We currently carry out processing activities with the following categories of personal data: 

• Registration data: name, e-mail, telephone. 
• Employment data: personal information additional to the registration data, such as PIS, age, marital status, children’s personal data, salary, test results and psychological reports, among others necessary to comply with a legal obligation and for the performance of the employment contract, in addition to serving the organization’s legitimate interests. 
• Browsing data: IP address, MAC address, username and manufacturer/model of the device used. 

• Online behavior data: interactions with our websites and applications through cookies stored on the holder’s device. 
•  

How we use your personal information: 

Personal data processing activities are carried out in full compliance with the principles of privacy and protection of personal data to the fullest extent: 

• All the personal data processing activities that we carry out have a specific, legitimate, explicit and informed purpose to the holder and complete suitability of treatment for the purposes for which they are provided, according to the context of the treatment. 

• The personal data processed are the minimum necessary for the purpose of the treatment and the holders have free access to the processing activities and to the entirety of their personal data. 
• Our organization guarantees the data subjects transparency regarding our use of personal data, safeguarding trade secrets, and the quality of these data regarding their accuracy, relevance and updating according to the need and for the fulfillment of the treatment purpose, being assured to the data subject the right to rectify personal data at any time. 
• The data subjects will have information security measures and prevention of damages due to the processing of personal data within the reasonable limits of enforceability and forecast. 
• We guarantee the good faith and non-discrimination of processing activities for illicit or abusive discriminatory purposes. 
• We carry out the activities of processing personal data in a diligent manner, with responsibility and accountability in order to demonstrate our observance and compliance with the principles and legal obligations for the protection of personal data. 

What are the personal data processing activities we carry out and their purposes: 

We carry out the following personal data and sensitive personal data processing activities for the purposes described: 

• For relationship and communication: 

o Collection, reception, storage, communication, access and use of registration data. 

• For pre-contract activities (recruitment and selection) and performance of the employment contract: 

o Collection, reception, storage, communication, access and use of registration data, academic training data, history of professional experiences. 

• To guarantee the security of the organization: 

o Collection, storage, archiving, use, access, analysis, classification, control, transfer, communication and reproduction of registration and security data. 

• To guarantee the quality of customer service: 

o Collection, storage, archiving, use, access, analysis, classification, control, processing and communication of registration data and navigation data. 

• To comply with a court order; regular exercise of rights in judicial, administrative or arbitration proceedings; inspection and investigative procedures; and legal or regulatory obligations: 

o Collection, reception, storage, archiving, use, access, analysis, classification, control, processing, transfer, extraction and communication of all categories of personal data and sensitive personal data that are minimally necessary and strictly relevant for this purpose. 

What are the information protection and security measures used: 

We use technical, physical, procedural and technological resources to promote and guarantee the security of personal data regarding possible data protection incidents related to unauthorized disclosure, loss or unavailability. 

How long personal data is processed in the organization: 

Personal data is processed in the organization in accordance with our lifecycle policy of personal data. This policy observes the principles of protection of personal data and the legal authorizations provided by law. Once the purpose has been reached and the storage period has expired by authorization or legal obligation, the personal data will be deleted or anonymized, in the latter case being stored for the exclusive purposes of our organization. 

With whom personal data is shared: 

We share personal data with legal entities external to the organization in accordance with the purpose, authorization and legal obligation, as provided in the General Law for the Protection of Personal Data. Are they: 

• Companies, regulatory agencies and other State legal entities: all personal data and sensitive personal data necessary to comply with a court order; regular exercise of rights in judicial, administrative or arbitration proceedings; inspection and investigative requirements; and legal or regulatory obligations. 
• Information technology companies: personal employment data on the occasion of storage in public cloud hosted in Brazilian territory. 
• Other service providers: personal registration data for the purpose of marketing, promotion, guaranteeing the quality of the services provided, solving technical and/or security problems, communicating with the owner and analyzing data to improve service and our services . 

How this Privacy and Personal Data Protection Notice may change: 

This Privacy and Personal Data Protection Notice will be updated when: 

• We modify any relevant element in our Privacy and Personal Data Protection Policy. 
• Include, delete or modify any personal data processing activity. 

• New personal data of any category are added to the personal data processing activities. 
•  

Whenever there is any change in this notice, it will be communicated at this address on our website. The modifications will be effective as soon as they are published here and will never prevent the exercise of the rights of the holders as provided by law.