AVILEZ ROCHA CONSULTING
Privacy Policy
At Avilez Rocha Consulting, privacy and personal data protection are priorities. This Privacy
Policy describes how we handle personal data collected through our website, in accordance
with the General Data Protection Law (LGPD - Brazil), the General Data Protection
Regulation (GDPR - European Union), and the California Consumer Privacy Act (CCPA -
USA).
1. Data Collected
We only collect the following data, provided voluntarily through the contact form:
- Full name
- Email address
In the event of contracting our services, other data may be collected for the purpose of
contract execution. These data will depend on the scope of the contracted service.
2. Purpose of Processing
The data is used exclusively for:
- Respond to data subject’s inquiry
- Provision of contracted services (contract execution)
We do not use the data for marketing purposes, nor do we share it with third parties.
3. Legal Bases
LGPD (Art. 7, I and V): Consent of the data subject and Contract execution.
GDPR (Art. 6.1.a): Consent of the data subject and Contract execution.
CCPA: Collection limited to data necessary for the provision of the requested service.
4. Storage and International Transfer
The data is stored on servers located in the United States, with appropriate technical and
organizational measures to ensure its security. The international transfer of data is carried
out based on standard contractual clauses and other safeguards provided for in applicable
legislation.
5. Information Security
We adopt appropriate security measures, including:
- Encryption of data in transit and at rest.
- Access control based on minimum privileges.
- Continuous monitoring of integrity and availability.
- Maintenance of anti-malware applications on devices used for data processing
6. Data Subject Rights
At any time, you, as the data subject, can demand, through an email sent to the DPO:
1. Confirmation of the existence of data processing.
2. Access to your data.
3. Correction of incomplete, inaccurate, or outdated data.
4. Anonymization, blocking, or deleting unnecessary, excessive, or non-compliant data.
5. Data portability to another service or product provider, upon express request, subject to
commercial and industrial secrecy.
6. Deletion of personal data processed with the consent of the data subject, except where
there is a legal basis for its retention (such as compliance with legal or regulatory
obligations).
7. Information about public and private entities with which the controller has shared data.
8. Information about the possibility of not providing consent and the consequences of
denial.
9. Revocation of consent at any time, upon express manifestation, ratifying the treatments
carried out under the previously provided consent.
10. Objection to data processing, when carried out based on one of the hypotheses for
waiver of consent, in case of non-compliance with the LGPD.
11. Petition regarding your data before the ANPD (National Data Protection Authority).
12. Request review of automated decisions that affect your interests, including decisions
intended to define your personal, professional, consumer, and credit profile.
7. Data Retention
The data will be kept only for the time necessary to respond to the request, provide the
contracted service, or as required by legal obligations.
8. Cookies and Browsing Data
Our website does not use cookies for tracking or collecting additional data.
9. Changes to this Policy
This Policy may be updated to reflect legal or operational changes. We recommend periodic
reading.
10. Data Protection Officer (DPO)
For questions or requests related to privacy, please contact our Data Protection Officer:
- Nome: Beatriz de Avilez Rocha
- Email: dpo@avilezrocha.com
Last updated: May 19, 2025