Privacy Notice

Privacy Notice

1. Privacy at SONICA

In order to connect people and businesses, SONICA seeks to offer effective and high-performance solutions. Therefore, we understand the importance of treating the data that transit through our business with security and confidentiality. The privacy of customers and other stakeholders is our priority. Consequently, we focus our efforts on information security management to preserve the data processed in our operations.

The main purpose of this statement is to promote transparency regarding data processing at SONICA, in compliance with the Brazilian General Data Protection Law - LGPD (Law No. 13,709/2018), the Brazilian Civil Rights Framework for the Internet (Law No. 12.965/2014_ and de Gereral Data Protection Regulation - GDPR (Directive 679/2016 GDPR), and other relevant legislation.

2. What personal Data do we collect?

To access the SONICA Digital Platform, we require you to log in by providing your email and password.

In the execution of contracts with customers and third parties, we will process contractual qualification data, such as name, CPF, address, telephone, and email. This data is necessary for us to identify the holder and manage our relationship.

If you wish to engage with us, we will need you to provide us with registration and contact information, including name, email, telephone, and your message, which may contain personal data.

When you express interest in joining SONICA's partner program, we will need your name, email, and phone number to contact you.

If you have any relationship with us or voluntarily subscribe to our newsletter, we will use your name and email to direct content that we produce and believe would be of interest to you.

We also collect browsing data related to access to our website and platform, such as IP address, web monitoring, and geolocation.

3. For what purposes do we process personal data?

We process personal information for the following purposes:

i. Compliance with contractual obligations with customers, users, employees, suppliers, partners, and third parties.

ii. Execution of features of the SONICA Digital Platform to meet user expectations.

iii. Providing service and support for the SONICA Digital Platform.

iv. Exploring new commercial opportunities, including quotations, partnerships, and business growth.

v. Compliance with legal or regulatory obligations, particularly legal, labor, tax, and social security requirements.

vi. Sending content of interest to individuals who may be associated with SONICA or who voluntarily subscribe to our newsletter or campaigns.

vii. Monitoring access records and user logs to enhance our services and personalize the user experience on our platform.

4. Sharing Data with Third Parties

SONICA may share personal data with third parties in the following cases:

i. Business succession, such as mergers, acquisitions, and incorporations.

ii. Contracting data processing services from third parties (sub-operators), such as data hosting, processing systems (cloud software services), information technology consultancy, and representation of rights in judicial and/or administrative proceedings.

iii. Compliance with legal determinations and court orders. iv. Check for additional sharing.

We are committed to ensuring that third parties adopt all necessary precautions, both technical and managerial, to protect your personal data as required by law.

It is possible that some personal data may be processed by data hosting services with servers located outside of Brazil or EU. These third parties process data as "Sub-operators" and are prohibited from making decisions or establishing the purpose of data use. We ensure that we supervise and require these operators to refrain from accessing or misusing personal data.

5. Security Controls

SONICA has structured a privacy and data protection governance program to ensure the confidentiality and security of the personal information entrusted to us.

We have adopted security controls to protect your personal data in our possession against loss, misuse, unauthorized access, disclosure, alteration or destruction. As necessary, we will take additional precautions regarding the security of particularly sensitive information.

While we strive to protect your personal data, we cannot guarantee or warrant that such information will be protected under all circumstances, including those beyond our reasonable control. Therefore, we advise against providing us with sensitive data.

Despite the security measures, SONICA is not responsible for the negligence of the user with his own personal data. Our responsibility is limited to efforts to ensure that best security practices are employed. It is up to the user to ensure the confidentiality of information related to the access and operation of their data on the SONICA system, platform and website, such as login information, password, security keys, double authentication factor and any other implemented security solutions.

6. Personal Information Retention

SONICA retains data subject information for the duration necessary to fulfill the processing purposes, including compliance with legal or regulatory requirements, enabling the exercise of rights in judicial or administrative proceedings, and meeting contractual obligations.

Information related to the delivery of content that may be of interest to you, particularly for marketing purposes, will be stored until you object to the processing. You can request the removal of content directly from our designated person responsible for processing personal data or by using the unsubscribe link provided at the end of emails.

7. Data Subject Rights

Both LGPD and GDPR ensure rights to data subjects. Discover some of them below:

i. Confirmation of the existence of data processing;

ii. Access to personal data;

iii. Correction of incomplete, inaccurate, or outdated data;

iv. Anonymization, blocking, or deletion of data that is unnecessary, excessive, or processed in violation of the provisions of the LGPD;

v. Data portability to another service or product provider, upon explicit request, in accordance with the regulations of the national authority, while respecting commercial and industrial secrets;

vi. Deletion of personal data processed with the consent of the data subject, while respecting legal reservations;

vii. Revocation of consent, when applicable.

We reiterate SONICA's commitment to effectively and transparently fulfill the rights of data subjects, when and where applicable.

8. Questions, Clarifications and Requests

If you have any questions or requests, you can contact our data protection management through the following channel:

Blumenau (SC), March 20th, 2023

Version 1.0