Terms of Use

DATA SUBJECT TREATMENT AGREEMENT 

CONSIDERING that due to the activities performed, Log-In Logística Intermodal S.A, its subsidiaries and affiliates (“LOG-IN”), have access to personal data, which constitute confidential information, according to the internal information classification policy (PG-TECNOLOGIA DA INFORMAÇÃO-0016) and have specific discipline in Brazilian legislation.

CONSIDERING that, through this instrument, the conditions for the processing of such personal data are adjusted, as well as defining the rules regarding its use and protection.

The natural person to whom the personal data referred to are subject to processing (“Data Subject”), by agreeing to this Personal Data Processing Agreement (“Agreement”), declares their EXPRESS CONSENT, under the conditions for the processing of such personal data, through the clauses and conditions that follow:

  1.  CLAUSE ONE – OBJECT

    1.1 The purpose of this Agreement is to regulate the operation of personal data processing carried out by LOG-IN and all its subsidiaries and affiliates, as determined by Federal Law No. 13,709/18, also called the General Data Protection Law (“LGPD”).

  2. CLAUSE TWO – DEFINITIONS AND INTERPRETATION

    2.1 In this agreement:

    1. Personal Data: information related to an identified or identifiable natural person. For clarification, Personal Data means any information about an identified or identifiable person. The person is identifiable if the Personal Data contains direct identifiers, such as name or full address; or if it is likely that the Parties or a third party can identify the person by other means, such as, for example, a customer identifier number, which can be linked to their name and/or other identifying data.

    2. Sensitive Personal Data: personal data about racial or ethnic origin, religious belief, political opinion, union membership or membership of a religious, philosophical or political organization, data relating to health or sex life, genetic or biometric data, when linked to a natural person.

    3. Processing: any operation carried out with personal data, such as those referring to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction.

    4. Security Incident: any destruction, loss, alteration, access, or disclosure of Personal Data, whether accidental, unlawful, or unauthorized.

    5. Data Subject: natural person to whom the personal data subject to processing refer.

    2.2 In case of ambiguity between different documents, the provisions of this Agreement shall prevail regarding the processing of Personal Data, followed by what is provided to identify the predominance of the documentation (e.g., Confidentiality Agreement).

  3. CLAUSE THREE – RELATIONSHIP BETWEEN THE PARTIES

    3.1 During the Processing of Personal Data, LOG-IN:

    1. Will process Personal Data exclusively for the purposes determined by this Agreement. If LOG-IN is required by legal and/or administrative norm or by judicial and/or administrative decision to process Personal Data for other purposes, it must inform the Data Subject in advance;

    2. Shall comply with the applicable personal data protection regulations, including LGPD, and notify the Data Subject immediately if any instruction violates any applicable data protection regulation;

    3. Under no circumstances shall process Personal Data shared under this Agreement for purposes unrelated to the execution of this except for compliance with legal or regulatory obligations, administrative or judicial decision.

  4. CLAUSE FOUR – PERSONAL DATA PROCESSING

    4.1 The processing operations to be carried out by LOG-IN are defined below:

    1. The object, nature, and purpose of the Processing comprise the collection, storage, and transfer of personal data, complying with the principle of transparency (art. 6, item VI, of the LGPD);

    2. The category of Data Subjects is any identified or identifiable natural person with access and circulation exercising activities in the areas of visitor movement and access points to the entry and exit of LOG-IN and its subsidiaries and affiliates;

    3. The types of Personal Data to be processed and their purposes are:

    • Personal Data: name, position, email address, telephone, and company.
    • Sensitive Personal Data: we do not process sensitive personal data.
    • Purpose: the processing of data aims at building customer relationships and marketing campaigns.

    4.2 The Processing will last as long as necessary for the purpose for which this Agreement is intended to be achieved, or until you deem it no longer convenient for LOG-IN to keep your data and request the right to be forgotten or unless applicable legislation allows its retention.

  5. CLAUSE FIVE – INFORMATION SECURITY MEASURES AND INFORMATION SECURITY INCIDENTS

    5.1 Log-In will implement appropriate technical and organizational measures to protect Personal Data against adverse events related to the breach of Personal Data security, such as unauthorized, accidental, or unlawful access resulting in destruction, loss, alteration, leakage, or any form of inadequate or unlawful Data Processing, which may pose risks to the rights and freedoms of the Data Subject.

    5.2 In the event of a Security Incident that may result in a significant risk or damage to the Data Subject, LOG-IN:

    1. Will take immediate measures to address the Incident to identify, eliminate, mitigate, or remedy its effects.

    2. Will notify the National Data Protection Authority and the Data Subject of the occurrence of a security incident as soon as possible, providing a detailed description of the event, including, but not limited to:

    (i) possible consequences and negative effects on the affected data subjects;

    (ii) description of the affected personal data and information, such as the nature and content of personal data, category and quantity of data and affected data subjects;

    (iii) possible consequences and negative effects on the affected data subjects;

    (iv) summary of measures implemented to control potential damages.

    3. Will not disclose any information related to the incident to third parties, except to comply with legal or regulatory obligations.

  6. CLAUSE SIX – RELATIONSHIP WITH THIRD PARTIES

    6.1 LOG-IN may provide access or transfer any Personal Data to a third party within the national territory or abroad for the purpose of executing this Agreement. It will not provide access or transfer any Personal Data to a third party unrelated to the purpose for which this Agreement is intended.

    6.1.1 Any third party subcontracted by LOG-IN must be bound by terms and conditions at least identical to those of this Agreement, suitable to the applicable laws and regulations on personal data protection.

    6.2 LOG-IN will ensure that employees, workers, or any type of collaborator it hires who depend on access to the Personal Data processed under this Agreement will be bound by confidentiality and personal data protection terms no less protective than those provided in this Agreement.

  7. CLAUSE SEVEN – TRANSFER OF PERSONAL DATA

    7.1 The PERSONAL DATA we process preferably occur in our own systems and files. However, sometimes we need to share the data with service providers who assist us in storage, authenticity verification, compliance with legal obligations, defense of our rights in processes, for example.

    In these cases, we take every care to require these companies and professionals to demonstrate a commitment to privacy and data protection and to adopt best governance and security practices, safeguarding the integrity of our Privacy Policy.

  8. CLAUSE EIGHT – INTERNATIONAL TRANSFER OF PERSONAL DATA

    8.1 As information technology companies operate globally, certain treatments, such as cloud storage, may require the transfer of your data to other countries.

    Even in these cases, the data continues to be treated in accordance with the LGPD (General Data Protection Law) and other applicable laws and regulations. LOG-IN takes appropriate security measures and requires the same commitment from its suppliers, partners, consortium members, and service providers to comply with best practices in data processing.

  9. CLAUSE NINE – TERMINATION

    9.1 In any case of termination of this data processing, or upon request of the Data Subject, LOG-IN, if requested, will return the Personal Data received from the Data Subject, and its respective copies, or will destroy them, certifying the measure in writing, unless applicable legislation allows their retention.

  10. CLAUSE TEN – HOW TO CONTACT OUR DATA PROTECTION OFFICER

    10.1 The data protection officer is responsible for acting as a communication channel between the controller, data subjects, and the National Data Protection Authority (ANPD). You can contact them by email: privacidade@loginlogistica.com.br or by phone: +55 21 2111-6500.

    This policy is governed, interpreted, and executed in accordance with the Laws of the Federative Republic of Brazil, especially Law No. 13,709/2018, regardless of the laws of other states or countries. The forum of the capital of Rio de Janeiro is elected as the only competent court to settle any doubts arising from this instrument.

Social media & sharing icons powered by UltimatelySocial