Last change: August/2020

Welcome to Dentsu Aegis Network!

1. INTRODUCTION

1. Thank you for connecting with the Dentsu Aegis Network. Dentsu Aegis Network (herein referred to as “our/ours”, “us” and “we”) is a commercial division of the Dentsu Aegis Network Group, a global media group. With this document (“Privacy Policy” or “Policy”), you will have access to all possibilities of treatment of your personal data by the Dentsu Aegis Network. Therefore, we recommend you carefully read this Policy.

1. Our objective is to help our customers improving the form they announce and sell, either by printed media, posts, e-mail, or on websites (herein referred to as the “Services”). We believe that the responsible use of the data supports the growth of the business and creates strong bonds between the brand and the consumer. As a company, we are committed to respecting and protecting the privacy of all individuals with whom we interact. We are committed with transparency in the manner we treat personal data all the time, according to the data privacy and protection laws of applicable data. 

1. This Privacy Policy explains with details the types of personal data we may collect about your when you interact with us. Dentsu Aegis Network is the controller of data of any personal data you provide, including in relation to this website. 

1. This Privacy Policy presents the following:

• Personal data collected
• How we use your personal data
• For how long we keep your personal data
• How we protect your personal data
• How we share and disclose information
• International transfers involving companies and the Dentsu Aegis Network Group
• Your rights as a holder of personal data
• Our responsibility for third-party website links
• Updates
• How to contact us 

1. In the Supplementary Information section of this Privacy Policy, we explain what "personal data" and other terms used in this document mean. 

1. PERSONAL DATA COLLECTED

1. The type of information we collect will depend on the circumstances and the service you are using. Overall, we will collect information related to you and/or the use of your Services as follows: 

1. Information related to the use of the website: we collect information on how you use our website. This includes information relating to the pages you visit on our website, the services or information you search for and the links and content you choose to access on our website. We may use the personal information you provide in our website to provide you with relevant content and to inform our marketing strategy. This type of activity is known as “profiling” – using automated means to process your personal data to analyze or predict your personal preferences, interest or behaviors. You may object to profiling (check section 8 below of this Policy).

1. Technical data: we collect information on the device(s) you use to access our website. This includes collecting information about the type of device you are using, as well as unique mobile device ID or the Internet protocol (IP) address online identifiers, which are numbers that can uniquely identify a specific computer or other network device on the Internet.  This information is linked to a cookie ID, which we receive and process. You may find more information on the cookies we use and the purposes for which we use them on our Cookie Notice below.

1. Contact data: We collect contact details directly from you when you sign-up to receive email alerts, attend one of our events, download our content, subscribe to our newsletters or where you ask us to respond to a query you have. The personal data we collect may include your name, email address, employer and job title, and location. 

1. Marketing and communication data: we collect information about your preferences in our website, request the receipt of marketing newsletters, and other preferences you have set.  

1. We do not intend to collect information of minors under 18 years of age. If you have any doubt about the privacy of your child in relation to our services, or if you believe that your child may have inserted personal data in our website, please contact us at dpo@dentsuaegis.com . We will exclude this information from our records in the reasonable period of time. 

1. HOW WE USE YOUR PERSONAL DATA          

1. Except where required by law or court order, we use your personal data for the following purposes: 

• to deliver the specific information or services you have requested;
• to enable the download of our content;
• to send you newsletters and information relating to our brands and services;
• respond to your requests and feedback; 
• to analyze and/or improve our websites and services; and
• to direct the marketing content or to expand and inform our marketing strategy, according to your preferences.

1. To give as much transparency as possible regarding our activities of personal data treatment, we provide you with a description about the legal basis for the treatment of your personal data. Most of the time, the treatment of your personal information is based on: a) our legitimate interests, when providing services requested by you, or otherwise as a result of your relationship as our customer; b) your consent, when requested; or c) to comply with the legal or regulatory obligation, under the limits of the applicable legislation.  

1. The table below presents more information related to the purposes for which we use your personal data and the legal basis which support such uses. Please note that we may treat your personal data based on more than one legal basis, depending on the specific purpose for which we are using your data.

Purpose / Activity	Types of personal data that may be processed	Legal basis for processing, including the basis of legitimate interest
To send information about our Services, such as, for instance, newsletters or publications, according to your preferences	(a) Name (b) E-mail (c) Company (d) Location	Where you have requested information from us, such as newsletters, publications or event invitations, we send such communications based on your consent. You can ask us to stop such communications at any time by clicking on the unsubscribe link at the bottom of the message.
To improve and develop our website, by means of statistical analyses on the website use, for instance, to enable us to improve our Services, offer new features and materials, etc.	(a) Technical use	It is our legitimate interest to define types of clients for our Services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy.
To deliver relevant content to you, and measure or understand the effectiveness of the content we serve to you.	(a) Name (b) E-mail (c) Company (d) Location (e) Marketing and communications (f) Technical Use	It is our legitimate interests to study how clients use our Service and engage with our content, as well as to develop our Service, to grow our business and to inform our marketing strategy.
To respond to any inquiries or feedback that you send us, and to keep you up-to-date in relation to any changes to our terms and conditions/other policies.	(a) Name (b) E-mail (c) Company (d) Location	It is in our legitimate interest to respond to communications that you send to us, inform you of relevant information in relation to the Services that we provide and utilize your information to improve our business.
To obtain information on our products and services relevant to your needs.	(a) Name (b) E-mail (c) Location (d) Use	It is our legitimate interest to map which of our products or services may interest your and tell you about them.
To share information with our service providers.	(a) Name (b) E-mail (c) Use (d) Marketing and communications (e) Technical Use	It is our legitimate interest to share your data with reliable third parties who provide use with relevant services so that we can offer our website and its features.
To share information in the Dentsu Aegis Network group.	(a) Name (b) E-mail (c) Location (d) Use	As the Dentsu Aegis Network operates as a global operating media company, it is our legitimate interest to share your data within the Dentsu Aegis Network group in order to manage our business effectively and provide our products and services, whenever necessary to achieve the established goal.
Share information with third parties, regulatory agencies, and law enforcement agencies.	(a) Name (b) E-mail (c) Location (d) Use (e) Technician	We share your data as necessary for compliance with any legal or regulatory obligation to which we are subject or in order to satisfy our legitimate business interests, observing the limits of the applicable legislation.

1. FOR HOW LONG WE KEEP YOUR PERSONAL DATA

1. When treating your data, the Dentsu Aegis Network makes its best efforts to keep store them and keep them protected, in safe and controlled environments, observing the legislation in force. Due to this reason, your personal data will be stored with high degree with security, including practices of access control.

1. When offering your Services, the Dentsu Aegis Network always seeks companies employing a high degree of security in the storage of information, establishing contracts that do not violate the terms of this Privacy Policy.

1. We will keep your personal data for the time necessary for the provision of our Services, according to our legal obligations. After this period, your personal data will be safely excluded or anonymized, so that they can be used for analytical purposes. You can request more information about the details of contacts supplied in this Privacy Policy.

1. HOW WE PROTECT YOUR PERSONAL DATA

1. Dentsu Aegis Network undertakes to continuously implement physical, technical, and administrative measures of information security when treating your personal data, according to the best practices of the market. Therefore, we aim at protecting your data against unauthorized access, accidental or illicit situations of destruction, loss, change, communication, or any form of undue or illicit treatment.

1. In this regard, the Dentsu Aegis Network allows that your personal data are accessed by its former employees and other third parties exclusively to the extent necessary to perform their activities, according to the express instructions and by means of contractual obligation of confidentiality and secrecy of the personal data treated.

1. In our partnerships with other companies or service providers, we always seek at assuring the same degree of protection of the personal data.

1. HOW WE SHARE AND DISCLOSE YOUR INFORMATION

1. Information shared with our third-party service providers: we may use a number of third parties to perform business functions on our behalf, such as sending our newsletters and hosting our online services and customer relationship management. We will only disclose personal data to these vendors and service providers to enable them to provide their services. Our service providers are contracted to fulfill our instructions and we require them not to use your personal data for any purpose other than that set forth herein. 

1. Information shared with other parties: when required or permitted by law, personal data may be provided to third parties, such as regulatory and government agencies, in response to a court order or a subpoena, or in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent or take action regarding illegal activities, according to the requirements and limits of the applicable legislation. 

1. We do not sell or rent your personal data to third parties.

1. INTERNATIONAL TRANSFERS INVOLVING COMPANIES AND THE AEGIS NETWORK GROUP

1. Dentsu Aegis Network is a globally operating media group consisting of multiple companies. Therefore, we may periodically disclose your personal data in our group of companies, provided there is a need to comply with the supply to you of our requested Services or to perform any of the activities necessary or legitimate of Dentsu Aegis Network. 

1. Some of our group companies are located outside Brazil, but we also assure the security of such disclosures and transfers according to the data privacy and protection legislation applicable.

1. We will only transfer your personal data outside Brazil in the cases of existence of proper levels to protect the integrity and security of any processed information and according to the data privacy and protection legislation application.  When we transfer personal data between companies of our group, we make these transfers under the standard contractual clauses adopted by the European Commission.  

1. We may also store your personal data in servers outside the national territory, including, but not limited to, cloud-computing services that follow international standards accepted for the security of personal data.

1. In the cases above, the Dentsu Aegis Network undertakes to observe the applicable legislation to assure the protection of your personal data, with the best practices, such as the execution of the pertinent contractual instruments.

1. You can request more information about the measures adopted for these transfers, in the details of contacts supplied in this Privacy Policy.

1. YOUR RIGHTS AS A HOLDER OF PERSONAL DATA

1. Dentsu Aegis Network will adopt the appropriate technical and organizational measures to comply with its obligations in relation to its rights as a holder of personal data. In this regard, we undertake to enforce, in the best manner possible, your rights as set forth by the law, to wit:

1. Confirmation: right to be informed about the existence of data treatment.

1. Access: right to request the access to personal data. 

1. Correction: right to request the change of data when incomplete, inaccurate, or not up-to-date.

1. Restriction: right to objection or to request anonymization, freeze, or elimination of unnecessary data, excessive data, or data not in compliance with the personal data protection legislation.

1. Portability: right to request the transmission of the treated data to another service provider.

1. Elimination: right to request the elimination of personal data treated based on your consent.

1. Information: right to be informed about the public and private entities with which your data have been shared, about the possibility of not providing the consent and on the consequences of such denial.

1. Consent revocation: right to revoke the consent, when the treatment depends on your consent, at any time, by means of express statement, by free, facilitated procedure. The revocation of your consent will not affect the legality of the treatments made until the revocation.

1. If you are interested in no longer received the newsletters of the Dentsu Aegis Network, you can, at any time, unsubscribe to such newsletters, using the pertinent field in the opt-out link of the message.

1. You can make an objection to the processing of your personal data when supported by our Legitimate Interest (or third parties), including for the purposes of direct marketing or profiling. You can object at any time and we shall stop processing the information you have objected to, unless we can show compelling legitimate grounds to continue that processing. 

1. If you exercise the rights above and there is any doubt about your identification, we may request you to supply information from which we may have guarantees about your identity, in order to assure the proper security when answering requests of holders of personal data. 

1. If you are interested in exercising any of the rights listed above, you can contact the Dentsu Aegis Network with the contact information indicated in this Policy.

9. OUR RESPONSIBILITY FOR THIRD-PARTY WEBSITE LINKS

1. This Privacy Notice is limited to the personal data collected by the Dentsu Aegis Network. We do provide links within this site to other websites, including social media sites such as Facebook, Twitter and LinkedIn. If you follow these links, your use of these sites will be governed by their applicable user and privacy notices since their data practices fall outside the scope of this Privacy Policy. Further, we can have no responsibility for or control over the information collected by any third-party website and we cannot be responsible for the protection and privacy of any information which you may provide to any third parties.

10. UPDATES

1. This Privacy Notice may be updated from time to time to reflect changes in law, best practice or a change in our practices regarding the treatment of personal data. The date of the most recent revision will appear at the top of this page. If you do not agree to the changes, please do not continue to use our services and please refrain from sharing your personal data with us. You should check this notice frequently for updates. 

1. Any change to this Policy implying impact to the consent previously given or implying financial burden will be communicated by the Dentsu Aegis Network in advance. However, any change made due to legal reasons or new features of a Service will become effective immediately.

1. You may cease using the Services at any time. Similarly, the Dentsu Aegis Network may also cease the provision of the Services to you at any time, or include or create new limits to the Services.

1. If you do not agreed with any change to this Policy, you must interrupt the use of the Services. Otherwise, the posterior use of the Services will imply your acceptance of the new version of the Policy.

11. HOW TO CONTACT US

1. If you have any questions about this Privacy Notice, about our practices of data treatment, or if you would like to exercise any of the rights mentioned in this Privacy Notice you can contact our Data Protection Officer in any of the following ways:

Address: Rua Wisard, 298, 8º andar. 

Telephone:  (+55) (11) 3759-3752

E-mail:  Brasil.DPO@dentsuaegis.com

SUPPLEMENTARY INFORMATION

In this Supplementary Information section, we explain some of terminology used in this Privacy Notice. 

“Data controller” - the person or company that controls the purposes and means of processing personal data, such as those controlling the purposes and the treatment media or personal data. 

"Personal data" - any information related to you or that allows your identification. 

"Treatment" - means data handling, including, but not limited to, the collection, protection, disclosure, and exclusion. 

“Profiling” – using automated means to process personal data in order to work out certain things about people, like analyzing or predicting their performance at work, reliability, economic situation, personal preferences, interests, behavior, location or movements.

“International transfer” - sending personal information outside the Brazilian territory (for instance, stored in equipment located outside the Brazilian territory) or allowing anyone outside the Brazilian territory to access such information.