Nova página | WebConcierge Serv Te

About the WebConcierge System

Last revised: October 30, 2020

Introduction

The WebConcierge System aims to be a platform for accessing the site www.webconcierge.com.br and the application (app) available on Android and IOS platforms. These environments will always be accessed authentically by people, users or visitors, to schedule events, meetings and reserve the use of rooms, workstations, etc., for one or more users or groups of users who will perform physical access ( entrances / exits) in certain environments (buildings, floor, etc.), in previously designated locations and at previously defined times.

These environments make up a platform or an integrated system that, with a single registration, will allow entry/exit in several buildings, in addition to the possibility of making reservations for the use of spaces and workplaces (rooms, tables, etc.), always through the use of from your smartphone.

This Statement of Privacy and Protection of Personal Data only applies to the information on the specific pages of the site www.webconcierge.com.br e of the application, which are referred to below always as "website".

This platform, whose name is web Concierge, is owned, maintained and operated by the company Concierge Predial Serviços Tecnologia, registered with the CNPJ under n. 13.013.795/0001-14, headquartered at Rua Barão do Triunfo, 88, Cj 1615, Brooklin, CEP 04602-007, São Paulo – SP, which will also be referred to below as "we" or "our".

Our organization is aware of the importance of privacy and data protection of the people who use our platform, and therefore, it presents this Declaration of Privacy and Protection of Personal Data and also explains how the information of the people who use our website will be protected.

This Declaration of Privacy and Protection of Personal Data expresses our commitment to the treatment of your personal data in a responsible, ethical way, in line with our principles and values and, especially, in accordance with the rules of Law nº 13.709/2018 (General Law of Personal Data Protection - “LGPD”) and other applicable legislation in force.

Summary of the Statement of Privacy and Protection of Personal Data

This Personal Data Protection and Privacy Statement tells you what personal data we collect about you, what we use it for, how and where we store it, and with whom we share it. It also defines your rights in relation to your personal data and who you can contact for more information or clarification on this topic. See sections of this statement below:

1. What are the meanings of the Technical or Foreign Language Terms used;
2. What types of personal data we collect
3. How we collect your personal data
4. How we use and process your personal data
5. What legal grounds do we use to process your personal data
6. To whom we disclose or share your personal data
7. How we protect your personal data
8. How long do we keep your personal data
9. what are your rights
10. Claims
11. Changes to this Privacy and Personal Data Protection Statement

I - What are the meanings of the Technical or Foreign Language Terms used

Administrator: Type of User with permission and responsibility for managing and controlling access to system functionalities by other Users.
API: Application Programming Interface, which consists of a set of programming routines and patterns for accessing a software application or web-based platform.
Check in: It is the act of opening, entering a process or a place in an authenticated and validated way by previously established criteria.
Checkout: It is the act of closing, exiting a process or a place in an authenticated and validated way by previously established criteria.
Client: Legal entity that hires Concierge web services to control access to the environments of a building, company or to control the use of spaces and their workplaces.
Cookies: Small text files containing small amounts of information that are downloaded to your computer or other device. Your browser then sends these cookies back on each subsequent visit. In this way, we can recognize and remember your preferences.
Encryption: It is a security and privacy mechanism that makes (i) the stored data, (ii) the communication and (iii) the messages unintelligible to those who do not have access to the “translation” codes of the messages sent. The communication or messages can be texts, images, videos, etc. In digital communications, encryption helps protect all content transmitted between two or more sources, preventing interception by cyber criminals, hackers, etc.
Due diligence: It is a survey process, usually carried out by external companies, which seeks to obtain all the necessary information about the risks existing within a company, as well as verifying the status of the transaction's operations and the requirements associated with corporate governance.
Hardware: General English term referring to physical equipment such as electronic devices, digital readers, physical controllers, locks, tools, utensils, parts and machines.
IP (Internet Protocol): Unique identification for each computer connected to a network.
User: Individual registered on the Web Concierge with permission to access several features in the system, such as accessing different locations with just one credential, as well as accessing and using workstations or rooms all previously scheduled or reserved, using their smartphone to carry out an authentication process to open access equipment (turnstiles, gates, doors, etc.), thus making entrances and exits in a simple and automatic way.
Visitor: Individual who makes visits to the buildings and physical environments of the Clients or sporadic service providers of the Client. The personal data we collect may include: your name; cpf, telephone and e-mail address.

II- What types of personal data we collect.

The personal data we collect may include: your name; cpf, rg, telephone, e-mail address; details about the organization you work for, your title; your IP address; your browser type; their access times; details of instances of use of our products and services and other similar information.

The personal data we collect may also include sensitive personal data, which is defined by law as biometric data, in addition to your geolocation.

In some circumstances, we may also collect other categories of personal data about you, either because you provide this data to us or because we are required to collect it as a result of legal requirements imposed on us.

III- How do we collect your personal data?

We collect your personal data or that of your company only for the sole purpose of providing our services. We may collect your personal data through four sources:

1. i - Arising from the provision of services: we may collect personal data in the course of providing services to you or our client;
2. ii - Coming from the holder: we may collect or obtain such data because you provide it to us or because it is publicly available;
3. iii - Arising from your interaction with the Web Concierge: we may collect or obtain your personal data depending on the nature of the services we provide to you or our customer, in addition to the way you use or interact with our website, email, social media etc.
4. iv - Coming from our customers: when your personal data is provided to us by our customer, we take steps to ensure that the customer has complied with privacy and data protection laws and regulations.

IV - How we use and process your personal data

We use and process your personal data or that of your company only for the sole purpose of providing our services. We may use your data for three purposes:

i - Use of personal data to perform services for our customers

We will use your personal data to perform the services for you or our customer, as provided for in Art. 7, V, Law No.

13,709/2018. As part of this, we may use your personal data in the course of service-related interactions and such interactions may be with you, our customer, our service providers or competent authorities. We may also use your personal data to fulfill service-related due diligence checks.

It is important to note that we provide a restricted range of services to our customers and, as a result, the way we use your personal data in relation to our services varies very little.

During registrations and in most cases, we act only as the operator of the personal data of Users and Visitors, that is, we process the data in accordance with the business rules and policies established by the Customer associated with the functionalities of our system.

Below are some examples of how we use it:

Email – will be used to login to the platform
Name, Photo, CPF or RG – will be used to provide access control service to buildings and their environments, in order to guarantee security and traceability of access in each location.
Cellular number – It will be used to validate a User's cell phone, in addition to communicating with the physical Web Concierge access device, a necessary item, as it is what guarantees the User's authentication process.
Photo - In some cases, the photo can be used by the customer to control access by facial recognition, with the consent of the holder.
Client User Access Registration - Information defined as necessary is used to identify the User in the system and thus allow or not their access based on the permissions/invitations they have, which are the essence of the execution of the services (Art. 7, V , Law nº 13.709/2018), such as: photo, password, key created by the system residing on the cell phone, name, cpf, access time, access point, denied or not and the reason for the block.
Health-related data – Information about health data is required by the Customer due to the Covid-19 pandemic, in such a way that people who have symptoms of the disease are blocked from accessing buildings, their environments, space reservations, etc.
Sensitive data – Customers, Administrators and Users should only use health data, data on children, adolescents, biometrics, etc. obtained with the consent of the holder, being their exclusive responsibility to obtain the necessary consents.

ii - Use of personal data for other activities that are part of the operation of our business

We may also use your personal data for or in connection with:

Applicable legal or regulatory requirements;
Requests and communications from competent authorities;
Customer relationship purposes, which may involve: (i) sending you prominent content or details about our products and services that we believe may be of interest to you; (ii) contact you to receive feedback about the Services; and (iii) contact you for other marketing or research purposes;
Protection of our rights and those of our customers.

iii - Use of personal data collected through our website

In addition to purposes related to operating our business, we may also use your personal data via our website to:

manage and improve our website;
adapt the content of our website, from monitoring access to the content made available, to provide you with a more personalized experience and draw your attention to information about our products and services that may be of interest to you;
manage and respond to any request you submit through our website;

V - What are the legal grounds we use to process your personal data

We are required by law to establish in this document the legal grounds for processing your personal data, mainly related to the legal hypotheses defined by the LGPD.

As a result, your personal data will be processed in the following cases:

by providing your specific and highlighted consent for the processing of your data;
guarantee of fraud prevention and its security, in the processes of identification and authentication of registration in electronic systems.
when there are legitimate interests in offering and delivering services to you or to Customers, where the processing of your data is necessary, such as to provide you with access to some environment, reservations of workspaces, as well as for the efficient and lawful functioning of our business, provided that such interests are not outweighed by your interests, fundamental rights and freedoms.
when necessary to comply with applicable legal or regulatory obligations that may require the collection, storage and sharing of your personal data in order to comply with legal and regulatory provisions, such as (i) maintaining records for tax purposes or providing information to a public body or law enforcement body; (ii) compliance with anti-corruption, money laundering, fraud and irregular conduct obligations.
protection of your life or physical safety or that of third parties.
to perform any contract, as well as to provide our services to you or customers.
to regularly exercise our rights, such as exercising our right of defense in any judicial or administrative proceeding.
by providing your consent to send guidance materials on the provision of services and that, if you are not interested, simply click on the unsubscribe function contained in the communication or e-mail received.

VI - To whom we disclose or share your personal data

In connection with one or more of the purposes described in the “How we use your personal data” section above, we may disclose details about you to: competent authorities (including courts and authorities that regulate us); technology companies responsible for storing and guaranteeing security in the treatment of your data; your employer and/or advisors; your advisers; other organizations that help us make decisions about how to reduce the incidence of fraud.

Please note that some of the recipients of your personal data mentioned above may be located in countries outside of Brazil or outside the European Union, whose laws may not provide the same level of data protection. In such cases, we will ensure that we take all possible steps to protect your personal data in accordance with our legal obligations.

We may also need to disclose your personal data if required by law, regulator or during legal proceedings.

We may share non-personal, de-identified and aggregated information with third parties for a variety of purposes, including data analysis, research, contributions, prominent content and promotional purposes.

We may also share information with other third parties who reasonably require access to personal data relating to you for one or more of the purposes described in the “How we use your personal data” section above. From the moment that these third parties or companies have access to this data, they will become responsible for the security, treatment and adequate sharing of this information, not being able to disclose it for other purposes, under penalty of being liable for all

punishments, in particular those of civil, criminal and those applied by the National Data Protection Authority.

VII - How we protect your personal data

We use a number of physical, electronic and managerial measures to ensure that your personal data remains secure, complete and up-to-date. These measures include:

Your data is transferred in encrypted form and stored on Google Cloud servers, whose access is absolutely restricted;
Technological security measures, including firewalls, encryption, HTTPS certificate and antivirus software, which have a variety of security technologies and procedures to protect the information of Users of the platform;
Education and training of responsible staff so that they are aware of our privacy and data protection obligations when dealing with everyone's personal data;
Administrative and technical controls to restrict access to personal data, subject to need-to-know, as well as physical security measures, such as employee security passes to access our facilities;
Observe the guidelines, rules and regulations issued by the National Data Protection Authority (ANPD) and communicate, within a reasonable period of time, the ANPD and the data subjects the occurrence of a security incident that may lead to significant risk or damage from information leakage;
Regarding the operation of the service itself, we note that:
- We use communication channels such as 0800, messaging, service and support and all contacts made through these channels are stored so that we can trace all the services provided.
- considering that our service is a system hired by the Customer to manage access to its environments, in addition to booking the use of its spaces, the Customer may share the information of Users and visitors with third parties, such as security companies and other integration software by through our API. These companies have no relationship with the Web Concierge and therefore we are not responsible for the data processing carried out by them, only for the security of our system and application.

VIII - How long will we keep your information?

We will keep your personal data in our systems for the longest of the following periods, but never less than 6 (six) months under the terms of Law n. 12,965/2014, and article 7, II, of Law no. 13.709/18: (i) as long as necessary for the relevant activity or services; (ii) any retention period required by law; (iii) the end of the period in which disputes or investigations in relation to the Services may arise; (iv) as long as your consent is valid, in the applicable cases; (v) pursuant to current legislation.

IX - What are your rights?

Your rights can be exercised at any time, free of charge, through a request registered by you to our e-mail channel: atendimento@webconcierge.com.br. In particular, you have the right to:

Obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you;
Ask us to update the personal data we hold about you or ask us to correct data that you feel is inaccurate or incomplete;
Withdraw the consent granted for the processing of your personal data, as well as request its deletion (to the extent that such processing is based on consent);
Request the portability of the personal data we have about you to another supplier of products or services, provided that commercial and industrial secrets are respected, as well as applicable confidentiality;
Obtain information about who we share your data with;
Request that your personal data that you understand as unnecessary, excessive or treated in disagreement with the LGPD, be anonymized, blocked or eliminated;
Request the review of decisions made solely on the basis of automated processing of personal data.

To exercise any of your rights, or if you have other questions about the use of your personal data, please contact our canal atendimento@webconcierge.com.br.

X - Complaints Questions or Doubts

If (i) you are not satisfied with the way we handle your personal data, (ii) you have questions, (iii) concerns regarding your privacy and the handling of your personal data when using our website, please forward them to our channel. atendimento@webconcierge.com.br . We kindly ask you to put in the subject “LGPD” not only to prioritize the service, but also to forward it directly to our Board of Directors.

XI - Changes to this Privacy and Personal Data Protection Statement

We may modify or change this Statement of Privacy and Protection of Personal Data from time to time and if the change made requires your consent, you will be given the option to freely, unequivocally and informed the new text or to refuse it.

To inform you when we make changes to this Privacy and Personal Data Protection Statement, we will change the revision date at the top of the first page and at the bottom of this document. The new modified or amended Privacy and Personal Data Protection Statement will apply from that revision date. Therefore, we encourage you to periodically review this Statement to be informed of how we are protecting your information.

By providing information through this website, you consent to the disclosures described above.