At Nimbahera, privacy and security are priorities and we are committed to the transparency of the processing of personal data of our users/customers. Therefore, this Privacy Policy establishes how the collection, use and transfer of information from customers or other people who access or use our website is done.

By using our services, you understand that we will collect and use your personal information in the ways described in this Policy, under the rules of the Federal Constitution of 1988 (article 5, LXXIX; and article 22, XXX – included by EC 115/2022), the Data Protection rules (LGPD, Federal Law 13,709/2018), the consumer provisions of Federal Law 8078/1990 and the other applicable rules of the Brazilian legal system.

Thus, Nimbahera Manutenção LTDA hereinafter referred to simply as “Nimbahera”, registered with the CNPJ/MF under No. 42.885.285/0001-35, in the role of Data Controller, is bound by the provisions of this Privacy Policy.

1. What data do we collect about you and for what purpose?

Our website collects and uses some of your personal data in order to enable the provision of services and improve the user experience.

1.1. Personal data provided by the holder.

1.2. Personal data provided by the user (contact information, professional data, financial or technical information).

1.3 Browsing data  (e.g. IP address, location, country, browsing time, access time) or data arising from your interaction with our website.

2. Assent

It is from your consent that we process your personal data. Consent is the free, informed and unequivocal manifestation by which you authorize Nimbahera to process your data.

Thus, in accordance with the General Data Protection Law, your data will only be collected, processed and stored with prior and express consent.

Your consent will be obtained in a specific way for each purpose described above, evidencing Nimbahera’s commitment to transparency and good faith  towards its users/clients, following the relevant legislative regulations.

By using Nimbahera’s services  and  providing your personal data, you are aware of and consenting to the provisions of this Privacy Policy, as well as knowing your rights and how to exercise them.

At any time and at no cost, you may revoke your consent.

It is important to note that the revocation of consent for the processing of data may imply the impossibility of adequate performance of some functionality of the website that depends on the operation. Such consequences shall be informed in advance.

3. What are your rights?

 Nimbahera assures its users/customers of their rights as holders provided for in Article 18 of the General Data Protection Law. This way, you can, for free and at any time:

• Confirm the existence of data processing, in a simplified way or in a clear and complete format.
• Access your data, being able to request them in a legible copy in printed form or by electronic, secure and reputable means.
• Correct your data, when requesting the editing, correction or updating of these.
• Limit your data when unnecessary, excessive or treated in non-compliance with legislation through anonymization, blocking or deletion.
• Request the portability of your data, through a report of registration data that Nimbahera treats about you.
• Delete your data processed from your consent, except in the cases provided for by law.
• Revoke your consent, disauthorizing the processing of your data.
• Inform yourself about the possibility of not providing your consent and about the consequences of the refusal.

4. How can you exercise your rights as a holder?

To exercise your rights as a holder, you must contact Nimbahera through the following available means:

•  Email
• Telephone

In order to ensure your correct identification as the holder of the personal data subject to the request, it is possible that we may request documents or other evidence that can prove your identity. In this case, you will be informed in advance.

5. How and for how long will your data be stored?

Your personal data collected by Nimbahera will be used and stored for the  time necessary for the provision of the service or for the purposes listed in this Privacy Policy to be achieved, considering the rights of the data subjects and controllers.

In general, your data will be kept for as long as the contractual relationship between you and Nimbahera lasts. After the period of storage of personal data, they will be deleted from our databases or anonymized, except for the hypotheses legally provided for in article 16 of the General Data Protection Law, namely:

I – compliance with legal or regulatory obligation by the controller;

II – study by a research body, guaranteed, whenever possible, the anonymization of personal data;

III – transfer to a third party, provided that the data processing requirements set forth in this Law are respected; or

IV – exclusive use of the controller, forbidden its access by a third party, and provided that the data are anonymized.

That is, personal information about you that is essential for compliance with legal, judicial and administrative determinations and/or for the exercise of the right of defense in judicial and administrative proceedings will be kept, despite the deletion of other data.

The storage of data collected by Nimbahera reflects our commitment to the security and privacy of your data. We employ technical protection measures and solutions capable of guaranteeing the confidentiality, integrity and inviolability of your data. In addition, we also have security measures appropriate to the risks and access control to the information stored.

6. What do we do to keep your data safe?

To keep your personal information secure, we use physical, electronic and managerial tools geared towards protecting your privacy.

We apply these tools taking into account the nature of the personal data collected, the context and purpose of the processing and the risks that any violations would generate for the rights and freedoms of the holder of the data collected and processed.

Among the measures we have adopted, we highlight the following:

• Only authorized persons have access to your personal data
• Access to your personal data is made only after the commitment of confidentiality
• Your personal data is stored in a safe and suitable environment.

 Nimbahera is committed to adopting the best postures to avoid security incidents. However, it should be noted that no virtual page is entirely safe and risk-free. It is possible that, despite all our security protocols, problems solely the fault of third parties may occur, such as cyberattacks by hackers, or also as a result of the negligence or recklessness of the user/client himself.

In case of security incidents that may generate risk or damage relevant to you or any of our users / customers, we will communicate to those affected and the National Data Protection Authority about what has occurred, in accordance with the provisions of the General Data Protection Law.

7. Who can your data be shared with?

In order to preserve your privacy, Nimbahera will not share your personal data with any unauthorized third party.

In addition, there are also other hypotheses in which your data may be shared, which are:

I – Legal determination, request, request or court order, with competent judicial, administrative or governmental authorities.

II – Case of corporate transactions, such as merger, acquisition and incorporation, automatically

III – Protection of Nimbahera’s rights  in any type of conflict, including those of judicial content.

7.1. International transfer of data

Some of the third parties with whom we share your data may be located or have facilities located in foreign countries. Under these conditions, in any case, your personal data will be subject to the General Data Protection Law and other Brazilian data protection legislations

In this regard, Nimbahera is committed to always adopting efficient cybersecurity and data protection standards in the best efforts to ensure and comply with legislative requirements.

By agreeing to this Privacy Policy, you agree to this sharing, which will be in accordance with the purposes described herein.

8. Cookies or browsing data

 Nimbahera makes use of Cookies, which are text files sent by the platform to your computer and stored on it, which contain information related to the navigation of the website. In short, Cookies are used to enhance the user experience.

By accessing our website and consenting to the use of Cookies, you declare to know and accept the use of a system of collection of browsing data with the use of Cookies on your device.

You may, at any time and at no cost, change permissions, block or refuse Cookies. However, the revocation of the consent of certain Cookies may make it impossible for some of the platform’s features to function properly.

To manage the cookies of your browser, simply do it directly in the browser settings, in the Cookie management area. You can access tutorials on the topic directly from the links below:

If you use Internet Explorer.

If you use Firefox.

If you use Safari.

If you use Google Chrome.

If you use Microsoft Edge.

If you use Opera.

9. Amendment to this Privacy Policy

The current version of the Privacy Policy was formulated and last updated on: 03/08/2023.

We reserve the right to modify this Privacy Policy at any time, mainly due to the adequacy of any changes made on our website or in the legislative scope. We recommend that you review it frequently.

Any changes will take effect from their publication on our website and we will always notify you of the changes that have occurred.

By using our services and providing your personal data after such modifications, you consent to them.

10. Responsibility

 Nimbahera provides for the liability of the agents acting in the data processing processes, in accordance with articles 42 to 45 of the General Data Protection Law.

We are committed to keeping this Privacy Policy up to date, observing its provisions and ensuring its compliance.

In addition, we are also committed to seeking technical and organizational conditions that are safe to protect the entire data processing process.

If the National Data Protection Authority requires the adoption of measures in relation to the processing of data carried out by Nimbahera, we undertake to follow them.

10.1 Disclaimer

As mentioned in Topic 6, while we adopt high security standards in order to prevent incidents, there is no virtual page that is entirely risk-free. In this regard, Nimbahera is not responsible for:

I – Any consequences arising from the negligence, recklessness or malpractice of users in relation to their individual data. We guarantee and are only responsible for the security of the data processing processes and the fulfillment of the purposes described in this instrument.

We emphasize that the responsibility in relation to the confidentiality of the access data lies with the user.

II – Malicious actions of third parties, such as hacker attacks, unless proven culpable or deliberate conduct of Nimbahera.

We emphasize that in case of security incidents that may generate risk or damage relevant to you or any of our users / customers, we will communicate to those affected and the National Data Protection Authority about what happened and we will comply with the necessary measures.

III – Inveracity of  the information entered by the user/client in the records necessary for the use of Nimbahera‘s services; any consequences arising from false information or entered in bad faith are entirely the responsibility of the user/client.

11. Data Protection Officer

 Nimbahera provides the following means for you to contact us to exercise your rights as a holder: email and telephone.

If you have any questions about this Privacy Policy or the personal data we process, you can contact our Personal Data Protection Officer through the following channels:

 MARI DOLI ELIAS SARSSUR (doli.sarssur@nimbahera.com.br)

+55 (31) 3392-3625