Fechar
Escolha o idioma
ICT Consultoria em Tecnologia Ltda. (ICT) operates with the purpose of contributing to its clients achieving the necessary levels of excellence in utilizing the innovative solutions and technologies it supports, and being able to count on the expertise of ICT employees for the challenges they face in their daily activities. We are committed to protecting our clients’ data privacy, ensuring the security of personal data, and complying with the General Data Protection Law (LGPD).
This data privacy policy explains how ICT collects, uses, stores, and shares personal information of our clients. It also describes the security measures we implement to protect this information.
The company effectively seeks to keep its employees trained to contribute to the implementation of solutions, technologies, and practices that promote the digital transformation of its clients, strategically aligned with the guidelines of its partners and with legal security.
ICT is committed to respecting the privacy, protection, and security of personal data, as long as the condition of the relationship with the client requires it, in accordance with the legislation relating to privacy and personal data protection in Brazil, such as Law No. 12.965/14 (Civil Rights Framework for the Internet), Law No. 13.709/2018 (LGPD), among other national and international regulations regarding privacy and personal data protection.
ICT, under the current conditions established in its service provision contracts and software solution provision, does not carry out operations for processing personal data. The company’s purpose is to promote the use of the technologies it supports and sells, not the manipulation of sensitive data. Thus, ICT cannot be characterized as a Data Controller or Data Processor, according to the definitions in the LGPD.
This Policy applies to (i) ICT employees; (ii) all third parties, whether individuals or legal entities, who may act for or on behalf of ICT.
This Privacy Policy may be updated, and therefore we invite the Data Subject to periodically consult this document.
Data Subject: a natural person to whom the personal data being processed refers;
Personal Data: information related to an identified or identifiable natural person;
Sensitive Personal Data: personal data regarding racial or ethnic origin, religious belief, political opinion, affiliation with a union or a religious, philosophical, or political organization, data regarding health or sexual life, genetic or biometric data, when linked to a natural person;
Anonymized Data: data related to the data subject that cannot be identified, considering the use of reasonable and available technical means at the time of its processing;
Controller: a natural or legal person, public or private, who makes decisions regarding the processing of personal data;
Processor: a natural or legal person, public or private, who processes personal data on behalf of the controller;
Data Protection Officer: the person appointed by the controller and processor to act as a communication channel between the controller, the data subjects, and the National Data Protection Authority (ANPD);
Processing: any operation performed on personal data, such as collection, production, receipt, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, evaluation, or control of the information, modification, communication, transfer, dissemination, or extraction;
Anonymization: the use of reasonable and available technical means at the time of processing, through which data loses the possibility of being associated, directly or indirectly, with an individual;
Consent: a free, informed, and unequivocal manifestation by which the data subject agrees to the processing of their personal data for a specific purpose;
National Data Protection Authority (ANPD): a public administration body responsible for ensuring, implementing, and supervising compliance with the LGPD throughout the national territory.
ICT, its Affiliates, Members, and Third Parties shall prioritize the maintenance of confidentiality of all information they may come into contact with as a result of activities carried out at ICT CONSULTORIA EM TECNOLOGIA LTDA.
The disclosure, whether verbally or in writing, of confidential or sensitive information of ICT CONSULTORIA EM TECNOLOGIA LTDA. and its affiliates is prohibited.
As a transparency measure, ICT will ensure its clients can conduct periodic audits or consultations to verify its status as not being a Data Controller or Data Processor, as necessary for the execution of its services;
As long as ICT does not take the initiative to become a Data Controller or Data Processor, any receipt of documents, communications, or files that deal with personal data from its clients will be refused;
We store personal data securely, using security measures to protect them from unauthorized access. Clients’ personal data will be stored for a reasonable period, after which they will be deleted.
ICT does not act as a Data Controller or Data Processor. Clients’ data are collected with the consent of the data subject.
The data collected is limited to information such as name, email address, CPF/CNPJ, phone number, and postal address when it concerns a legal entity for billing purposes.
We collect this data only if it is necessary for the provision of our services.
We use clients’ personal data solely for the provision of our services, mainly for issuing invoices, billing, or ticket management on the ITSM platform.
In the ticket management process in ITSM, the first name, last name, and email registered at the request of the Data Subject, as well as information related to incidents, will be maintained by the ITSM solution JIRA,
with access to these tickets being restricted to the client’s employees and ICT employees, being electronically discarded after the end of the contractual relationship with ICT.
We do not share personal information with third parties without the consent of the data subject.
Except where required by law, we will not sell, license, or share personal information with third parties for commercial purposes.
We implement security measures to protect personal information against unauthorized access, alteration, destruction, and/or improper disclosure.
Our employees and partners undergo awareness training and sign NDAs to respect clients’ data privacy.
Clients have the right to request access, correction, updating, or deletion of their personal data that we hold.
Clients also have the right to request the restriction of the use of their personal data or to object to the processing of their personal data.
To exercise these rights, clients must contact us via email at complianceofficer@ictconsult.com.br.
ICT, its Affiliates, Members, and Third Parties shall prioritize the maintenance of confidentiality of all information they may come into contact with as a result of activities carried out at ICT CONSULTORIA EM TECNOLOGIA LTDA.
ICT does not act as a Data Controller or Data Processor; thus, sensitive data is not collected or processed.
ICT does not collect data from children and/or adolescents.
We will store the collected client data for the time necessary for the purposes set out in this policy or until deletion is requested.
ICT has its legal representative responsible for managing the data protection policy.
The confidentiality of the data processed by ICT is described in “CHAPTER XIV – CONFIDENTIALITY OF INFORMATION” of ICT’s Code of Ethics.
This version of the Privacy Policy was last updated on: 20/12/2022.
ICT reserves the right to modify these rules at any time, especially to adapt them to the evolution of its services, whether by providing new functionalities or by suppressing or modifying existing ones.
