Welcome to UPX. When using our websites, solutions and services (“UPX services”), the rules and standards of our Privacy Policy, pursuant to the relevant legislation, will apply for greater security and transparency in the handling of data provided by users. As UPX delivers a wide range of solutions and services, based on our firm commitment to constantly improve and innovate, additional Terms, Licenses and Agreements may provide clauses and use conditions specific to each case. Such documents will be available to each customer and user in their access dashboard upon contracting an UPX solution or service. As Brazilian Law No. 13.709/2018 (LGPD, General Data Protection Law) became effective, Brazilian citizens are required to provide express consent to this Privacy Policy (through the customer dashboard or UPX communication channels).
I. COLLECTING AND HANDLING PERSONAL DATA
UPX only collects data necessary for the fulfillment of the Contract and the delivery of its solutions and services. Thus, data will be collected from the legal entity (e.g., corporate name, Corporate Taxpayer Registry, address, phone number, e-mail) and the individual authorized representative of the company to sign contracts and participate in the management of contracted services (e.g., full name and Individual Taxpayer Registry, ID or other official identification document, e-mail, phone number, profession and address). Other data may be collected depending on the use and experience of solutions and services, such as duration of use, monitoring via cookies, date and time of access to the website, among others necessary for the proper execution of UPX solutions and services. If you do not wish to provide data necessary for the use of a solution or service, you may not use it. Data will be used and handled for the duration foreseen in UPX solutions and services contracts, available to clients upon contracting, or for as long as users wish to keep their client accounts active in UPX systems. Data may also be stored by force of law or requirement of public bodies and authorities. Personal data will be used for drafting and signing contracts and legal documents between the parties, as well as for identifying users and their use of solutions and services, access to the customer dashboard, payment and purchase processing, improving, developing and customizing solutions and services, and customer communication, including sending promotional offers, advertisements and publicity. There may be other specific purposes for the use of data depending on the product or service solution, due to its technical characteristics, which will be expressly informed in the respective contract. Users who sign contracts and provide express consent on behalf of a legal entity declare, under penalty of the law, to be its legitimate legal representative (e.g., partner, manager, employee, agent or legal representative). To improve the quality of our services, in some cases we remove personal identity from data transmitted. Such data is combined with other data to produce aggregated, anonymous statistical information (e.g., number of visitors, source IP address and country of domain of the internet access provider, date and time of access). Services in which users wish to protect their data on the internet or monitor whether there has been a leak (e.g., financial data such as credit card numbers), UPX will use the personal data informed by the user or Controller third party (e.g., financial institutions or public bodies), authorized under legal terms, for the purpose of performing the digital protection service, seeking to anonymize the data wherever possible.
II. COOKIES
Some of our sites, solutions and services may use cookies. Cookies are text files generated by your browser that are placed on your computer’s hard drive when you access certain websites. Cookies help tell us whether or not you have visited the site before, help identify features in which you may have the greatest interest, fill in data on forms, save passwords and preferences, and enhance your online experience. Where required by law, you may visit our websites and refuse the use of cookies at any time on your computer. Refusal to cookies may impact or prevent the use of features, solutions and services, depending on your usage needs.
III. USER’S DUTY OF SECURITY
UPX uses security systems, rules and other procedures in order to ensure the protection of personal data, as well as to prevent unauthorized access to data, improper use, disclosure, loss or destruction. However, despite UPX’s best efforts, it is the duty of each user to guarantee and ensure that their computer is adequately protected against harmful software, such as viruses, spyware, adware, unauthorized remote access, among other malicious activities and programs in the digital environment. Additionally, you should be aware that, without the adoption of adequate security measures (e.g., secure configuration of your browser, use of updated antivirus software, firewall, non-use of software of illegal or doubtful origin), the risk of personal data and passwords being accessed by third parties without authorization is considerably greater. Please also note that, whenever data is provided over open, public networks such as the Internet, your data can circulate unsecured, with the risk of being seen and used by unauthorized third parties. So follow the basic rules of digital security, keeping your computer and your data safe.
IV. RIGHTS OF PERSONAL DATA SUBJECT
Any data subject (individual) may request from UPX, at any time and upon express request through the channels provided below, information about the handling of their personal data, including: • confirmation of the existence of handling; • access to data; • correction of incomplete, inaccurate or outdated data; • anonymization, blocking or deletion of unnecessary, excessive data or data handled in non-compliance with the provisions of the law; • data portability to another service or product provider, subject to commercial and industrial secrets, and subject to the regulation of the National Data Protection Authority; • deletion of personal data handled with the consent of the holder, except in the cases provided for in the law; • information about public and private entities with which the controller has shared data; • information about the possibility of not providing consent and the consequences of such refusal; • revocation of consent.
V. SHARING OF PERSONAL DATA
The data provided to UPX will be used exclusively for the purposes of the services offered and in accordance with this Privacy Policy. UPX does not sell or share personal data with third parties for commercial purposes. However, personal data may be shared in the following cases: • with partner companies or service providers necessary for the performance of the contracted service, always observing the legal principles and ensuring data protection; • by court order or by request of competent authorities, in accordance with applicable laws; • in cases of corporate restructuring, such as merger, acquisition or incorporation, provided the recipient complies with the same terms of this policy.
VI. INTERNATIONAL DATA TRANSFER
Some UPX services and solutions may be hosted on servers located outside Brazil. In such cases, UPX will ensure that the data is processed in compliance with the General Data Protection Law and other applicable legislation, and that the countries involved provide an adequate level of data protection.
VII. RETENTION OF PERSONAL DATA
UPX retains personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, contractual, accounting or reporting requirements. After this period, the data will be securely deleted or anonymized, unless there is a legal or regulatory obligation for its retention.
VIII. CHANGES TO THE PRIVACY POLICY
This Privacy Policy may be amended or updated at any time, to reflect changes in legislation, services or internal processes. Updates will be published on UPX communication channels. In cases where consent is necessary, the user will be notified and may choose to agree to the new terms.
IX. CONTACT
For questions, complaints, or requests regarding your personal data and this Privacy Policy, please contact us through the channels below: • Email: contato@upx.com.br • Website: www.upx.com.br • Telephone: +55 (11) 1234-5678