Establish the guidelines and the Cesbe group’s commitment to the Privacy and Protection of holders’ Personal Data in accordance with the LGPD and other applicable laws. This document may be updated at any time without advance notice.
This Policy applies to the websites for all companies that are part of the Cesbe group, as well as companies that will become part of the Cesbe group, and operators, data holders and other individuals and entities that may be involved in the processing of personal data.
The Cesbe group, in turn, will not accept a declared lack of awareness of the contents of this standard on the part of any individual or entity subject to its provisions, regardless of the justifications that may be presented.
This document will be made available electronically on Cesbe Group’s Intranet and other internal and external communication channels.
For a better understanding of this procedure, the following concepts are used:
3.1 Personal data (PD): data that allows a data holder to be identified, including their name, CPF, RG, passport number, driver’s license number, vehicle registration, professional board registration number, home address, history of previous addresses, home landline number, personal mobile number, personal email, etc.
3.2 Sensitive personal data (SD): data that reveals racial or ethnic origin, religious beliefs, political opinions, union membership, religious, philosophical or political organization, data related to health or sexual preference, genetic or biometric data, or other data that allow the holder to be discriminated against.
3.3 Brazil General Data Protection Act (LGPD): The LGPD determines that public or private companies are subject to increased controls and security when collecting, storing, and using the data belonging to individuals. The law has significant impacts in companies’ legal, administrative and information security departments. The LGPD’s main objective is to protect data collected from individuals and to make society aware of the importance of personal data, as well as its effects on rights such as freedom, privacy and security in the processing of information.
3.4 ANPD: The National Data Protection Authority is the government body responsible for ensuring, implementing and supervising compliance with this Law throughout Brazil’s national territory;
3.5 Data Holder: individual to whom the personal data that are being processed refer;
3.6 Data Controller: individual or public or private legal entity responsible for decisions regarding the processing of personal data;
3.7 Operator: individual or public or private legal entity processing personal data on behalf of the data controller;
3.8 DPO (Data Protection Officer): an individual appointed by the data controller and operator to act as a communication channel between the controller data holders and the National Data Protection Authority (ANPD). The DPO is responsible for data protection and guaranteeing the security of client, supplier and company information;
3.9 Processing: any operation carried out with personal data, such as those related to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction of data;
3.10 LGPD Committee: committee made up of employees from various sectors at the Cesbe group, responsible for evaluating issues related to LGPD and preparing and reviewing documents related to this area.
3.11 Cookies: Cookies are small text files or fragments of information that are downloaded to your device, whether a computer, a smartphone or any other device with Internet access. Cookies contain information about your browsing of our webpage and exclusively hold information related to your preferences. This webpage can therefore store and retrieve data on your browsing habits in order to improve the user experience, for example. It is important to note that cookies do not contain specific personal information, such as sensitive or banking data. Your browser stores cookies on your hard drive, which takes up minimal memory space and does not affect the performance of your computer. Most information is deleted once you log out of your browser.
3.12 Legal deadline for response: according to item II, art. 19 of the LGPD, this may be up to 15 days of a request being made by the data holder;
3.13 CESBE Group: A series of companies belonging to the Cesbe group, of which some of the companies of the Cesbe group are a part or will be a part, as of the date on which this document was last revised:
4.1 Data Holders:
4.2 Personal Data Controller and Operator: keep a record of processing operations carried out with personal data provided by Data Holders; respond to the requests from data holders within the legally established period; dispose of data after their use as authorized and within the determined period; present Data Holders with regulations determined by the Cesbe group for the Processing of their data.
4.3 DPO (Data Protection Officer): make decisions regarding the internal and external procedures used to protect information; establish communication between the Data Controller, supervisory bodies, and/or data holders; perform remaining duties determined by the data controller or established under complementary regulations. The Cesbe group has appointed Director Erik Alexander Jenichen as its DPO or before supervisory bodies and data subjects. Mr. Jenichen is available to provide assistance at the following email address: firstname.lastname@example.org
5.1 Cookies (TI)
5.1.1. The cookies provided on the website cesbe.com.br are not used to determine the personal identity of individuals that are merely visiting/browsing the website. These cookies exclusively serve to assist in tracking patterns in user traffic and identify which subject/theme is receiving the greatest interest. These cookies are known as anonymized cookies.
5.1.2. No personal information is collected on the website cesbe.com.br without voluntary consent from the user. This consent is only provided when the user makes use of the Contact Us form, sends their resume through the link Careers, or registers as a supplier by entering an email address.
5.2 The types of cookies used by Cesbe
5.2.1. The collection of non-personal information (“Information on Access and Interactions”) helps to determine the number of users on the site, the frequency of access, and the features (subject/theme/material) that are most or least accessed, including user’s interactions with the site’s general content. This information and statistics help the Cesbe group to better understand its main audiences and be able to improve the website and its content in order to optimize performance and ensure a better experience for users, thereby allowing the company to expand its reach.
5.2.2. The cookies used by the website cesbe.com.br perform certain functions, as described below:
188.8.131.52. Essential Cookies: Essential cookies are used to ensure the proper functioning of the website. These cookies are usually only defined in response to actions taken by the user that include a request for services, such as setting their privacy preferences. The user can configure their browser to block essential cookies or alert them about the use of such cookies. This may cause some parts of the site to not function properly, however. The essential cookies used on our website are those collected through Google Analytics, as mentioned below.
184.108.40.206. Performance/Analytical Cookies: cookies that collect anonymous statistical data for the purpose of analyzing the use of the website and its respective performance. Performance/analytics cookies help measure the performance of our website www.cesbe.com.br. These cookies make it possible to measure the number of times a page has been visited and which pages are the most and least accessed, offering insight into how visitors move around the site. The information collected by these cookies is anonymous. If you do not allow these cookies to be used, we will not know when you visited our site.
5.2.3. The website www.cesbe.com.br uses the information provided by cookies collected through Google Analytics exclusively to improve the website and the services offered. Google Analytics collects the IP address that was assigned to the user on the date on which they visited our site, rather than their name or other identifying information. The website
5.2.5. Some cookies are necessary to the complete operation of the website www.cesbe.com.br. The user may choose to not accept cookies when using the site. However, in such situations our site cannot guarantee that the services offered will function correctly. Cookies can be accepted, deleted or rejected through means of management tools available in the user’s web browser. If users choose to disable cookies, they should consult the browser’s instructions to learn more about adjusting or changing these settings. Users can use one of the links below to manage preferences for each browser:
5.2.6. Managing Cookies in Firefox, click here.
5.2.7. Managing Cookies in Google Chrome, click here.
5.2.8. Managing Cookies in Internet Explorer, click here.
5.2.9. Managing Cookies in Apple Safari, click here.
5.2.10. Managing Cookies in Opera, click here.
5.2.11. Managing Cookies in Microsoft Edge, click here.
5.3 Primary and secondary cookies
5.3.1. Primary Cookies: Cookies that allow the website to function properly. Primary cookies are essential for the user to be able to make use of the options and functions available on the website.
5.3.2. Secondary or third-party cookies: cookies sent to the equipment located in the user’s terminal or domain. Secondary or third-party cookies are not managed by the website cesbe.com.br, but rather another entity that processes the data obtained through cookies.
5.3.3. The website cesbe.com.br also allows third parties to download cookies onto users’ equipment. For example, when the user accesses specific content, there is a button located at the bottom of the webpage that allows the user to easily share the content on their social networks (Facebook, Twitter, Instagram and WhatsApp). The content can also be shared by clicking on the buttons with the social networks logos to access the website www.cesbe.com.br that particular social network and is sent directly to the third party’s website (YouTube, Twitter and Facebook), at which the Cesbe group has established a page.
5.3.4. When the user clicks on one of these buttons, a cookie can be inserted by the entity selected. These third-party cookies are not under our control. For more information about the use of third-party cookies and how to disable them, visit these third-party webpages:
5.3.5. Google and YouTube cookies policy, click here.
5.3.6. Twitter cookies policy, click here.
5.3.7 Facebook Cookies Policy, clicke here.
5.3.8 WhatsApp cookies policy, click here.
5.4. WordPress.org – What is WordPress and why is it used?
5.4.1. WordPress.org is a CMS (Content Management System), an open source, extensible and customizable system that acts as a development platform for a wide range of websites, including content management. WordPress.org’s mission is to facilitate the creation and editing of content on a site without the need to use a programming language and includes text creation, the use of images and videos, preparation of forms, and options for customizing site layout, among other functions.
5.4.2. A plugin is a code inserted into the website created using WordPress, which acts as an extension that is used to expand features and improve the website’s function. An essential plugin used on the website cesbe.com.br, is the Google Site Kit, which allows for the most relevant Google Analytics analyses and dashboard metrics (information management tool that monitors and displays key performance indicators [KPIs], metrics and data), aiming to evaluate data such as the number of visits, average length of stay on each webpage and bounce rate.
5.4.3. The different categories of cookies used by the website cesbe.com.br are described below, with specific examples detailed in the following table.
||Only users that are logged in?
|_ga||2 years||Google Site Kit – Used to distinguish between users.||No|
|_gat_<property-id>||1 minute||Google Site Kit –Used to control the rate of requests.||No|
|_gid||24 hours||Google Site Kit – Used to distinguish between users.||No|
5.4.4. Google’s Terms of Service, which is available at the web address, https://policies.google.com/terms?hl=en, apply to the Google Site Kit.
5.5 Period for which collected data is stored
5.5.1. Personal data that is collected will be stored as long as legally required or for the period necessary in effectively fulfilling the purpose of processing, in accordance with the limits and regulations contained in the LGPD.
5.6. Disposing of the Data Collected
5.6.1. After the legal deadline for the processing of personal data has passed, it must be deleted throughout the data path based on traceability.
5.6.2. Data will be deleted, after the storage period or at the request of the data holder, unless it is necessary to continue to store such data in order comply with a legal obligation according to the Data Processing Procedure.
5.7. Data Processing Procedure
5.7.1 The Data Processing Procedure allows the Cesbe group to determine and offer guidance with regards to processes applicable to Privacy, Protection and Processing of data made available by Data Holders.
5.8. Communication Channel
5.8.1. Cesbe makes its communication channel and direct services from our DPO, Director Erik Alexander Jenichen, available to all data holders, operators, as well as any other individual or legal entity, exclusively for matters related to privacy and Personal Data Protection, through the following email address: email@example.com
5.9 Brazilian General Data Protection Act
5.9.1 In adherence to the General Data Protection Act (LGPD), the parameters adopted by the Cesbe group under its Personal Data Processing Procedure, which establishes specific criteria inherent to this area, must be observed in all processes involving the processing of personal data or any information related to the holders of personal data.
6.1. External References
6.1.1. Federal Law 13.709 (08/14/2018) – LGPD: General Data Protection Act.
6.2. Internal References
6.2.1. Code of Conduct – Guidelines for Conduct at the Cesbe group
6.2.2. Policy on Disciplinary Measures and Consequences;
6.2.3 Information Security Policy.
This document will enter into force as of the date on which it was approved in its respective jurisdiction and being made available on the Cesbe group’s Intranet and other internal and external communication channels.
Once this document is published, any previously existing versions will be rendered invalid (without effect). This document must be reviewed within a maximum period of 3 years. Failure to comply with this document may result in sanctions, which will be decided by the Ethics and Compliance Committee.
This document was developed by the LGPD Committee and approved by the Executive Board. All professionals involved in the execution of any activity linked to the Cesbe group must be notified of the existence of this document and guarantee faithful compliance with its provisions.