Privacy Policy for DPC´s website

General information

Domingues e Pinho Contadores (DPC) holds ethical principles and takes the privacy and personal data of its users very seriously. Thus, this Privacy Policy is intended to demonstrate DPC’s commitment in complying with the General Personal Data Protection Law (“Lei Geral de Proteção de Dados” – LGPD – Law No. 13,709/2018) and other laws on the subject, as well as to provide information on how we protect your privacy when collecting, processing and storing your personal data on our institutional website, which can be accessed by the following link: https://www.dpc.com.br/

Domingues e Pinho Contadores and other companies within its business group may collect and process your personal data. Whenever that occurs, such information is processed in a proper and responsible manner by those appointed to process the data, pursuant to the legal framework, to meet legitimate purposes. According to the General Personal Data Protection Law - LGPD, personal data may be processed in the following situations: when consent has been granted by the data subject; to comply with statutory or regulatory obligations imposed on DPC (data controller); to implement public policies; for studies conducted by research bodies (preferably using anonymized data); to carry out contracts or proceedings in which the data subject is a party, at their own request; to exercise rights in court matters, administrative proceedings or arbitration; to protect the life and personal safety of the data subject or third parties; to safeguard a person’s health (by sanitation professionals or entities); for the legitimate interest of DPC or that of third parties; to protect credit ratings, as per the provisions of the applicable legislation.

In general, this policy applies to all users and potential users of DPC’s services, including those offered through the website or other means run by the company, and outlines how DPC may collect, generate, receive, classify, utilize, access, replicate, transmit, distribute, process, archive, store, delete, evaluate or control information, modify, report, transfer, disseminate or extract the data collected, including personally identifiable information (PII), in accordance with the applicable legal bases and all privacy and data protection laws in force.

By accessing and/or using DPC’s website, the user declares to be over eighteen (18) years old and to be fully capable of accepting the terms and conditions of this Privacy Policy for all legal purposes.

If the user does not fit the description above and/or does not agree, wholly or in part, with the terms and conditions set forth in this Privacy Policy, they must refrain from accessing or using the services offered by DPC, even its website.

Definitions

The terminology used herein follows the definitions set forth in Law No. 13,709/2018 and its subsequent amendments.

In addition, we define “user” as any individual who uses or visits DPC’s website, being over 18 (eighteen) years of age or emancipated and fully capable of practicing the acts of civil life, as well as those who are wholly or partially disabled, provided that they are duly represented or assisted.

Processing of personal data

Normal access to our website does not require personal data to be submitted. However, for some of its sections as well as for requesting information and services and for subscribing to our technical journals, your personal data may be processed for the purposes described below.

When carrying out preliminary agreements or contractual procedures, DPC may access your personal data in the following situations:

a) To fill out forms on the website, for making contract offers;
b) To fill out the “talk to a specialist” form so that DPC may contact users who have requested information;
c) To prepare, submit, review or negotiate contracts and service proposals;
d) To provide services to potential clients;
e) To improve website performance through cookies;
f) To subscribe to DPC’s newsletter;
g) To fill out a contact form on the website;
h) To enroll in the company’s events.

Legal basis for data processing

Your personal data shall be processed always pursuant to the legal framework provided for in the LGPD, such as:

• For performing contractual and preliminary procedures;
• For meeting statutory or regulatory requirements;
• For the regular exercise of a right in court matters, administrative proceedings or arbitration;
• For serving our legitimate interest or that of third parties; or
• For complying with the user’s consent.

We shall keep users informed in a transparent manner, and, whenever necessary, other actions will be taken to ensure the lawfulness of the processing of data.

Data retention period

Personal data will be retained only for as long as legally required or as necessary to fulfill the purposes set forth in this Privacy Policy, and always pursuant to the provisions of the applicable legislation.

With the user's consent, personal data shall be retained under the following criteria:

(i) for as long as required by law, in compliance with the period of limitations and with legal or regulatory obligations;
(ii) up until the termination of personal data processing;
(iii) for as long as necessary to preserve DPC’s legitimate interests, as the case may be;
(iv) for as long as necessary to safeguard the exercise of DPC’s rights in court matters, administrative proceedings or arbitration.

By making their personal data available to third parties accessible through our website or through hyperlinks to other websites, users fully agree to contact those third parties directly in the event of improper retention, necessary update, correction or deletion of their personal data.

Sharing of your personal data

DPC does not make personal data collected on its websites available to mailing list brokers under any circumstances.

DPC may disclose the personal data collected to third parties in the following situations and always within the boundaries of the law:

a) Whenever necessary and/or appropriate for the provision of related services, including companies within its business group;
b) With companies and individuals hired to perform certain activities and services on DPC’s behalf ;
c) With suppliers and partners for the rendering of services contracted with DPC (such as those pertaining to information technology, and so forth);
d) For administrative purposes such as research, planning, service development, security and risk management, including companies within its business group;
e) Whenever necessary due to a legal obligation, a requirement made by a competent authority, or a court order.

Whenever personal data is shared with third parties, it must be used in a manner that is consistent with the purposes for which it was collected (or to which the user had previously consented) and pursuant to this Privacy Policy, privacy standards of other websites or foreign countries, and all applicable privacy and data protection laws.

Under certain circumstances and insofar as necessary or appropriate, DPC may disclose personal data to government agencies, consultants, and other third parties in order to comply with the laws in force, court orders or subpoenas, or if DPC reasonably believes that such action is necessary.

Information Security

DPC applies a number of technological security measures and protocols in order to protect personal data that is collected, used or transferred against loss, misuse, tampering or destruction. However, the user should be aware that, since the Internet is an open environment that is not fully protected, DPC cannot be held accountable for ensuring the security of personal data that is transferred over the Internet.

In the event of a security incident, DPC will operate in accordance with Law No. 13,709/2018 and its subsequent amendments.

Data subject rights

Data subjects have the right to access their personal data for the following purposes:

• Confirmation and Access to Data
  Users may access all their personal data that have been collected by the controller.


• Rectification
  Incomplete, incorrect, or outdated data may be corrected at the user’s request.


• Processing restriction
  Consent may be given for some types of data processing, and not for others.


• Cancellation or Deletion
  Users may request the cancellation or deletion of data that is unnecessary, excessive or processed in non-compliance with the General Personal Data Protection Law - LGPD.


• Revocation of consent
  The authorization to process personal data may be revoked at any time.


• Objection
  Users have the right to object to any data processing and information not complying with the laws and to any automated decision affecting their interests, such as those intended to outline their personal or professional profile, or aspects of their personality.


• Explantation
  Users have the right to receive clear and adequate information regarding the criteria and procedures adopted by their companies.


• Right to information
  Users shall receive information about all public and private entities with which the controller has shared their data.

Users may make the requests listed above by contacting our Data Protection Officer (DPO) at lgpd@dpc.com.br. Requests will be analyzed and acted upon in accordance with the applicable laws.

Use of cookies on the website

Our website contains cookies. By accessing it, users consent with the use of cookies on their devices, as explained below.

A cookie is a file containing an identifier (a string of letters and numbers) that is sent from a web server to a web browser and is stored by the latter. The identifier is then sent back to the server each time the browser requests a page from it.

Cookies have different functions. Notably, they allow users to easily browse through webpages, recall their preferences and optimize their experience. These cookies can be stored on the users’ devices to help identify their computers. Cookies can be "temporary" or "persistent".

DPC uses cookies to store information about navigation and its website, mainly to provide a better user experience, aiming at managing the registration process and general administration, or when offering information services by e-mail and/or newsletter subscriptions. In some special cases, we may also use cookies provided by trusted third parties, such as Google, LinkedIn, etc.

For more information about our Cookie Management Policy, including on how to change your cookie settings, click here.

Data Protection Officer (DPO) and contact information

DPC has appointed Ronaldo Pereira as its Data Protection Officer (DPO). Contact can be made via the following e-mail: lgpd@dpc.com.br.

Websites of third parties

DPC's website may contain links to third-party websites. DPC does not represent or guarantee the security of those pages, and assumes no responsibility for them, their content and their processing of data. Upon accessing links to third-party websites, you should inform yourself of their corresponding privacy policies and practices.

Changes to this Privacy Policy

This Policy is effective as of August 2021. DPC reserves the right to modify this Policy from time to time to better accommodate newer technology, practices and regulatory requirements, among others. The updated version will always be made public on this website.

Forum selection

This Policy is subject, in all its aspects, to the laws of Brazil. The jurisdiction of the Judicial District of the Municipality of Rio de Janeiro, State of Rio de Janeiro, Brazil, is hereby elected as the sole competent to settle any issues arising out of this contract, to the exclusion of any other jurisdiction, however privileged it may be.

Last updated on: 07/15/2022