We have made every effort to explain clearly and simply what personal data we will need from you and what we will do with each of them. Therefore, we have listed below the most important points, which can also be read in a comprehensive and detailed manner in our Privacy Notice.
Furthermore, we are always available to answer any questions you may have via email at email@example.com. For inquiries specifically related to your personal data, we have a dedicated channel: firstname.lastname@example.org.
We are data processors for the personal data of third parties that are entered into our solutions by the contracting company. This means that we process data based on the decisions of our clients, who are the data controllers.
Additionally, DIGISAC has also engaged some third-party processors who may process personal data, such as legal advisors, technology partners, servers, among others.
To ensure that your information is stored in a secure environment, the platform utilizes servers from Amazon Web Services and DigitalOcean, with restricted access. As a result, these companies only have access to your data for the purpose of storing it once you provide it to DIGISAC. Additionally, the use of these servers may involve the international transfer of your personal data to the country where the servers are located, the United States.
• If you are a Collaborator User: Name, CPF (Brazilian Individual Taxpayer Registry)
• If you are an Administrator User: Name, CPF, Email, Company brand, Legal name (company name), Address, Phone number.
• Providing our service
• Providing support and customer service;
• Sending sales and marketing communications;
• Offering our services or products.
a) Date of Availability of the Text;
b) Explanation of Technical Terms or Foreign Language Terms;
c) Data Processing Agents;
d) Information Security;
e) Data Collection;
f) Processing of Personal Data;
g) Platform Cancellation, Account Deactivation, and Data Deletion;
h) Rights of the Data Subject;
i) Changes to the Privacy Notice;
j) Privacy Communication Channel;
k) Contact for General Matters.
Before accessing the DIGISAC platform, it is important that you read, understand, and freely, unequivocally, and informedly accept this Privacy Notice.
This platform, named DIGISAC, is owned, maintained, and operated by E.M. SOLUCOES INTEGRADAS DE SISTEMAS LTDA, registered under CNPJ number 18.716.151/0001-06, with headquarters at Rua Sérgio Arcangelo, No. 1-49, Jardim Nicéia, Bauru/SP, ZIP code: 17.047-430.
This document aims to provide information about the collection, use, and storage (”processing”) of data provided by Users and is in compliance with Law No. 12,965/2014 (Internet Civil Rights Framework) and Law No. 13,709/2018 (General Data Protection Law).
API: Set of routines and programming standards for accessing a web-based application or platform. The acronym API stands for ”Application Programming Interface” in Portuguese translation.
Controller: Natural or legal person, whether public or private, who is responsible for decisions regarding the processing of personal data.
Cookies: Small text files that are stored on the user's computer and can be retrieved by the website that sent them during browsing. They are mainly used to identify and store information about users.
Encryption: Set of principles and techniques for encrypting writing, making it unintelligible to those who do not have access to the agreed conventions.
Personal Data: Information related to an identified or identifiable natural person.
Sensitive Personal Data: Personal data relating to racial or ethnic origin, religious belief, political opinion, union membership, or membership in religious, philosophical, or political organizations, data related to health or sexual life, genetic or biometric data when linked to a natural person.
Data Protection Officer: Person appointed by the controller and processor to act as a communication channel between the controller, data subjects, and the National Data Protection Authority (ANPD).
IP (or Internet Protocol): Unique identification for each computer connected to a network.
Processor: Natural or legal person, whether public or private, who processes personal data on behalf of the controller.
Data Processing: Any operation performed with personal data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, deletion, evaluation, or control of information, modification, communication, transfer, dissemination, or extraction.
User(s): Those who use the platform's services.
2.2. Types of Platform Users:
2.2.1. Administrator User: The person responsible for the company on the platform, who will register the Collaborator Users.
2.2.2. Collaborator User: Employees or general collaborators of the company that hires the platform.
3.2. We are processors of the personal data of third parties entered into our solutions by the contracting company. In other words, we process data based on the decisions of our clients, the controllers.
3.2.1. The contracting party of DIGISAC's services acts as the controller of the data of the individuals with whom the User contacts through the platform. That is, they are the person responsible for decisions regarding the processing of personal data.
3.2.2. DIGISAC does not have access to User conversations with third parties and is not responsible for the data processing carried out by Users, proper information collection, legality of contacts, conversation content, or any actions of the Users.
3.3. Some processors are necessary for the availability of the platform. Therefore, they will have access to User data for the following purposes:
3.3.1. Amazon Web Service: as the personal data is stored on their servers;
3.3.2. DigitalOcean: as the personal data is stored on their servers.
3.5. Our contracts always prioritize the secure processing of User information. Therefore, from the moment these companies have access to this data, they will be responsible for the security, processing, and appropriate sharing of this information. They are prohibited from disclosing it for other purposes in violation of applicable laws or this Privacy Notice, under penalty of being held liable for all penalties, particularly civil, criminal, and those imposed by the National Data Protection Authority.
3.6. International transfer: The servers used by DIGISAC, which are equipped with mechanisms to ensure the security of your data, are located outside Brazil, specifically in the United States. They are used to enable DIGISAC to provide its service properly, as required by Article 33, IX of Law No. 13,709/18.
4.1.1. Additionally, we have effective measures and controls in place to prevent or reduce Information Security risks, with an approach focused on the principles of the field, aiming to prevent, detect, respond to, and quickly recover from a threat in order to protect the confidentiality, integrity, and availability of technological assets and information.
4.2. All access records, which include information regarding the date and time of use of a specific internet application from a specific IP address, will be kept confidential by DIGISAC in a controlled and secure environment for a minimum period of 6 (six) months, in accordance with Law No. 12,965/2014 and Article 7, II of Law No. 13,709/18.
4.3. DIGISAC is committed to preserving the stability, security, and functionality of the platform through technical measures in line with international standards and by encouraging the use of best practices. However, no service available on the internet can guarantee complete protection against illegal invasions. In cases where unauthorized third parties unlawfully breach the system, DIGISAC will make every effort to identify the responsible party, but we are not liable for any damages caused by them.
5.1.1. For Collaborator Users: Name and CPF (Brazilian Individual Taxpayer Registry number).
5.1.2. For Administrator Users: Name, CPF, Email, company brand, company name, address, and phone number.
5.2. Contact history: DIGISAC stores information about all interactions already made with Users through WhatsApp, messages, and email. This helps improve customer service and make it more efficient. Without this history, the User would likely have to repeat information previously provided every time they contacted us.
5.3. Indirectly collected information: In addition to access logs, we may also collect some information indirectly, in accordance with our Cookie Policies.
b) Necessary to fulfill the legitimate interests of the controller or a third party (Art. 7, IX, Law No. 13,709/2018).
b) Used for sending marketing emails, news emails, classifieds, and newsletters.
7.2. Account cancellation by the User: To cancel services and request the deletion of the access account, the User should make the request by email to email@example.com.
7.3. When the purpose of data processing ends or upon request through the email firstname.lastname@example.org, the User's data will be immediately and permanently deleted, except for data that must be retained by law or regulation, data necessary for the regular exercise of rights in a judicial, administrative, or arbitration process, such as access logs. Access logs will be kept confidential in a controlled and secure environment, in accordance with Law No. 12,965/2014 and with the legal basis provided by Article 7, II of Law No. 13,709/18.
8.2. DIGISAC will not share User data with third parties. However, each company's Administrator User will be responsible for collecting data and registering their collaborators on the platform.
8.3. If the Administrator User chooses to share personal data stored in DIGISAC with third parties, such as independent APIs, they must fully assume responsibility for informing data subjects about such sharing, ensuring that the third party complies with the General Data Protection Law, and for any security incidents that may occur after the transmission of personal information. DIGISAC is only responsible for its platform, and the third-party API will be responsible for operations after the information transmission.
8.3.1. The User is informed that, when integrating via API, the external software may access the data under their control, with the option to subsequently revoke that access.
8.4. Once Users, WhatsApp, Telegram, SMS, Web Chat, email, AWS, DigitalOcean, and third-party APIs have access to this data, they become responsible for the security, processing, and appropriate sharing of this information. They are prohibited from disclosing it for other purposes in violation of applicable laws and this Privacy Notice, under penalty of being held liable for all penalties, particularly civil, criminal, and those imposed by the National Data Protection Authority.
8.5. The User is aware that they must comply with WhatsApp's rules, as well as those of other channels they use, especially regarding the sending of automated messages and the collection of third-party data through the platform.
8.6. DIGISAC will not share Users' confidential data with third parties, except as required by law or court order.
9.1.1. Confirmation of the existence of data processing.
9.1.2. Access to the data.
9.1.3. Correction of incomplete, inaccurate, or outdated data.
9.1.4. Anonymization, blocking, or deletion of unnecessary, excessive, or data processed in violation of the provisions of Law No. 13,709/2018.
9.1.5. Portability of data to another service provider, upon express request, in accordance with the regulations of the national authority, observing commercial and industrial secrets.
9.1.6. Deletion of data processed with the data subject's consent, except in cases provided by Law No. 13,709/2018.
9.1.7. Information about public and private entities with which DIGISAC has shared data.
9.1.8. Information about the possibility of not giving consent and about the consequences of refusal.
9.1.9. Revocation of consent.
9.2. Regarding the data of individuals with whom the User contacts through the platform, such as conversation history, requests to exercise data subject rights should be made directly to the controller.
10.2. If the change made requires User consent, the option to freely, unequivocally, and informedly accept the new text or reject it will be presented.
10.3. If the User does not agree with the change, they may choose not to give consent for specific actions or terminate their relationship with DIGISAC entirely. However, this termination will not exempt the User from fulfilling all obligations assumed under previous versions of the Privacy Notice.
Digisac, the multichannel digital PBX
We can handle your communication with all the main channels of digital messaging, consult us.
Our sales team will contact you* Don't worry, we won't send SPAM