STAUFF BRAZIL LTDA.
Version updated on: January 01, 2024.
1. Relevant Definitions
3. Information on the Personal Data Collected
4. Sharing Personal Data with Third Parties
5. Legal Basis and Purposes for Processing Personal Data
6. Storage and Protection of Personal Data
7. International Transfer of Personal Data
8. Rights of Users, Owners of Personal Data
9. Personal Data Storage Period
10. Contact Information
1. RELEVANT DEFINITIONS:
1.1.1. IP address: Internet Protocol address, the code assigned to a terminal on a network to enable it to be identified, defined according to international parameters.
1.1.2 Internet: the system consisting of a set of logical protocols, structured on a global scale for public and unrestricted use, with the purpose of enabling data communication between terminals via different networks.
1.1.3 Website: the website made available at Stauff's www.stauff.com.brhttps://www.br.stauff.com/ address through which the User accesses the Content and/or purchases the Products.
1.1.4 Users (or "User" when considered individually): all natural persons who access and use the Website. The Site is aimed at individuals over the age of eighteen (18) or emancipated and fully capable of practicing the acts of civil life or those who are absolutely or relatively incapable, provided that, in this case, they are duly represented or assisted.
Terms beginning with capital letters, including but not limited to "Personal Data", "Processing", "Data Subject"; "Controller", "Operator", "Incident" and "Legal Basis" have the meanings assigned to them in the LGPD.
2.3 The terms "Processing", "Controller", "Operator", "Data Subject" and "Personal Data" are used in accordance with the definitions of the LGPD.
3. INFORMATION ON PERSONAL DATA COLLECTED:
3.1 In order to enable access to certain Content on the Site, to enable the purchase of Products, as well as to keep the Site operational and up to date and to maintain a good relationship with the User, Stauff may collect the information and Personal Data set out below.
3.2 Information and Personal Data that Users choose to provide
3.2.1 The User may choose to provide some Personal Data in order to send a message to Stauff in the "Contact" environment and to receive e-mail marketing.
3.3 Information and Personal Data required to purchase Products via the Website
3.3.1 Registration data, payment data and data on products purchased will be processed so that Stauff can sell and deliver the products to users who purchase them via the website, as well as for customer relationship management.
3.4 Information and Personal Data collected while using the Website
3.43.1 Cookies. Stauff may collect browsing information or Personal Data from Users in an automated way using cookies. Cookies are small files which may or may not be added to your terminal and which make it possible to store and recognize data from your browsing.
22.214.171.124 When browsing the Site, two (2) types of cookies may be used:
Necessary Cookies may collect the following Personal Data :
(i) IP address;
(ii) ID code (IMEI) of the mobile device through which the User accessed the Site; and
(iii) Information regarding the date and time of use of the Site by a given User, from a given IP Address;.
(iv) Geographical location;
(v) Operating system used by the User; and
(vi) Browser and its respective versions;
(vii) IP address;
(viii) ID code (IMEI) of the mobile device through which the User accessed the Site; and
Information regarding the date and time of use of the Site by a given User, from a given IP Address.
(b) Analytical Cookies: the purpose of this type of cookie is to help understand the performance of the Site, measure the audience of the Site, verify the browsing habits of Users on the Site, as well as the way in which the User arrived at the page of the Site (for example, through links from other sites, search engines or directly from the address). Analytical Cookies make it possible to store Users' preferences and customize their experience when using the Site, and may collect Personal Data for marketing purposes. These cookies may be processed with the User's prior consent and may be disabled by Users through the configuration options of their respective browsers. However, by deciding to prohibit the use of these cookies, the User is aware and acknowledges that the Site may not be able to perform all of its functions.
Analytical Cookies may collect the following Personal Data:
(i) Geographical location;
(ii) Operating system used by the User;
(iii) Browser and its respective versions;
(iv) Screen resolution;
(v) Java (programming language);
(vi) Flash player installed;
(vii) IP address;
(viii) ID code (IMEI) of the mobile device through which the User accessed the Site;
(ix) Information regarding the date and time of use of the Site by a given User, from a given IP Address; and
(x) Information regarding the number of clicks and attempts to use the Site, as well as the number of pages accessed by the User.
4. SHARING PERSONAL DATA WITH THIRD PARTIES:
4.1 Personal Data collected while using the Site may be shared with the following third parties :
1a. Companies responsible for sending and collecting goods (logistics) and financial institutions responsible for processing payments, to the extent necessary to carry out the purchase and sale of Products purchased on the Site;
b. Financial assessment companies, to assess the financial suitability of Users wishing to purchase Products from Stauff;
c. Service providers in connection with the operation of this website and Stauff, such as website hosting, the provision of technology-related services, the distribution of promotional material, law firms, accounting firms, billing companies;
d. Other third parties in connection with a corporate restructuring, sale or assignment of assets, merger or divestiture of Stauff or any of our subsidiaries or affiliated companies;
e. Public authorities, government regulators or other law enforcement officials and the courts, as required or permitted by law or when compelled by a binding order; and
f. Other entities of the Stauff group of companies, if applicable considering the internal management defined by the group;
[include categories of third parties with whom data may be shared]
5. LEGAL BASES AND PURPOSES FOR PROCESSING PERSONAL DATA:
5.1 Legitimate interestConsent:
a. Improving the performance of the Site and measuring its audience using Cookies;
b. Evaluation of statistics related to the number of accesses and use of the Website, its features and functionalities using Cookies;
c. Creation of reports for internal use to develop new services and Content using Cookies;
d. Identification of profiles, habits and needs for possible Stauff strategies using Cookies;
5.2 Legitimate interest:
ea. Carrying out analyses related to the security, improvement and development of the Website;
fb. Communication between Users and Stauff, including by sending and receiving e-mails (including personalized marketing);
gc. User relationship management; and
hd. Resolution of queries or complaints.
5.23 Compliance with legal obligations and regular exercise of rights in proceedings:
5.32.1 Stauff may Process Personal Data when necessary to comply with applicable legal obligations, including in relation to financial and regulatory reporting, adverse event reporting and tax obligations, among others, or for the purposes of the regular exercise of rights in judicial, administrative or arbitration proceedings.
5.43 Performance of Contract:
5.43.1 Stauff may Process Personal Data when necessary to fulfill its obligations arising from a contract or preliminary to the contract, as well as for the management of this relationship and the obligations assumed, including, without limitation, with regard to the employment contract or the contract for the purchase of Products.
6. STORAGE AND PROTECTION OF PERSONAL DATA:
6.1 Stauff takes all technical and organizational measures to protect Personal Data and Website Users' Personal Data against loss, unauthorized use or other abuse, ensuring a level of security commensurate with the activities carried out by Stauff, namely:
6.2 Personal Data will be stored in a secure operating environment that is not accessible to the public. We strive to protect the Personal Data we store, through measures such as (a) adopting a governance and privacy program; (b) establishing a team responsible for Personal Data Protection and a Data Protection Officer; (c) adding the principles of "Privacy by Design" and "Privacy by Default" when carrying out activities; (d) creating confidentiality policies with employees; and (e) restricting access to Personal Data based on the "need-to-know" and "least privilege" principles, among others. Despite this, unfortunately we cannot guarantee total security. Unauthorized use of accounts, hardware or software failure and other factors beyond our control can compromise the security of your Personal Data at any time, so we need Users' help to maintain a secure environment for everyone.
6.3 In addition to adopting good security practices in relation to your Personal Data, we are available to assist you if you identify or become aware of anything that compromises the security of Personal Data. In this case, please contact us via e-mail: Ricardo Alberti <email@example.com Ademar Mazzetto <A.Mazzetto@stauff.com .
7. INTERNATIONAL TRANSFER OF PERSONAL DATA:
7.1 As a global company, Stauff may, if necessary, transfer Personal Data collected in Brazil for storage on a server of the Website located in Germany or the United States.
7.2 The National Data Protection Authority ("ANPD") has not yet issued an adequacy decision for Germany or the United States, however, to ensure the same level of protection over your Personal Data, we will formalize a Contract or Policy with the Processing agents involved in the International Data Transfer, adopt one of the mechanisms available under the terms of art. 33, item IX of the LGPD, considering the ANPD's regulations on the subject.
7.3 Some links on the Website may redirect you to the websites of other companies in the Walter Stauffenberg GmbH & Co group, of which Stauff is a part. For more information on how these sites handle your personal data, please visit https://stauff.com/en/privacy.
8. RIGHTS OF USERS WHO HOLD PERSONAL DATA
8.1 By using the Website and providing your Personal Data, Stauff will ensure the rights set out in Applicable Data Protection Legislation, namely:
a. Access: To be aware of the information and Personal Data processed by Stauff on the Website;
b. Correction: Request correction of the Personal Data stored on the Website;
c. Request for Anonymization, Blocking or Deletion of Personal Data: Request for anonymization, blocking or deletion of Personal Data that is excessive, unnecessary or Processed in non-compliance with the LGPD, in which case Stauff will conduct an analysis to verify the excess or any non-compliance in the Processing of Personal Data and, if such non-compliance is confirmed, will comply with the request made;
d. Deletion of Registration: Request deletion of the registration made on the Website. In this case, some Personal Data may remain stored in order to comply with legal obligations or to exercise Stauff's rights;
e. Withdrawal of Consent: Withdraw the consent provided for some functionalities by means of an opt-out;
f. Portability of Personal Data: Request the portability of Personal Data to another product or service provider in an interoperable format, such as a txt file; and
g. Review of Automated Decisions: Request a review of an exclusively automated decision that affects your interests.
9. PERSONAL DATA STORAGE PERIOD:
9.1 The Personal Data collected by Stauff will only be processed for as long as is necessary for us to fulfill the purposes for which we collected it, including for the purposes of complying with any legal, contractual, accountability obligations, defending ourselves in administrative or judicial proceedings or at the request of competent authorities.
9.2 All Personal Data collected will be deleted when the User so requests or when it is no longer necessary or relevant for the provision of services by Stauff. Stauff may, however, retain any Personal Data, even after the User has requested its deletion, when there is any other reason for retaining it, such as any legal obligation to retain the data, or the need to preserve it in order to protect Stauff's rights. To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purpose for processing your Personal Data and whether we can achieve such purposes through other means, as well as applicable legal requirements.
10. CONTACTING US: