We, at CERTPONTO, offer a digital platform to provide companies greater management, costs savings, mobility, flexibility, proximity, and security through our solution, which offers: time tracking, work schedules delegation for key resources, time attendance control, management, organization, and storage of documents, and much more.
We are committed to safeguarding the protection of Personal Data of individuals who interact with our Website and pages. Therefore, as the “You,” the Data Subject, you have the right and duty to read this document entirely at any time to understand how we act.
Here, you will find information on how your personal data is collected, used, shared, and stored through our Website.
If you do not agree with this Policy, please do not continue to provide your data and cease the use of our Website.
1. What personal data does CERTPONTO process?
The personal data processed by CERTPONTO may vary depending on the type of interaction with our Sites and the category of data subject to which you belong, as classified in the “Data Subjects” section, and may be obtained directly from the Data Subject, obtained from third parties, or automatically collected.
The personal data may include:
- Access information, such as browsing history, interaction with content, and page views;
- Contact information, such as full name, email address, phone number, mobile;
- Browsing and device information, such as IP address, access dates and times, device information, cookie data;
- Professional information, such as job title and company where the Data Subject works or has a professional relationship;
We do not necessarily collect all the data identified here. The personal data collected will depend on the interaction with our Sites and Services.
We process the personal data of some categories of individuals – Data Subjects. This means that our Data Subject (“You”) may fit into one or more of these categories, which we divide into:
- Visitors: Users who access our Website without any specific interaction;
- Leads: Individuals who have had contact with CERTPONTO or its partners by filling out forms or registering interest;
2. How do we handle your personal data?
A. Visitor Data
Processing and purpose. When accessing and browsing CERTPONTO’s websites and pages, we may collect and process certain personal data to enable your access to our Sites and improve our marketing strategies and promotion of our Services, ensuring that our communication through the Sites and contact with you is always evolving.
To facilitate a clear understanding of how and for what purpose we may process your data in this context, you can consult the following illustrative table:
| Purpose of personal data processing | Processed personal data | Legal Basis |
|---|---|---|
| Website access |
| Contract performance |
The use of cookies on our Website and pages also involves the processing of personal data. To learn more about what cookies are, which cookies we use on the CERTPONTO Website and pages, and how to delete or block them, please refer to our Cookie Policy.
B. Certponto Leads Data
Processing and purpose. We also process Personal Data when you contact us through web forms, Website pages, or CERTPONTO landing pages, when you interact with post content, among other means of contact that may be linked to our Website and pages. This processing includes the purposes of responding to your request, sending email communications that we consider may be useful to you, promoting our Services, and, if you show interest, presenting a commercial proposal for our Services.
In these situations, some examples of the data involved in the processing activities, as well as their purposes and legal bases, are as follows:
| Purpose of personal data processing | Example | Processed personal data* | Legal Basis |
|---|---|---|---|
| Disclosure of CERTPONTO services | When you fill out a form indicating that you want access to materials such as ebooks or that you want to receive our content by email, or when we promote marketing campaigns about our services. |
| Legitimate interest |
| Sending communications | When you agree to receive materials, content, and news that we believe will be useful to you. |
| Legitimate interest |
| Sale of CERTPONTO services | When we contact you to present a commercial proposal. |
| Legitimate interest |
| Customer support | When you contact us through our contacts, such as contacting us through our contact form to schedule a demonstration. |
| Legitimate interest |
| Improvement of CERTPONTO services disclosure | When we analyze our marketing actions to improve our marketing strategies, and this may include access to Personal Data. |
| Legitimate interest |
* More examples of data that fall within registration, professional, banking, access, browsing, and device information are listed in the “Processed personal data” section. We may also process other personal data that you provide to us beyond those mentioned in the mentioned spreadsheet.
3. How do we use cookies?
What are cookies?
Cookies are small text files located in the visitor’s browser. They are used to assist the visitor in navigating the websites more efficiently and performing certain functions.
Cookies are created when the browser loads a website. When the visitor returns to the same site, the site can recognize the visitor because the browser informs the existence or non-existence of cookies. It’s worth noting that cookies are not only created by the site being browsed, but also by other sites that display ads, widgets, and other elements on the loaded page.
The term “cookie” includes other technologies such as pixel tags, mobile device identifiers, and web storage.
Furthermore, they have purposes according to their collection, such as:
- Cookies strictly necessary for the use of the service, such as user session cookies;
- Performance cookies that collect information from visitors for better website performance;
- Functionality cookies that allow the site to remember the choices made by the visitor;
- Targeting or advertising cookies that are used to provide more relevant and interesting ads.
How does CERTPONTO use cookies?
| Cookie type | Purpose |
|---|---|
| Strictly necessary | These cookies are essential for the website features to work and provide the requested services. |
| Performance/analysis | We use these cookies to check how the CERTPONTO website is accessed, used, and how it is running. We analyze the data to maintain, operate, or improve our services. |
| Functionality | We use these cookies to enhance your experience, so that your preferences are relevant on the site. For example, remembering articles you have consumed or content you have accessed. |
How to manage your preferences
You can manage your cookie preferences at any time through your browser’s functionality. If you no longer want to accept their use, you can open the browser settings to accept, refuse, or delete cookies.
Refusing cookies may prevent access to some features of the CERTPONTO websites.
4. Legal bases for data processing
Legal bases used. Any processing of personal data carried out by CERTPONTO is based on a legal basis provided by applicable law. The legal bases used by CERTPONTO may vary depending on the context of the processing. We use the following legal bases:
- Contract performance: When CERTPONTO processes personal data in the performance and/or preparation of a contract;
- Regular application of rights: When there is a need to process personal data in connection with a judicial, administrative, or arbitration proceeding;
- Compliance with legal or regulatory obligations: When CERTPONTO is required to process personal data by virtue of a legal or regulatory obligation;
- Legitimate interest: When CERTPONTO decides to process data to meet its legitimate interests. Such processing activities have undergone a thorough analysis involving the evaluation of the necessity and purpose of the processing, the data subject’s expectations regarding the processing of personal data, and the proportionality with respect to safeguarding the data subject’s rights.
5. Who does CERTPONTO share your data with?
Sharing of Personal Data. To enable the execution of processing activities, CERTPONTO may share some of the collected Personal Data with third parties. To understand these relationships, you can view the table below for the recipients of the sharing and the reasons why this happens.
| Recipients | Reasons for Sharing |
|---|---|
| Service Providers | We use platforms to operationalize certain processes within CERTPONTO. Data may be shared with these platforms that contribute to processes that supports our solution, such as sales, marketing, and customer success. We only share what is necessary to provide a more comprehensive service. |
| Personal Data Protection Authorities and Legal Actions | If required by Personal Data Protection Authorities or in the event of a Legal Action, we may share your data to comply with legal requirements, as provided by the applicable legislation, or for the regular application of rights. |
6. What are your rights as a data subject?
6.1. Know your rights
Know, as shown in the table below, what your rights are based on the principles of personal data protection legislation.
| Fundamental Rights | Practical Applicability |
|---|---|
| Confirmation of data processing | The data subject has the right to know whether their personal data is being processed or not. CERTPONTO must provide this information upon request from the data subject. |
| Access | The data subject will have easy access to information (both electronic and printed) about the processing of their data and specifically which personal data is being held by CERTPONTO. |
| Rectification | The data subject can request the correction of their personal data if it is incomplete, inaccurate, or outdated for any reason. |
| Deletion of unnecessary or excessive data or data processed in non-compliance | The data subject has the right to request the deletion, blocking, or anonymization of unnecessary or excessive data or data processed in non-compliance with the law. |
| Deletion of data processed based on consent | The data subject has the right to request the deletion of their personal data if it is processed solely based on consent. However, if there is another legal basis justifying the retention of the data or if any of the situations described in Article 16 of the LGPD apply, the data may be retained. |
| Explanation and information | The data subject has the right to be informed about the possibility of not providing consent and the consequences of refusal, as well as the public and private entities which the controller has shared data. |
| Revocation of consent | The data subject has the right to revoke their consent of processing their personal data after it has been obtained. |
| Review of Automated Decisions | The data subject has the right to request a review of decisions based solely on automated processing of personal data that affect their interests. This includes decisions aimed at defining their personal, professional, consumer, and credit profile, or aspects of their personality. |
| Portability | The data subject has the right to data portability to another service or product provider upon explicit request. |
6.2 – Requests
If the data subject has any questions about the data processing carried out by us or wishes to exercise any of their rights under applicable law, they can make a request. For example, the data subject can request access, rectification, or deletion of their personal data.
Requests related to any of these rights should be made through the following email address: privacy@certponto.com.br.
7. How long will your personal data be stored?
7.1. Processing Period
The Personal Data indicated in this Policy will be processed by us in accordance with the law until any of the following occur:
- The purpose of the processing is achieved;
- The data is no longer necessary or relevant for the intended purpose;
- The data subject’s right to delete personal data is exercised, in case there are no other purposes justifying its retention, such as legal or regulatory obligations, and/or in the case of data processing based solely on consent;
- A potential penalty is imposed by the authority responsible for overseeing the applicable legislation;
Furthermore, in specific situations, CERTPONTO and its Service Providers may retain personal data even after the termination criteria for processing, due to compliance with legal or regulatory obligations. In such cases, personal data will be stored for the time necessary to comply with the legal or regulatory obligation, always in a secure location with segmented access.
8. Changes and adaptations to this Policy
Updates to this Privacy Policy. We are constantly evolving, so changes or adaptations may be necessary to this Policy. Therefore, it is important for you to check it regularly when using our website and pages.
9. How to contact CERTPONTO?
Get in touch. We comply with all applicable Brazilian legislation regarding data protection and privacy. Any questions or requests regarding any item in this policy can be sent to the email privacy@certponto.com.br.
Glossary
- Services: Refer to the services provided by CERTPONTO, including the provision of the CERTPONTO platform, which offers functionalities such as time tracking, shared management of work schedules with key personnel in teams, attendance control, management, organization, and storage of documents, among others.
- Website and pages or simply Website: Includes the pages that are linked to the CERTPONTO website, as well as other pages owned by the company, not necessarily linked to this website but disclosed through it, CERTPONTO’s social media platforms, or other official CERTPONTO communication channels;
- Data Subjects: Refers to the individuals to whom the personal data that is subject to processing relates;
- Visitors: Refers to the Data Subjects who visit or access CERTPONTO’s websites or pages;
- CERTPONTO Leads: Refers to the contacts or potential customers of CERTPONTO who have interacted or interact with our content through filling out contact pages, scheduling demonstration sessions, signing up to receive newsletters or useful content through their contact information, and/or other situations involving the disclosure and promotion of our Services;
- Inclusive and Including: mean “inclusive, without limitation” and “including, without limitation,” respectively;
- The singular includes the plural and vice versa, and each gender includes the other;
- Additional Terms, Attachments, Schedules, Communications, Informative Documents, and any other appendices, provisions, and documents are part of this Privacy Policy and have the same effect as if they were expressly included in the body of this Policy, so any reference to one includes a reference to the others;
Last updated: August 2022.