Facebook Youtube Linkedin Instagram
Facebook Youtube Linkedin Instagram

Online Shop

KOLPLAST CI LTDA.

GENERAL PRIVACY AND PERSONAL DATA PROTECTION POLICY

GENERAL PRIVACY AND PERSONAL DATA PROTECTION POLICY

KOLPLAST CI LTDA.

This General Privacy and Personal Data Protection Policy has been implemented by KOLPLAST CI LTDA. (“Kolplast”) to establish a commitment to the security and privacy of the personal data shared with Kolplast.

This document establishes guidelines and procedures for the processing of personal data shared with Kolplast that are necessary for the conduction of its businesse, in compliance with the General Data Protection Law – LGPD (Federal Law No. 13,709/2018), its regulations, and subsequent amendments.

DEFINITIONS

Data Processing Agent: The controller and the operator.

Competent authority: Indirect public administration body responsible for safeguarding, implementing, and overseeing compliance with the applicable Personal Data Protection Law.

Personal Data Lifecycle: Flow of personal data processing, involving actions of Collection, Storage, Use, Sharing, and Deletion of personal data.

Sharing of personal data: Communication, dissemination, national or international transfer, interconnection of personal data, or shared processing of personal databases by bodies, entities, or individuals, and for one or more types of treatment.

Consent: Free, informed, and unequivocal expression by which the Data Subject agrees to the processing of their personal data.

Controller: Natural or legal person, public or private, responsible for decisions regarding the processing of personal data.

Anonymized data: Data that does not directly or indirectly identify the owner of the personal data, considering the use of reasonable and available technical means at the time of its processing.

Personal data: Information related to an identified or identifiable natural person. For the purposes of this Policy, personal data is classified as Confidential Information.

Sensitive personal data: Personal data regarding racial or ethnic origin, religious belief, political opinion, union membership, or organization of a religious, philosophical, or political nature, data related to health or sexual life, genetic or biometric data, when linked to a natural person.

Health Data: sensitive data concerning the health of the owner.

DPO: Natural or legal person appointed by the Controller who acts as a communication channel between the Controller and the Data Owners or the Supervisory Authority.

Collaborators: Employee, intern, apprentice, or any other individual occupying a position or employment in the company.

Manager: Partner or holder of a managerial position.

Legality: Guarantee that all information is created and managed in accordance with the provisions of the current Legal System.

Operator: Natural or legal person, public or private, who carries out the processing of personal data on behalf of the Controller.

Anonymization/Pseudonymization: is the treatment by which personal data loses the possibility of direct or indirect association with an individual, except through the use of additional information kept separately by the controller in a controlled and secure environment.

Requests from Owners: Request from the Owner regarding their rights established by law and related to the processing of their personal data.

Owneres: Natural persons to whom the personal data that are subject to processing relates to.

Processing of Personal Data: any operation performed with personal data, such as those referring to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation, or control of information, modification, communication, transfer, dissemination, or extraction.

Personal Data Breach: Destruction, loss, alteration, accidental or unlawful disclosure, unauthorized access to personal data transmitted, stored, or otherwise processed, resulting from a security incidente.

Website: refers to any of the following internet adresses: www.kolplast.com.br, www.loja.kolplast.com.br and www.cellpreserv.com.

GENERAL PRINCIPLES

Purpose – Personal data must be processed only for specific, explicit, legitimate, and informed in this Policy, and cannot be subsequently processed for incompatible purposes.

Adequacy – Personal data must be processed in a manner adequate and relevant to its intended use.

Need and Proportionality – The processing of personal data must be proportional to the business objectives, and no processing of types of personal data that are not necessary and proportional to business objectives shall be made. Areas that process personal data must seek to process the smallest possible volume of personal data, and this volume must be proportional to business objectives.

Free access – Ensure that Owners have easy and free access to information about the form and duration of the processing of their personal data.

Data quality – Ensure to Owners the accuracy, clarity, relevance, and updating of personal data, as needed and for the purpose of its processing.

Transparency – Ensure that Owners have clear, accurate, and easily accessible information about the processing of their personal data, subject to commercial and industrial secrets.

Security – Processing must be carried out in a manner that ensures the protection and security of personal data, including protection against unauthorized or unlawful processing, loss, destruction, or accidental damage, and the company must adopt technical and organizational measures to safeguard the integrity, confidentiality, and availability of personal data.

Prevention – Adoption of measures to prevent harm due to the processing of personal data.

Non-discrimination – Impossibility of processing for unlawful or abusive discriminatory purposes.

Responsability and accountability – Demonstration of the adoption of effective measures capable of proving compliance with data protection regulations and the effectiveness of these measures.

RIGHTS OF OWNERS

The Owner may, at any time and by means of a specific request, obtain information about the processing of their personal data, ensuring the following rights:

  • • unrestricted, facilitated, and free access;
  • • confirm the existence, access, review, rectification, and/or request an electronic copy of their personal data information;
  • • request details about the origin or sharing with third parties;
  • • limit the use and disclosure of their personal data;
  • • request anonymization, blocking, deletion, and portability of their personal data; and,
  • • revoke consent, except in situations provided for by law, and receive information about the consequences of not consenting to the use of their personal data.

The rights of the Owners can be exercised through the email: privacidade@kolplast.com.br.

The Owner shall also have the right to lodge a complaint with the ANPD – National Data Protection Authority (https://www.gov.br/anpd/pt-br) rregarding issues not resolved by the Controller.

DATA COLLECTED

The following information may be collected:

  • • Identification: full name; Individual Taxpayer Registry number; landline phone number; mobile phone number; email; residential address; and, commercial address, if applicable.
  • • Sensitive Personal Data: Statement/Medical Prescription.
  • • Login information: information to identify and authenticate on the Website, including login name and password, which are encrypted;
  • • Demographic, such as: date of birth, age or age range, gender, geographical location;
  • • Technical, such as: computing equipment or mobile devices, registration of the IP address used to connect the computer or device to the internet, including geographical location, type of operating system and web browser.
  • • Related to site navigation and services, such as: the pages and contents of our Website and other statistical information about user interactions, such as response times to content and duration of access, service availability, etc.

HOW DATA IS USED

  • • Registration;
  • • Authentication and simple identification on E-Commerce;
  • • Simple identification using email;
  • • Simple identification using social medias(s);
  • • Complete identification;
  • • Make purchases and delivery of the purchased items;
  • • Access to E-Commerce to make purchases with the assistance of an attendant;
  • • Checking the order status on E-Commerce and informing the Owner about it;
  • • Release of discounts;
  • • Confirmation of Personal Data for order delivery;
  • • Confirmation of Personal Data for payment to finalize the purchase via E-Commerce;
  • • Sending reminders for unfinished purchases;
  • • Contact for promotions through email, SMS and/or telefone;
  • • Sending purchase confirmation email to the Owner;
  • • Contact with the Owner in case of fraud;
  • • Sending the order for product separation;
  • • Sending Personal Data and product to the carrier;
  • • Carrying out returns or exchanges of products;
  • • Analysis of services and information on the site to facilitate its functionality and auditing;
  • • Anonymization of collected personal data and preparation of aggregated data reports with anonymized information (including compilations, analyses, analytical and predictive models, and other aggregated reports);
  • • Compliance with legal and/or regulatory obligations;
  • • Exercise of judicial and/or administrative rights; and,
  • • For other purposes authorized or required by law.

SHARING OF DATA

  • • With third-party service providers who are required to treat the collected personal data with the same level of security, privacy, and protection employed by the company, or with the express consent of the Owners, when applicable;
  • • With authorities, governmental entities, or third parties to defend the interests of the Owners; and
  • • Pursuant to a court order, or to comply with requests from a competent administrative authority.

PROCESSING OF SENSITIVE PERSONAL DATA

  • • The processing of sensitive data occurs in cases permitted by law or with the consent of the Owner or their legal guardian, for specific purposes, especially to enable Owner guidance regarding the company’s products for each specific case according to the provided indications/medical prescriptions; and
  • • The consent is waived for the fulfillment of a legal obligation, execution of public policies, conducting studies with anonymization of sensitive personal data, in the regular exercise of rights in contracts, judicial, administrative, and arbitration proceedings, for the protection of life and physical safety of individuals, health protection in procedures carried out by health professionals or health authority, and prevention of fraude.

PROCESSING OF PERSONAL DATA OF CHILDERN AND ADOLESCENTS

  • • The processing of childern and adolescents´ personal data aims to serve their best interests and is carried out with the consent of one of the parents or legal guardians.

COOKIES POLICY

Cookies are text files that store certain data about the user when accessing websites or services on the internet.

Cookies are used to ensure the proper functioning of websites and other online services, as well as to provide information about the IP address, type of browser, operating system, pages visited, duration of visit, among others.

By accessing the Website´s content, cookies may be collected by the browser. Kolplast uses cookies to improve the use and functionality of the Website and the available services. The use of cookies on the Website has the following purposes:

  • • Treatment of technical issues;
  • • Maintenance of protection and security; and,
  • • Adaptation of content according to usage data.

To achieve these purposes, the following types of cookies are used:

  • • Session cookies: these are temporary cookies that are deleted when the user closes their browser;
  • • Persistent cookies: these are cookies that remain in the browser until manually deleted or until the browser deletes them according to the duration period established by the cookie; and,
  • • Necessary cookies: these are strictly necessary cookies for the operation of a website or internet service. They allow the user to browse the site and use all the features necessary for the operation.

Most browsers allow the user to set rules to notify them before accepting cookies or simply to refuse them. However, if the user refuses to use cookies, not all browsing features on the site and services may be accessed.

SECURITY OF PERSONAL DATA

It is Kolplast’s commitment to safeguard the security of all collected Personal Data.

Personal Data will be stored by Kolplast in secure manner within third-party data centers located in Brazil and/or abroad. Currently, Kolplast has contracted data center services provided by cloud computing operators and also locally, on Kolplast servers. Before sending Personal Data for storage in other countries, Kolplast will adopt the measures required by law to ensure that Personal Data remains protected.

Kolplast adopts best technical and administrative practices to protect Personal Data from unauthorized access, destruction, loss, alteration, communication, or any form of improper or unlawful treatment. It is importante to remembre that no platform is completely secure. Therefore, in case of concern or suspicion that Personal Data is at risk, such as, for example, third parties having access to the User’s personal password, the Owner should immediately contact Kolplast by sending an email to privacidade@kolplast.com.br.

Kolplast emphasizes that the Owner is responsible for the confidentiality of their information, which is why Kolplast recommends that login, passwords, or any type of access key to E-Commerce, should not be shared.

RETENTION OF COLLECTED INFORMATION

Personal Data will be kept by Kolplast only: (i) for the period necessary for the purposes described in this Policy; (ii) for periods established by legal requirements; and, (iii) for the time necessary for the regular exercise of Kolplast’s rights in judicial, administrative, or arbitration proceedings.

Personal Data may be kept by Kolplast in anonymized form, i.e., without being or being able to be related to a Owner, for longer periods, considering the use of reasonable and available technical methods at the time of processing Personal Data.

Information collected by Kolplast regarding IP addresses and access records of registered Owners will be stored for the period set forth in Law No. 12.965/2014 (Brazilian Civil Rights Framework for the Internet).

Processed personal data is deleted when it is no longer useful for the purposes for which it was collected, or when the Data Owner requests its deletion, except in cases where data retention is authorized by law or applicable regulation, such as the storage of medical records for the legal period, or financial information regulated by the Brazilian Revenue Service, as well as in situations where retention is necessary for future judicial actions, complaints to public bodies, regulatory agencies, or administrative bodies where it is necessary to prove compliance with legal or contractual obligations.

CHANGES TO THIS POLICY

THIS POLICY ALTERS AND REPLACES, REGARDING THE PROCESSING OF PERSONAL DATA, THE PREVIOUS PRIVACY POLICY, TO ADAPT TO THE PROVISIONS OF THE LGPD, AND, BY ACCEPTING THE TERMS OF THIS POLICY, BOTH NEW OWNERS AND THOSE WHO ALREADY SHARED PERSONAL DATA WITH KOLPLAST, ARE AWARE THAT KOLPLAST WILL TREAT AND/OR CONTINUE TO TREAT THE PERSONAL DATA COLLECTED UNDER THE TERMS AND CONDITIONS OF THIS POLICY.

Kolplast reserves the right to change, at any time and without prior notice, this Privacy Policy, always in compliance with the current Brazilian legislation applicable to related topics, both data protection and their storage; especially regarding health-related issues, as they are subject to specific legislation.

Any changes made to this Policy will be immediately available on the Website.

Any clause or condition of this Policy that, for any reason, may be deemed null or ineffective by any court or tribunal, will not affect the validity of the other provisions of this Policy, which will remain fully valid and binding, generating effects to their fullest extent.

COMPANY CONTACTS

In case of doubts, complaints, communications, requests for clarification and/or actions, requests for Personal Data, among other measures related to privacy and protection of Personal Data, please contact our DPO, through one of the contacts below:

  • • privacidade@kolplast.com.br
  • • Phone: (11) 4961-0900
  • • Estrada Municipal Benedito de Souza, no. 418 – Bairro da Mina – Itupeva/SP – ZIP Code: 13299-364

EFFECTIVENESS

This Policy enters into effect on 01/01/2024 and will remain in effect indefinitely.

OWNER CONSENT

BY READING THIS POLICY AND CLICKING ON “I HAVE READ AND AGREE TO THE TERMS OF THE PRIVACY POLICY”, THE OWNER DEMONSTRATES THAT HE/SHE AGREES WITH EVERYTHING THAT HAS BEEN STATED IN THIS DOCUMENT AND ACCEPTS THAT HIS/HER PERSONAL DATA BE STORED AND PROCESSED WITH SECURITY BY KOLPLAST, IN ACCORDANCE WITH THE TERMS AND CONDITIONS OF THIS POLICY. PLEASE NOTE THAT CONSENT CAN BE REVOKED BY THE OWNER AT ANY TIME.

With the express acceptance of the Owner, Kolplast understands that the Owner agrees to all the terms and conditions set forth in this Policy for all legal purposes and effects.

The Kolplast Group was founded in 1988. More than just a medical and hospital supplies industry, the Kolplast Group has always been dedicated to offering innovative solutions in the form of products. With a permanent focus on the needs of our clients, we have come a long way and have become a benchmark in the markets where we operate.

PAGES

SOLUTIONS

RELATIONSHIP CENTER

Facebook Youtube Instagram Linkedin

Development:
Web Bizz Marketing Online

KOLPLAST CI LTDA.

GENERAL PRIVACY AND PERSONAL DATA PROTECTION POLICY

GENERAL PRIVACY AND PERSONAL DATA PROTECTION POLICY

KOLPLAST CI LTDA.

This General Privacy and Personal Data Protection Policy has been implemented by KOLPLAST CI LTDA. (“Kolplast”) to establish a commitment to the security and privacy of the personal data shared with Kolplast.

This document establishes guidelines and procedures for the processing of personal data shared with Kolplast that are necessary for the conduction of its businesse, in compliance with the General Data Protection Law – LGPD (Federal Law No. 13,709/2018), its regulations, and subsequent amendments.

DEFINITIONS

Data Processing Agent: The controller and the operator.

Competent authority: Indirect public administration body responsible for safeguarding, implementing, and overseeing compliance with the applicable Personal Data Protection Law.

Personal Data Lifecycle: Flow of personal data processing, involving actions of Collection, Storage, Use, Sharing, and Deletion of personal data.

Sharing of personal data: Communication, dissemination, national or international transfer, interconnection of personal data, or shared processing of personal databases by bodies, entities, or individuals, and for one or more types of treatment.

Consent: Free, informed, and unequivocal expression by which the Data Subject agrees to the processing of their personal data.

Controller: Natural or legal person, public or private, responsible for decisions regarding the processing of personal data.

Anonymized data: Data that does not directly or indirectly identify the owner of the personal data, considering the use of reasonable and available technical means at the time of its processing.

Personal data: Information related to an identified or identifiable natural person. For the purposes of this Policy, personal data is classified as Confidential Information.

Sensitive personal data: Personal data regarding racial or ethnic origin, religious belief, political opinion, union membership, or organization of a religious, philosophical, or political nature, data related to health or sexual life, genetic or biometric data, when linked to a natural person.

Health Data: sensitive data concerning the health of the owner.

DPO: Natural or legal person appointed by the Controller who acts as a communication channel between the Controller and the Data Owners or the Supervisory Authority.

Collaborators: Employee, intern, apprentice, or any other individual occupying a position or employment in the company.

Manager: Partner or holder of a managerial position.

Legality: Guarantee that all information is created and managed in accordance with the provisions of the current Legal System.

Operator: Natural or legal person, public or private, who carries out the processing of personal data on behalf of the Controller.

Anonymization/Pseudonymization: is the treatment by which personal data loses the possibility of direct or indirect association with an individual, except through the use of additional information kept separately by the controller in a controlled and secure environment.

Requests from Owners: Request from the Owner regarding their rights established by law and related to the processing of their personal data.

Owneres: Natural persons to whom the personal data that are subject to processing relates to.

Processing of Personal Data: any operation performed with personal data, such as those referring to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation, or control of information, modification, communication, transfer, dissemination, or extraction.

Personal Data Breach: Destruction, loss, alteration, accidental or unlawful disclosure, unauthorized access to personal data transmitted, stored, or otherwise processed, resulting from a security incidente.

Website: refers to any of the following internet adresses: www.kolplast.com.br, www.loja.kolplast.com.br and www.cellpreserv.com.

GENERAL PRINCIPLES

Purpose – Personal data must be processed only for specific, explicit, legitimate, and informed in this Policy, and cannot be subsequently processed for incompatible purposes.

Adequacy – Personal data must be processed in a manner adequate and relevant to its intended use.

Need and Proportionality – The processing of personal data must be proportional to the business objectives, and no processing of types of personal data that are not necessary and proportional to business objectives shall be made. Areas that process personal data must seek to process the smallest possible volume of personal data, and this volume must be proportional to business objectives.

Free access – Ensure that Owners have easy and free access to information about the form and duration of the processing of their personal data.

Data quality – Ensure to Owners the accuracy, clarity, relevance, and updating of personal data, as needed and for the purpose of its processing.

Transparency – Ensure that Owners have clear, accurate, and easily accessible information about the processing of their personal data, subject to commercial and industrial secrets.

Security – Processing must be carried out in a manner that ensures the protection and security of personal data, including protection against unauthorized or unlawful processing, loss, destruction, or accidental damage, and the company must adopt technical and organizational measures to safeguard the integrity, confidentiality, and availability of personal data.

Prevention – Adoption of measures to prevent harm due to the processing of personal data.

Non-discrimination – Impossibility of processing for unlawful or abusive discriminatory purposes.

Responsability and accountability – Demonstration of the adoption of effective measures capable of proving compliance with data protection regulations and the effectiveness of these measures.

RIGHTS OF OWNERS

The Owner may, at any time and by means of a specific request, obtain information about the processing of their personal data, ensuring the following rights:

  • • unrestricted, facilitated, and free access;
  • • confirm the existence, access, review, rectification, and/or request an electronic copy of their personal data information;
  • • request details about the origin or sharing with third parties;
  • • limit the use and disclosure of their personal data;
  • • request anonymization, blocking, deletion, and portability of their personal data; and,
  • • revoke consent, except in situations provided for by law, and receive information about the consequences of not consenting to the use of their personal data.

The rights of the Owners can be exercised through the email: privacidade@kolplast.com.br.

The Owner shall also have the right to lodge a complaint with the ANPD – National Data Protection Authority (https://www.gov.br/anpd/pt-br) rregarding issues not resolved by the Controller.

DATA COLLECTED

The following information may be collected:

  • • Identification: full name; Individual Taxpayer Registry number; landline phone number; mobile phone number; email; residential address; and, commercial address, if applicable.
  • • Sensitive Personal Data: Statement/Medical Prescription.
  • • Login information: information to identify and authenticate on the Website, including login name and password, which are encrypted;
  • • Demographic, such as: date of birth, age or age range, gender, geographical location;
  • • Technical, such as: computing equipment or mobile devices, registration of the IP address used to connect the computer or device to the internet, including geographical location, type of operating system and web browser.
  • • Related to site navigation and services, such as: the pages and contents of our Website and other statistical information about user interactions, such as response times to content and duration of access, service availability, etc.

HOW DATA IS USED

  • • Registration;
  • • Authentication and simple identification on E-Commerce;
  • • Simple identification using email;
  • • Simple identification using social medias(s);
  • • Complete identification;
  • • Make purchases and delivery of the purchased items;
  • • Access to E-Commerce to make purchases with the assistance of an attendant;
  • • Checking the order status on E-Commerce and informing the Owner about it;
  • • Release of discounts;
  • • Confirmation of Personal Data for order delivery;
  • • Confirmation of Personal Data for payment to finalize the purchase via E-Commerce;
  • • Sending reminders for unfinished purchases;
  • • Contact for promotions through email, SMS and/or telefone;
  • • Sending purchase confirmation email to the Owner;
  • • Contact with the Owner in case of fraud;
  • • Sending the order for product separation;
  • • Sending Personal Data and product to the carrier;
  • • Carrying out returns or exchanges of products;
  • • Analysis of services and information on the site to facilitate its functionality and auditing;
  • • Anonymization of collected personal data and preparation of aggregated data reports with anonymized information (including compilations, analyses, analytical and predictive models, and other aggregated reports);
  • • Compliance with legal and/or regulatory obligations;
  • • Exercise of judicial and/or administrative rights; and,
  • • For other purposes authorized or required by law.

SHARING OF DATA

  • • With third-party service providers who are required to treat the collected personal data with the same level of security, privacy, and protection employed by the company, or with the express consent of the Owners, when applicable;
  • • With authorities, governmental entities, or third parties to defend the interests of the Owners; and
  • • Pursuant to a court order, or to comply with requests from a competent administrative authority.

PROCESSING OF SENSITIVE PERSONAL DATA

  • • The processing of sensitive data occurs in cases permitted by law or with the consent of the Owner or their legal guardian, for specific purposes, especially to enable Owner guidance regarding the company’s products for each specific case according to the provided indications/medical prescriptions; and
  • • The consent is waived for the fulfillment of a legal obligation, execution of public policies, conducting studies with anonymization of sensitive personal data, in the regular exercise of rights in contracts, judicial, administrative, and arbitration proceedings, for the protection of life and physical safety of individuals, health protection in procedures carried out by health professionals or health authority, and prevention of fraude.

PROCESSING OF PERSONAL DATA OF CHILDERN AND ADOLESCENTS

  • • The processing of childern and adolescents´ personal data aims to serve their best interests and is carried out with the consent of one of the parents or legal guardians.

COOKIES POLICY

Cookies are text files that store certain data about the user when accessing websites or services on the internet.

Cookies are used to ensure the proper functioning of websites and other online services, as well as to provide information about the IP address, type of browser, operating system, pages visited, duration of visit, among others.

By accessing the Website´s content, cookies may be collected by the browser. Kolplast uses cookies to improve the use and functionality of the Website and the available services. The use of cookies on the Website has the following purposes:

  • • Treatment of technical issues;
  • • Maintenance of protection and security; and,
  • • Adaptation of content according to usage data.

To achieve these purposes, the following types of cookies are used:

  • • Session cookies: these are temporary cookies that are deleted when the user closes their browser;
  • • Persistent cookies: these are cookies that remain in the browser until manually deleted or until the browser deletes them according to the duration period established by the cookie; and,
  • • Necessary cookies: these are strictly necessary cookies for the operation of a website or internet service. They allow the user to browse the site and use all the features necessary for the operation.

Most browsers allow the user to set rules to notify them before accepting cookies or simply to refuse them. However, if the user refuses to use cookies, not all browsing features on the site and services may be accessed.

SECURITY OF PERSONAL DATA

It is Kolplast’s commitment to safeguard the security of all collected Personal Data.

Personal Data will be stored by Kolplast in secure manner within third-party data centers located in Brazil and/or abroad. Currently, Kolplast has contracted data center services provided by cloud computing operators and also locally, on Kolplast servers. Before sending Personal Data for storage in other countries, Kolplast will adopt the measures required by law to ensure that Personal Data remains protected.

Kolplast adopts best technical and administrative practices to protect Personal Data from unauthorized access, destruction, loss, alteration, communication, or any form of improper or unlawful treatment. It is importante to remembre that no platform is completely secure. Therefore, in case of concern or suspicion that Personal Data is at risk, such as, for example, third parties having access to the User’s personal password, the Owner should immediately contact Kolplast by sending an email to privacidade@kolplast.com.br.

Kolplast emphasizes that the Owner is responsible for the confidentiality of their information, which is why Kolplast recommends that login, passwords, or any type of access key to E-Commerce, should not be shared.

RETENTION OF COLLECTED INFORMATION

Personal Data will be kept by Kolplast only: (i) for the period necessary for the purposes described in this Policy; (ii) for periods established by legal requirements; and, (iii) for the time necessary for the regular exercise of Kolplast’s rights in judicial, administrative, or arbitration proceedings.

Personal Data may be kept by Kolplast in anonymized form, i.e., without being or being able to be related to a Owner, for longer periods, considering the use of reasonable and available technical methods at the time of processing Personal Data.

Information collected by Kolplast regarding IP addresses and access records of registered Owners will be stored for the period set forth in Law No. 12.965/2014 (Brazilian Civil Rights Framework for the Internet).

Processed personal data is deleted when it is no longer useful for the purposes for which it was collected, or when the Data Owner requests its deletion, except in cases where data retention is authorized by law or applicable regulation, such as the storage of medical records for the legal period, or financial information regulated by the Brazilian Revenue Service, as well as in situations where retention is necessary for future judicial actions, complaints to public bodies, regulatory agencies, or administrative bodies where it is necessary to prove compliance with legal or contractual obligations.

CHANGES TO THIS POLICY

THIS POLICY ALTERS AND REPLACES, REGARDING THE PROCESSING OF PERSONAL DATA, THE PREVIOUS PRIVACY POLICY, TO ADAPT TO THE PROVISIONS OF THE LGPD, AND, BY ACCEPTING THE TERMS OF THIS POLICY, BOTH NEW OWNERS AND THOSE WHO ALREADY SHARED PERSONAL DATA WITH KOLPLAST, ARE AWARE THAT KOLPLAST WILL TREAT AND/OR CONTINUE TO TREAT THE PERSONAL DATA COLLECTED UNDER THE TERMS AND CONDITIONS OF THIS POLICY.

Kolplast reserves the right to change, at any time and without prior notice, this Privacy Policy, always in compliance with the current Brazilian legislation applicable to related topics, both data protection and their storage; especially regarding health-related issues, as they are subject to specific legislation.

Any changes made to this Policy will be immediately available on the Website.

Any clause or condition of this Policy that, for any reason, may be deemed null or ineffective by any court or tribunal, will not affect the validity of the other provisions of this Policy, which will remain fully valid and binding, generating effects to their fullest extent.

COMPANY CONTACTS

In case of doubts, complaints, communications, requests for clarification and/or actions, requests for Personal Data, among other measures related to privacy and protection of Personal Data, please contact our DPO, through one of the contacts below:

  • • privacidade@kolplast.com.br
  • • Phone: (11) 4961-0900
  • • Estrada Municipal Benedito de Souza, no. 418 – Bairro da Mina – Itupeva/SP – ZIP Code: 13299-364

EFFECTIVENESS

This Policy enters into effect on 01/01/2024 and will remain in effect indefinitely.

OWNER CONSENT

BY READING THIS POLICY AND CLICKING ON “I HAVE READ AND AGREE TO THE TERMS OF THE PRIVACY POLICY”, THE OWNER DEMONSTRATES THAT HE/SHE AGREES WITH EVERYTHING THAT HAS BEEN STATED IN THIS DOCUMENT AND ACCEPTS THAT HIS/HER PERSONAL DATA BE STORED AND PROCESSED WITH SECURITY BY KOLPLAST, IN ACCORDANCE WITH THE TERMS AND CONDITIONS OF THIS POLICY. PLEASE NOTE THAT CONSENT CAN BE REVOKED BY THE OWNER AT ANY TIME.

With the express acceptance of the Owner, Kolplast understands that the Owner agrees to all the terms and conditions set forth in this Policy for all legal purposes and effects.