Privacy Policy
This Privacy Policy has been developed by Semantix and is intended to provide transparency on how we use and protect personal data processed as a result of interactions between Semantix, its clients, suppliers, and other data subjects.
LGPD at Semantix
You are likely aware that the Brazilian General Data Protection Law (Law No. 13,709/2018 – LGPD) was created to establish rules for the processing of personal data by public and private organizations, ensuring that individuals’ data is used appropriately, with transparency and security.
At Semantix, as a company operating in the Analytics, Big Data, and Artificial Intelligence sector, our goal is to transform businesses into data-driven organizations, generating value, automation, and efficiency through intelligent solutions. Therefore, privacy, protection, and security are top priorities in our operations.
Our solutions are based on the concept of Privacy by Design, which incorporates the security of personal information throughout the entire lifecycle of processes, ensuring that privacy remains a central focus in our actions.
We have teams exclusively dedicated to Information Security, Infrastructure, Privacy, Governance, and Technology Controls. Their mission is to ensure compliance and the protection of personal and confidential information through a robust Information Security and Data Privacy Management System, as well as training and awareness programs focused on prevention and employee readiness.
We are certified and comply with the most rigorous national and international privacy and security standards, conducting periodic audits to maintain global certifications such as ISO/IEC 27001 (Information Security) and ISO/IEC 27701 (Privacy Information Management).
We believe that trust is one of the most important pillars in building relationships. Therefore, below we present our Privacy Policy, designed to provide transparency on how we use and protect your personal data.
What personal data does Semantix use and for what purposes?
Depending on your interaction with us, certain personal data may be processed, including:
Registration data
Data collected through contact forms available on our website, so that Semantix can respond to requests, inquiries, and maintain communication with the data subject. This includes full name, email address, and phone number.
Data collected for the execution of activities
Data collected so that Semantix can effectively carry out its activities, including providing services, delivering products, entering into partnership agreements and contracts, among other related activities. Depending on the specific purpose, this may include full name, job title, company, email address, and phone number.
For the provision of our services and products, clients may provide third-party data. In such cases, clients act as Data Controllers and are responsible for collecting such data lawfully, with proper transparency and necessary authorizations.
Website browsing data (Cookies)
Data collected when you browse our website, such as IP address, geographic location, referral source, browser type, duration/frequency of visits, and pages visited. This information is typically collected automatically through cookies stored in your browser. You can manage your preferences and learn more about how we use cookies through our Cookie Notice.
How long do we store your personal data?
Your personal data is stored only for as long as necessary to fulfill the purposes for which it was collected, unless there is another valid reason for its retention, such as compliance with legal, regulatory, or contractual obligations, provided these are supported by a legal basis.
Semantix has a Data Retention and Disposal Policy designed to guide and provide transparency regarding the storage and deletion of data in accordance with applicable laws and in a secure manner. Whenever possible, we will respect your right to request deletion or object to the processing of your data, as described in this Privacy Policy.
With whom do we share your personal data?
Semantix may share personal data with companies within the same group and/or with partner companies and service providers, to the extent that such sharing is reasonably necessary for the purposes outlined in this Privacy Policy and for the effective execution of its activities, including providing services and delivering products.
We may also share data with public authorities and regulatory bodies in compliance with legal and regulatory obligations.
International transfer of personal data
Semantix may transfer personal data to service providers located abroad, including cloud service providers.
When personal data is transferred outside Brazil, Semantix will select destination countries that provide a level of protection equal to or greater than that required by Brazilian law and will adopt appropriate measures to ensure adequate protection of your personal data in accordance with applicable data protection laws, including entering into appropriate data transfer agreements when required.
How do we protect your personal data?
To ensure your privacy and protect your personal data, we adopt appropriate technical and organizational measures, such as encryption techniques, access controls, and other security management practices to prevent unauthorized or unlawful processing, as well as accidental loss, destruction, or damage.
Your data is securely stored on protected systems, and access is restricted to a limited number of authorized individuals. Additionally, our employees participate in regular training and awareness programs on information security and data protection.
You can also help protect your data by adopting good security practices, such as not sharing passwords and using secure environments.
We are certified in Information Security and Data Privacy and conduct periodic audits to verify and monitor our controls. To learn more, please refer to our “Certificates” page.
What are your rights as a data subject?
You have rights related to privacy and the protection of your personal data. In addition to ensuring data security, we are committed to ensuring that you are aware of and can exercise your rights, including:
- Confirm access to your data
- Correct incomplete or outdated data
- Request data portability
- Withdraw consent
- Confirm the existence of processing
- Request deletion of unnecessary or excessive data
- Be informed about the consequences of not providing consent
- Be informed about third parties with whom data has been shared
To exercise your rights, Semantix provides a dedicated channel accessible through our form.
Changes to this Privacy Policy
Semantix reserves the right to modify this Privacy Policy at any time by publishing an updated version on the website. We recommend reviewing this page periodically to stay informed about any changes.
Last updated: April 20, 2023
Version: 05
How to contact us
If you have any questions about how we use your data, comments or suggestions regarding this Policy, or if you believe your personal data has been used in a way that is inconsistent with this Privacy Policy or your choices as a data subject, you may contact our Data Protection Officer at:
Name: Patrícia de Souza Lira Pachere
Email: encarregado@semantix.ai
Key Definitions
To simplify your reading, here are definitions of key terms used in this Policy:
LGPD
Brazilian General Data Protection Law (Law No. 13,709/2018), which establishes rules for processing personal data to protect fundamental rights of freedom, privacy, and personal development.
Processing
Any operation performed on personal data, such as collection, use, storage, sharing, or deletion.
Personal Data
Information related to an identifiable individual, such as name or address.
Data Subject
The individual to whom the personal data refers.
Controller
The individual or legal entity responsible for decisions regarding the processing of personal data.
Processor
The individual or legal entity that processes personal data on behalf of the Controller.
Sensitive Data
Personal data requiring higher protection, such as data related to race, sexual orientation, health, genetics, or biometric information, as well as religious, political, or union affiliations.
ANPD
Brazilian Data Protection Authority responsible for regulating and enforcing LGPD.
Legal Basis
The legal justification that allows the processing of personal data, such as consent or legal obligation.
Data Protection Officer (DPO)
The individual appointed to act as a communication channel between data subjects, the ANPD, and the organization.