Introduction
This Privacy Policy (“Policy”) aims to provide transparency on the treatment given by Zenvia regarding personal data on its corporate website (https://ir.zenvia .com) and describe the measures adopted to ensure compliance with Brazilian Federal Law 13.709/18 – General Data Protection Law (“LGPD”).
The terms and concepts referred to herein are aligned with the LGPD. When using our Website and/or providing personal data, we consider users to be aware of the terms of this Policy. If you have any questions, please send us an email to: [email protected].
What personal data do we collect and for what purpose?
Your personal data is treated according to strict legal standards, thus allowing us to develop our activities and maintain a good relationship with you.
Our website collects data mainly under three circumstances: (i) data provided for the “Contact IR” platform; (ii) data provided for the “E-mail Alert” platform; and (iii) data collection through automated technologies, such as cookies, when users access the website (“Access and use of the Website”).
All treatment given according to specific purposes and justified by users’ free and informed consent, legal or contractual issues, or for our legitimate interests.
Below is a description on how personal data is treated in each of these situations and the corresponding specific purpose.
| Process | Personal Data | Purpose |
| Contact IR | Name, email, phone number, company and message sent | Respond to requests from investors and shareholders, receive questions regarding financial or institutional information that has already been disclosed, receive comments and suggestions. |
| Subscribe to Email Alert | Name, email, company, and profile | Send relevant information to investors and shareholders, therefore creating a communication channel with Zenvia. |
| Access and use of the Website | Log record, IP address, location, information related to type of device and connection, information related to the use of the Website. | Analyze how users interact with the Website to correct potential errors, develop new features, and provide better security, always seeking for ongoing improvements. |
How long is personal data stored?
We store personal data exclusively when it is legally justified for a specific purpose. After the purpose is reached, personal data is deleted or made anonymous.
As a rule, we store personal data to guarantee contractual clauses, comply with legal and regulatory obligations, particularly those arising from the Internet Legal Framework in Brazil, and to serve our legitimate interests, always respecting the rights of the user and in compliance with applicable regulations.
Unless a legal or contractual prohibition exists, users can request that their personal data is deleted from our platforms.
At the end of the treatment process, personal data are carefully deleted, guaranteeing they have been eliminated and protecting the rights of the user.
How do we protect your personal data?
We adopt technical, administrative, and legal measures to ensure the data processed by us always complies with the LGPD and the highest standards of information security. We take all necessary precautions to prevent accidents related to the processing of personal data, such as leaks, unauthorized access, loss of data, alteration or any other form of irregular treatment.
In the event of accidents related to personal data occur, we will take all measures to mitigate the consequences, including, when applicable, notifying the user and the ANPD (Brazilian National Agency for Data Protection), pursuant to provisions of the LGPD and its regulations.
Who do we share your personal data with?
We may share your personal data with the companies that are part of our business group as a way of developing our business.
To carry out the purposes already explained, we may share users’ personal data with partners and suppliers. In such situations, we always request that a confidentiality agreement containing protection clauses for personal data is signed.
Unless we receive a court order, we will never disclose personal data to third parties or use said data for purposes other than those for which they were collected.
Is personal data transferred internationally?
Personal data may be shared with our partners who have servers located in other countries, such as cloud storage, for example. In such situations, we require that the country of destination offers adequate rights and privacy protection for personal data and/or adequate safeguards so that we comply with the provisions of the LGPD.
What are users’ rights in relation to their personal data?
Users, as the holders of data processed by us, have the following rights, according to the LGPD: to confirm that treatment is given to personal data; request information on how personal data is treated and if it is shared with third parties; request access to their data; request correction measures and updating of personal data; request that personal data is deleted, blocked, or made anonymous, if applicable.
All requests related to rights must be sent to the email address provided at the end of this Policy.
Inquiries will be answered within the time limits established by the LGPD and its regulations. In the absence of a specific deadline, inquiries will be answered within 15 (fifteen) business days.
Questions?
We will be glad to assist you with further clarifications or questions about this Policy through the email: [email protected].
Final provisions
This Policy may be changed, at any time, upon notice on this website and email, if you are registered in our mailing list.