Huck Otranto CamargoHuck Otranto Camargo
Menu

Home>Privacy Notice

Privacy Notice

Whether you are our client, our business partner, a supplier or our internal staff, Huck, Otranto e Camargo is committed to processing personal data in compliance with the General Personal Data Protection Act (LGPD) and international information security standards.

1. What Personal Data We Process

1.1 Personal data means any information relating to an identified or identifiable natural person which directly or indirectly identifies them, such as name, identity document, address, contact details, etc. When you access our website, we may collect the contact details you voluntarily provide to receive information or news and/or data from your browsing of the website to ensure secure access, including from our network via remote access, or to improve our website and content.

Clients

By virtue of the contractual relationship with its clients and for the proper provision of services, the Firm processes data identifying the client and/or their legal representative, in the case of legal entities, namely: name, CPF, address and contact details, email and telephone.

Internal employees and job applicants

As part of its human resources management process, the Firm processes the personal data of its internal collaborators, employees and trainees, in accordance with the respective contracts and applicable legislation. Some data is mandatory, either for the execution of contracts, such as registration data and bank details, or to comply with legal obligations. For example:

  • Registration data, such as name, identity document and contact information (postal address, e-mail and telephone);
  • Copy of identity document, with facial image;
  • INSS registration number;
  • Bank details to receive payments;
  • Information about medical and health conditions, including any special needs that we need to know about in order to provide suitable working conditions and implement inclusion policies;
  • Connection data to websites, intranet and computer systems provided by the Firm;
  • Data from CVs that the candidate chooses to share with us, such as their academic and professional career; and
  • Sensitive data such as facial or digital images for access to the Firm’s physical premises.

Service providers

The Firm ensures that service providers comply with its personal data protection policy and assume certain obligations and precautions. With regard to the personal data of service providers who are individuals, or partners or legal representatives of legal entities or sole proprietors, the Firm takes care to process only the data minimally necessary for their identification and bank details for payment.

2. Purposes of processing

2.1. The Firm processes personal data for the purpose of providing our legal services, fulfilling contracts and legal obligations, without prejudice to the processing of data necessary for the security of computer systems, prevention and investigation of fraud and illicit acts and for the regular exercise of rights for the defense of the Firm.

2.2 It may also process personal data in order to establish a relevant and assertive dialog with those who browse our site, respecting their interaction preferences and their decision to no longer receive contact from us by unsubscribing from receiving emails and news from the site.

3. Use of Cookies and Similar Technologies

3.1. The Firm uses its own essential cookies to control, monitor and track possible vulnerabilities, incident risks and information security incidents, in order to act preventively and provide a secure environment for our clients, business partners, suppliers and other users.

3.2 It may also use third-party cookies for browsing analysis, but in this case the data generated cannot identify the data subject. When, however, it can identify the user, it will ensure that the processing of data meets the legitimate interest, but always valuing the rights of the holders.

4. How we process your data

4.1 Assumptions. The Firm adopts the following assumptions:

a) Data minimization, in order to collect and process personal data that is minimally necessary and compatible with the purposes described and informed to the data subjects.

b) Transparency, in terms of collection, use and storage, so that data subjects are fully aware of the type of data, its purpose, as well as its conservation and storage period.

c) Confidentiality, based on organizational and technical measures, with management and control of access only to authorized persons and tracking of logs to anticipate and mitigate risks.

d) Prevention and security, with periodic risk assessment, of technical information security measures to ensure adequate protection of personal data, including, where possible, anonymization and pseudonymization.

e) Free access and quality of data, including ensuring that data is clear, accurate and up-to-date.

f) Non-discrimination, so that the processing of personal data is carried out lawfully, without discrimination of any kind.

g) Relationship and sharing with third parties involving the flow of personal data under our responsibility, the Firm will ensure, when necessary for the execution of the services under the Firm’s responsibility, that the respective contracts contain clauses transmitting instructions and disciplining the duties and obligations of the third parties with regard to data protection.

h) Responsibility and accountability. The Firm adopts effective measures capable of proving compliance with personal data protection regulations.

4.2 Storage. Personal data is processed by the Firm for as long as it is necessary or relevant to achieve the purposes indicated above, including for the purposes of study, collection and legal documentation to improve our services, in addition to the hypotheses of conservation provided for in the applicable legislation, in particular in the General Data Protection Law, Marco Civil da Internet, Consumer Protection Code and Civil Code.

4.3 Sharing personal data. The Firm may share data with technology service providers, for computer system security, support and secure data storage. It may also share email contacts of clients or business partners for legal rankings to report and give opinions on our work. Outside of these hypotheses, the Firm does not share your data with third parties, unless legally or administratively obliged to do so or when
essential for the continuity of the Firm’s services, in which case you will be informed in advance.

5. Information Security

5.1 All personal data is stored in a secure environment. The Firm adopts organizational measures, training and qualifying its internal staff, as well as technical measures aimed at information security, to protect personal data from unauthorized disclosure, improper access, modification and accidental or unlawful loss or leakage of data. It applies the best security practices in the processing of personal data, such as access controls and log tracking, with different levels of restricted access to the data collected, encryption, monitoring and periodic security tests, firewall, among others.

6. Rights of Data Subjects

6.1 The Firm ensures that all data subjects can exercise the following rights:

a) Access to personal data, requesting the information you want;

b) Rectification of your personal data at any time;

c) Blocking or deleting personal data that is unnecessary, excessive or processed in breach of the LGPD, safeguarding cases of safekeeping;

d) The right to revoke consent and to delete personal data collected on this basis, when the processing of this data is optional and has its consent as a legal basis, with the exception of the maintenance of data necessary for the legal exercise of a right, compliance with a legal obligation or due to the duty of custody for the legal term of the Marco Civil da Internet, the Consumer Protection Code and the Civil Code; and

e) Right to information about the sharing of personal data about third parties with whom your personal data is shared for the execution of our activities and provision of our services.

7. Other information

This Policy is governed, interpreted and regulated by Brazilian law and is complementary to our Information Security Policy, Compliance Policy and Code of Conduct. If you need anything or have any questions, please contact security@lhoc.com.br.