale portal, the user is aware that it will be available to other visitors and users of the portal.

9.4 – Courovale cannot control what visitors and users do with the information published on the portal. Remember that any information disclosed in these areas may become public information, and, therefore, caution and common sense are important when posting any content.

10 – Request for Modification, Removal, or Alteration
10.1 – We understand that you may occasionally want to modify, remove, or alter your personal data.

10.2 – If you wish to make a change, removal, or modification, please contact us, and we will do our best to accommodate your request. However, please keep in mind that in some cases, it may not be possible to fulfill your request, especially if it is necessary to comply with our legal or contractual obligations.

10.3 – Furthermore, please remember that if you request the removal of your personal data from our database, this may affect the use of our website and services. If you cannot make a change or modification, or if you wish to delete your personal data, please contact us so that we can discuss other options.

11 – Applicable Law and Jurisdiction
11.1 – This Privacy Policy will be interpreted in accordance with Brazilian law, in the Portuguese language, with the Court of Portão, in the state of Rio Grande do Sul, being chosen as the forum for resolving any disputes, issues, or subsequent doubts, with the express waiver of any other, no matter how privileged it may be.