3.2. Required Data: the Sites functionalities depend directly on some Data provided in the table above, especially the User's Registration Data. If User chooses not to provide some of such Data, they may be unable to participate in the Activities.
3.3. Data Update and Veracity: User is solely responsible for the completeness, accuracy and veracity of the Data provided by then when registering in the Sites. It is the User's responsibility to keep them up to date, and User may correct or update them through the Sites.
3.3.1. Likewise, Oxiteno shall not be obliged to process any of the User Personal Data if there is reason to believe that such Personal Data Processing may cause any violation of any applicable law, or if it is verified that User is providing Data, making use of the Sites and/or participating in its Activities for any illegal, unethical, unlawful or contrary to morality purposes.
3.4. Database: the database formed through the collection of Data is the property and responsibility of Oxiteno, and its use, access and sharing, when necessary, shall be made within the limits and purposes of the business described in this Policy.
3.5. Child and Adolescent Data: our platforms are not intended for persons under 18 (eighteen) years of age, so we do not knowingly collect or perform any kind of Personal Data Processing in connection with such Data. If User does not have the minimum age required, they shall not register on the Sites or access them without the representation of their parents, guardians or trustees, under the terms of law. If we unintentionally identify Personal Data of minors in our database, we shall remove such Data.
3.6.1. The technology used by Oxiteno shall always comply with the current legislation and the terms of this Policy.
3.7. During the use of the Sites, Oxiteno may employ Profiling, in order to enhance User experience, in accordance with the provisions of this Policy and with current legislation.
4. HOW DATA AND INFORMATION ARE SHARED
4.1. Events of Data Sharing. The Data collected and records of processing activities may be shared, always respecting the sending of the minimum information required to achieve the purposes described in this Policy:
(i) with Partners whose performance is necessary for execution of the Activities or for the benefit of User, provided that such Partners shall always be required to comply with the security and data protection guidelines, according to item 5.5 of this Policy;
(ii) with companies hired for the provision of operational services inherent to the Sites and the exercise of activities, provided that such organizations shall always be required to comply with the security and data protection guidelines, according to item 5.5 of this Policy; and
(iii) with proper judicial, administrative or governmental authorities, whenever there is legal determination, application, request or court order.
5. HOW THE DATA IS PROTECTED AND HOW USER CAN ALSO PROTECT THEM
5.1. Password Sharing: User is also responsible for the confidentiality of their Data, and shall always be aware that sharing passwords and access Data violates this Policy and may compromise the security of their Data, Sites and Activities.
5.2. Cares to be taken by User: it is very important that User protects their Data from unauthorized access to their computer, account or password, and to make sure to always click on “exit” when finishing their navigation in a shared computer. If User suspects that their password may have been exposed/compromised, they shall change it in a timely manner, avoiding the exposure of the information protected by such password. It is also important that User be aware that Oxiteno shall never send electronic messages with executable attachments (extensions: .exe, .com, among others).
5.3. Access to Personal Data, Proportionality and Relevance: at Oxiteno, the Personal Data collected shall only be accessed by duly authorized professionals, respecting the principles of proportionality, necessity and relevance to the purposes of the Activities, in addition to the commitment to confidentiality, protection of Personal Data and preservation of User privacy under this Policy.
5.4. External Links: when User uses the Sites, they may be directed, via Link, to other portals or platforms, which may collect User information and have their own privacy and Personal Data Processing policies.
5.4.1. User shall read the Privacy and Personal Data policies adopted by such portals or external platforms, and shall be responsible for accepting or rejecting them. Oxiteno is not responsible for the policies of third parties and/or the content of any websites or content of the services linked to environments other than those of the Sites.
5.4.2. User may also be redirected to websites of companies directly or indirectly controlled by Oxiteno. As this Policy addresses only the Sites, User shall be aware of the rules of use and privacy of such websites.
5.5. Partner Services: Oxiteno may enter into agreements with Partners that shall offer services and/or products directly to User, which terms and conditions may be accessed through Oxiteno newsletters sent through our official communication channels. The Data provided directly by User to such Partners shall be the sole responsibility of such Partners, being thus subject to their own practices for collecting and using Data.
5.6. Processor: if third party companies process Personal Data on behalf of Oxiteno, they shall comply with the terms provided for in this Policy and in the information security standards adopted by Oxiteno.
6. HOW PERSONAL DATA AND ACTIVITY LOG ARE STORED
6.1. The Personal Data collected and the Activities register are stored in a safe and controlled environment, for as long as they are required for Personal Data Processing, provided that Oxiteno shall have the right to retain the registry history of the User Data for the purposes of auditing, security, fraud control and preservation of rights in the events established by law or regulatory rule or for the preservation of rights.
6.2. Oxiteno may hire cloud data storage services from servers located outside Brazil. If such event, Oxiteno shall hire Cloud Computing services that have all the technical, organizational and administrative structure that ensures the security and integrity of Personal Data, as well as with comply with the principles and obligations related to the Personal Data Processing.
7. WHAT ARE THE USER RIGHTS AND HOW TO EXERCISE THEM
7.1. Subject’s Rights: User may request the Data Protection Officer, through e-mail: email@example.com:
(i) confirmation of the existence of Personal Data Processing;
(ii) restriction on the use of their Data;
(iii) the display and/or correction of their Data;
(iv) express their opposition and/or revoke consent to the use of their Personal Data; or
(v) request the deletion or Anonymization of their Personal Data that has been collected within the Sites.
If User opposes the Personal Data Processing linked to fundamental purposes, in order to impact the regular operation of the Activities and Sites, User shall be aware that they shall not have access to the Activities and functionalities offered by the Sites.
7.3. At the end of the maintenance period and legal need, Personal Data shall be deleted using safe disposal methods, or used in an anonymized manner for statistical purposes.
8. INFORMATION ON THE POLICY
8.1. Change of Content and Update: this Policy is subject to ongoing enhancements and improvements, and Oxiteno reserves the right to modify it at any time, at its sole discretion, or for adequacy and legal compliance with a provision of law or rule that has equivalent legal force, and User is responsible for verifying it whenever they makes use of the Sites and participates in its Activities.
8.2. If there are updates to this document requiring a new collection of consent, User shall be notified through the contact channels informed by them.
8.3. Unenforceability: If any provision under this Policy is deemed unenforceable by a final and unappealable decision by ANPD or the Judiciary Branch, the other conditions shall remain in full force and effect.
8.4. Electronic Communication: User acknowledges that all communications made by email (to the addresses informed in their registration), SMS, instant communication applications or any other digital form are valid, effective and sufficient for the disclosure of any matter that refers to the Policy, the User Data, as well as any other subject related thereto.
8.5. Service Channels: In case of any doubt regarding the provisions of this Policy, User may contact the service channel informed below, from Monday to Friday, from 9:00 to 18:00, excluding holidays:
Contact Us: http://www.oxiteno.com/contato
User may also contact the DPO directly through the e-mail firstname.lastname@example.org, or the address located at Avenida Brigadeiro Luís Antonio, nr. 1,343, São Paulo - São Paulo, Brazil.
8.6. Applicable Law and Jurisdiction: this Policy shall be constructed in accordance with Brazilian law, and the jurisdiction where Oxiteno has its domicile shall be elected to resolve any dispute involving this document, unless a specific proviso is make to personal, territorial or functional jurisdiction under applicable law.