General Data Protection Law (LGPD): governs the processing of personal data, including in digital media, by individuals or legal entities under public or private law, with the aim of protecting the fundamental rights of freedom and privacy and the free development of the natural person's personality;
Personal data: information related to an identified or identifiable natural person;
Sensitive personal data: personal data concerning racial or ethnic origin, religious conviction, political opinion, affiliation to a trade union or religious, philosophical, or political organization, data concerning health or sex life, genetic or biometric data, when linked to a natural person;
Anonymized data: data related to a holder who cannot be identified, considering the use of reasonable and available technical means at the time of its processing;
Data subject: natural person to whom the personal data being processed refers;
Controller: natural or legal person, under public or private law, responsible for decisions regarding the processing of personal data;
Processor: natural or legal person, under public or private law, who processes personal data on behalf of the controller;
Data processing agents: the controller and the processor;
Processing: any operation performed with personal data, such as those related to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination, or extraction;
Consent: free, informed, and unequivocal expression by which the data subject agrees to the processing of their personal data for a specific purpose;
International data transfer: transfer of personal data to a foreign country or international organization of which the country is a member;
Shared use of data: communication, dissemination, international transfer, interconnection of personal data, or shared processing of personal databases by public bodies and entities in the exercise of their legal competences, or between these and private entities, reciprocally, with specific authorization, for one or more processing modalities permitted by these public entities, or between private entities;
Data Protection Impact Report (DPIA): documentation by the controller containing the description of personal data processing processes that may generate risks to civil liberties and fundamental rights, as well as measures, safeguards, and risk mitigation mechanisms;
National Authority (ANPD): indirect public administration body responsible for overseeing, implementing, and enforcing compliance with this Law.
Data Protection Officer (DPO): natural person appointed by the controller who acts as a communication channel between the controller, the data subjects, and the national authority;
Regarding the processing of personal data from its clients and based on what is established in Article 6 of Law No. 13.709 of August 14, 2018, Omnisolution observes the following principles:
I – Purpose: processing for legitimate, specific, explicit, and informed purposes to the data subject, without the possibility of subsequent processing incompatible with these purposes;
II – Adequacy: compatibility of processing with the purposes informed to the data subject, according to the context of processing;
III – Necessity: limitation of processing to the minimum necessary for the achievement of its purposes, covering relevant, proportional, and non-excessive data in relation to the purposes of data processing;
IV – Free access: guarantee to data subjects of facilitated and free consultation on the form and duration of processing, as well as on the completeness of their personal data;
V – Data quality: guarantee to data subjects of accuracy, clarity, relevance, and updating of data, according to the need and for the fulfillment of the purpose of its processing;
VI – Transparency: guarantee to data subjects of clear, precise, and easily accessible information about the processing and the respective processing agents, observing commercial and industrial secrets;
VII – Security: use of technical and administrative measures capable of protecting personal data from unauthorized access and from accidental or unlawful situations of destruction, loss, alteration, communication, or dissemination;
VIII – Prevention: adoption of measures to prevent the occurrence of damages due to the processing of personal data;
IX – Non-discrimination: impossibility of processing for unlawful or abusive discriminatory purposes;
X – Accountability and accountability: demonstration by the agent of the adoption of effective measures capable of proving compliance with personal data protection norms and, including, the effectiveness of these measures.
When accessing the Omnisolution website or any platform of operators offering Omnisolution products, services (trainings, courses, etc.), and entering their personal data, the data subject will have their personal information processed in a standardized manner, in accordance with the items described below:
1. Data Origin
The personal and sensitive data that Omnisolution is committed to controlling and protecting come from the following sources:
(i) personal data of Omnisolution employees;
(ii) personal data of potential clients and Omnisolution clients;
(iii) personal data of Omnisolution suppliers and partners.
2. Purpose
Considering:
a) personal data of Omnisolution employees
The collection of personal data of Omnisolution employees has the specific purpose of complying with applicable labor legislation regarding the payment of salaries and benefits offered by Omnisolution.
The personal data of Omnisolution employees will not be used for subsequent processing different from what has already been stated, except in cases of legal necessity (response to labor liabilities, court request for procedural purposes, etc.).
b) personal data of potential clients, clients, and Omnisolution partners
The collection of personal data of potential clients, clients, and Omnisolution partners has the specific purpose of commercializing the products and services offered by Omnisolution and providing services. Personal data will be used to send messages with a commercial context, as well as information related to the products and services offered by Omnisolution.
The data will not be used for subsequent processing different from what has already been stated, such as database enrichment, sale of databases to third parties, etc.
c) personal data of Omnisolution suppliers and partners
The collection of personal data of Omnisolution suppliers and partners has the specific purpose of commercial contracting for the provision of services. Personal data will be used to comply with specific legislation regarding the issuance of invoices and related matters, thus having legal support.
The data will not be used for subsequent processing different from what has already been stated, except in cases of legal necessity (response to labor liabilities, court request for procedural purposes, etc.).
3. Collection
The personal data described in item 1 (Data Origin) will be collected through electronic registration platforms integrated into the Omnisolution website and electronic registration platforms integrated into the websites of partner operators.
4. Classification
Considering:
a) personal data of Omnisolution employees
For the collection of personal data of Omnisolution employees, the consent of their holders is not required, as the personal data is supported by a legal basis.
b) personal data of potential clients and Omnisolution clients
When registering personal data to access tests and/or purchase Omnisolution products and services, the data subject is informed about the Omnisolution Privacy Policy (available on the website www.omnisolution.top) and how their data will be processed.
By agreeing to the Omnisolution Privacy Policy, the data subject formally consents to the use of their personal data, in accordance with what is described in this document.
The lack of formal consent for the use of their personal data by Omnisolution and/or its operators may result in restrictions or limitations on access to the products and services advertised and commercialized for potential clients or Omnisolution clients.
c) personal data of Omnisolution suppliers and partners
When starting a relationship with Omnisolution, suppliers and partners are informed about the Omnisolution Privacy Policy.
Formal consent occurs upon signing the service provision contract between the parties.
By agreeing to the Omnisolution Privacy Policy, the data subject formally consents to the use of their personal data, in accordance with what is described in this document.
The lack of formal consent for the use of their personal data by Omnisolution and/or its operators may result in the impossibility of providing services for potential suppliers or Omnisolution partners.
5. Access
Omnisolution ensures the data subject free access to their data upon prior written request. Through a unique login and password provided by Omnisolution to the data subject, they can access their personal data at any time and request deletion, modification/update, or any related information regarding this content.
6. Modification
Omnisolution is the only entity authorized to modify, correct, or alter the data subject's personal data, upon formal request (authorization) from the data subject.
Omnisolution reserves the right to make the requested modifications within 30 days from the date of the formal request.
7. Update
When necessary and to ensure that the data subject's personal data remains valid, Omnisolution may update it through telephone contact with the data subject.
8. Reproduction
The reproduction of personal data that Omnisolution has access to considers:
a) personal data of Omnisolution employees
The personal data of employees is reproduced for Omnisolution's accounting company (processor), responsible for processing payments and other labor rights guaranteed by law.
b) personal data of potential clients and Omnisolution clients
Omnisolution reproduces the personal data of its potential clients and clients for partner companies (processors), who are instructed to process the data in alignment with what Omnisolution (controller) defines, in accordance with what is described in this document.
c) personal data of Omnisolution suppliers and partners
The personal data of Omnisolution suppliers and partners is reproduced for Omnisolution's accounting company (processor), responsible for processing payments and other commercial rights guaranteed by law.
9. Transmission
All personal data that Omnisolution has access to is transmitted to processors through password-protected electronic spreadsheets and/or email.
10. Processing
The processor companies that interact with Omnisolution are instructed to process personal data according to the purpose explained in this document (Omnisolution Privacy Policy), being prohibited from enriching databases and using them for any other purpose not communicated and formalized by Omnisolution.
11. Archiving
The personal data controlled by Omnisolution is stored in Omnisolution's database and on the servers (cloud) of partner processor companies.
12. Deletion
The personal data controlled by Omnisolution is archived in Omnisolution's database and on the servers (cloud) of partner processor companies for an indefinite period, except when deletion is requested by the data subject.
Personal data of Omnisolution employees is deleted only after the applicable legal deadlines for each type of information have expired.