After the Data Subject consents to the use of cookies, when using CBMM pages, the website will temporarily store a cookie on their device to remember this in the next session.
At any time, the Data Subject may revoke their consent in relation to the cookies stored by clearing the navigation data on their internet browser.
Finally, we remind you that, if the Data Subject does not accept certain cookies from CBMM pages, some services may not work optimally.
5. WHO WE WILL SHARE DATA WITH
CBMM is an economic group that works in partnership with various companies in Brazil and worldwide, whose listing is available here. This way, CBMM may share information collected through its pages or by contacting the Data Subject, in the following cases:
i. With other companies of the CBMM group, incorporated or operating in any country, which undertake to use the information for the same purposes indicated in this Policy.
ii. With partner companies and suppliers, in the development of Services aimed at the Data Subject.
iii. With authorities, government entities or other third parties, for the protection of CBMM’s interests in any type of conflict, including lawsuits and administrative proceedings.
iv. In case of transactions or corporate changes involving CBMM, in which case the transfer of information will be necessary for the continuity of the Services; or,
v. Upon court order or by request of administrative authorities that have legal competence for its request.
Additionally, it is possible that some of the transfers indicated above take place outside of Brazil, notably to countries where the business group operates, at which time, CBMM undertakes to do so only to countries which provide an adequate level of Data Protection to the provisions of applicable law or upon the use of guarantees and safeguards, such as specific clauses, standard clauses, global corporate standards, among others; as well as upon specific consent of the Data Subject or the observance of the other hypotheses authorized by law and regulated by the National Personal Data Authority.
6. HOW WE KEEP DATA SECURE
CBMM uses reasonable market and legally required means to preserve the privacy of the Personal Data collected. This way, it adopts various technical and administrative security measures capable of protecting Personal Data from unauthorized access and from accidental or unlawful situations of destruction, loss, alteration, communication or any other form of inappropriate or unlawful processing.
In addition to the technical efforts, CBMM also adopts institutional measures aimed at Personal Data protection, so that it maintains an information security and privacy governance program applied to all its activities and governance structure, which is constantly updated.
Although CBMM makes its greatest efforts to preserve privacy and protect Personal Data of Data Subject, no information transfer is totally secure. Therefore, CBMM cannot fully guarantee that all information it receives and sends will not be subject to unauthorized access perpetrated through methods developed to improperly obtain information.
For this reason, we encourage Data Subject to take appropriate measures to protect themselves, such as, keeping confidential all access credentials (usernames and passwords), being certain that such information is personal, non-transferable and of the sole responsibility of the Data Subject.
7. RETENTION OF INFORMATION COLLECTED
In order to protect the Data Subject privacy, Personal Data processed by CBMM will be deleted (i) after the expiration of the retention period established for the processing of those Personal Data; (ii) when the data are no longer useful for the purposes for which they were collected; or (iii) the Data Subject requests its deletion, unless its maintenance is expressly authorized by applicable law or regulation, or when its maintenance is based on a legal basis that justifies its retention.
However, information may be kept for complying with legal or regulatory obligation, transfer to a third party - provided that Personal Data Processing requirements are respected - and exclusive use by CBMM, including for the exercise of its rights in lawsuits and administrative proceedings.
8. YOUR RIGHTS
In compliance with the applicable regulations, regarding Personal Data Processing, CBMM respects and guarantees the Data Subject the possibility of submitting requests based on the following rights:
i. confirmation of the existence of Processing;
ii. access to the Personal Data;
iii. editing of incomplete, inaccurate or outdated Personal Data;
iv. anonymization, blocking or deletion of Personal Data which are unnecessary, excessive or processed in violation of the law;
v. portability of Personal Data to another service of product supplier, upon express request by the Data Subject;
i. deletion of Personal Data processed based on the Data Subject consent;
ii. obtaining information about the public and private entities with whom CBMM shared their Personal Data;
iii. information about the possibility of not providing consent, as well as of being informed about the consequences, in case of refusal;
iv. revocation of consent;
v. opposition to Processing carried out in the event of waiver of consent, if not in compliance with the law.
These rights may be exercised by sending a request to our Officer through the link https://cbmm.com/pt/privacy-policy/direitos-dos-titulares or email dpo@cbmm.com, for further evaluation and adoption of other measures by CBMM.
The Data Subject is aware that the exclusion of essential information for the management of their account with CBMM will imply the termination of their registration, with consequent cancellation of the Services provided.
CBMM will make every effort to fulfil such requests in the shortest possible time and according to the complexity of each case.
Finally, the Data Subject must be aware that their request may be legally rejected, either for formal reasons (such as the inability to prove their identity) or legal (such as the request to delete Personal Data whose maintenance by CBMM is authorized by law).
9. LEGISLATION AND JURISDICTION
This Policy will be governed, interpreted and executed in accordance with the laws of the República Federativa do Brasil, especially the General Law of Personal Data Protection - LGPD (Law no 13.709/2018), regardless of the Laws of other states and countries, being the jurisdiction of Araxá, in the State of Minas Gerais, competent to resolve any doubts arising from this document.
Updated on november 2021.