CBD MECÂNICA INDUSTRIAL LTDA.

  1. About CBD Mecânica Industrial Ltda. 
    1. With more than 30 years of know-how and a complete structure to offer turnkey solutions, CBD Mecânica Industrial Ltda. (“CBD”) is expert in industrial automation, focusing on cost reduction, productivity increase and production quality.the CBD design of machines, special devices and robotic cells, in addition to offering labor and technical assistance services.
    2. CBD sales to post-sales, resulting in the emergence and maintenance of several partnerships and representations of foreign companies. In each representation our team is trained and integrated, always updating us to offer the best support to our customers.
    3. The “CBD” website refers to the official electronic address, accessible through the address https://www.cbd.com.br/pt/(“Site”), tools which we collectively refer to in this Policy as “Services” . This Policy only applies to the use of the CBD.
      1. Website CBD may contain links to other websites. Therefore, CBD has no control over how our Users’ data is collected, stored or used by other websites. In light of such considerations, we advise you to review the terms and conditions of use and privacy policies of any of these sites before providing any data to any third party.
  2. Contents
    1. and CBD internal procedures to ensure the care, security and protection of its Users’ personal data and, for this reason, makes available this Policy, the content of which includes information on:
  3. What is personal data;
  4. What are the Rights of Users in the position of data subjects;
  5. What personal data is collected by CBD;
  6. Data obtained otherwise;
  7. How CBD handles personal data of children and adolescents;
  8. How CBD handles sensitive personal data;
  9. How CBD handles personal data in general;
  10. Period of retention of personal data by CBD;
  11. Sharing of personal data by CBD;
  12. Transfer of personal data by CBD;
  13. Security measures adopted by CBD;
  14. How Users can control access to their personal data;
  15. Failure to provide consent for the processing of personal data;
  16. Website CBD; and
  17. Data Protection Officer (DPO) contact channels CBD.
  18. Definitions and Interpretation 
    1. In this Policy, the following terms will have the meanings defined below: 
  • Anonymization: use of reasonable technical means available at the time of treatment, through which data loses the possibility of association, directly or indirectly, with an individual;
  • National authority: public administration body responsible for ensuring, implementing and monitoring compliance with this Law throughout the national territory, in the case of protection of personal data, National Data Protection Authority (ANPD), regulatory and supervisory body;
  • Consent: free, informed and unequivocal expression by which the holder agrees to the processing of his/her personal data for a specific purpose;
  • Account: obtaining registration through registration with CBD, in order to access or use the Services and restricted resources;
  • Controller: natural or legal person, under public or private law, responsible for decisions regarding the processing of personal data, for the purposes of this Privacy Policy, CBD;
  • Cookie: small text file placed on a computer or device by the CBD when the User visits or accesses certain content and features offered. Details about the cookies used by CBD on its Site are set out in Part 17 of this Policy;
  • Anonymized data: data relating to the data subject that cannot be identified, considering the use of reasonable technical means available at the time of its treatment;
  • Personal data:  information related to an identified or identifiable natural person. Personal data will also be considered any information used to form a behavioral profile of a certain natural person, if identified. Examples of personal data include name, ID number, CPF number, email address, landline or cell phone, residential and home address, among others. LGPD does not consider information relating to legal entities, such as CNPJ, corporate name or business address, to be personal data;
  • Sensitive personal data: personal data on racial or ethnic origin, religious conviction, political opinion, membership of a trade union or organization of a religious, philosophical or political nature, data relating to health or sex life, genetic or biometric data, when linked to a natural person who, by their very nature, may be used for discriminatory and illicit purposes against a certain natural person;
  • Deletion: deletion of data or a set of data stored in a database, regardless of the procedure used;
  • charge: person appointed by the controller and operator to act as a communication channel between the controller, data subjects and the National Data Protection Authority (ANPD), responsible for establishing communication and responding to requests from personal data subjects and guiding the controller’s employees on the appropriate way to proceed with the processing of personal data;
  • Personal data security incident: any adverse event, confirmed or suspected, related to a breach in the security of personal data, such as unauthorized, accidental or unlawful access that results in destruction, loss, alteration, leakage or any form of inappropriate or unlawful processing of data, which may pose a risk to the rights and freedoms of the holder of personal data;
  • Law No. 13,709/18: normative diploma, also known as the General Data Protection Law (“LGPD”), published on August 14, 2018, which provides for the processing of personal data of individuals in digital or physical means carried out by a natural or legal person, of public or private law, in order to establish the guidelines, rights and obligations of holders of personal data, controllers and operators in the processing of personal data, with the aim of preserving privacy, civil liberties and rights fundamentals of the holders of personal data;
  • Operator: natural or legal person, governed by public or private law, who processes personal data on behalf of the controller;
  • Holder of personal data (“Users”): natural person to whom the personal data subject to processing by the controller or operator refers, and who have their personal data processed under the terms of Law No. 13,709/18, General Data Protection Law;
  • International data transfer: transfer of personal data to a foreign country or international organization of which the country is a member;
  • Processing of personal data: any operation carried out with personal data, such as those referring to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction; and
  • Shared use of data: communication, dissemination, international transfer, interconnection of personal data or shared treatment of personal data banks by public bodies and entities in the fulfillment of their legal powers, or between these and private entities, reciprocally, with specific authorization, for one or more treatment modalities permitted by these public entities, or between private entities.
  1. What is personal data?
    1. Personal data is defined by article 5, item I, of Law nº 13.709/18, General Data Protection Law, known by its abbreviation “LGPD”, as any information relating to an identified or identifiable natural person.
    2. Personal data is, in the simplest terms, any information about the User of the CBD that allows him to be identified. Personal data includes obvious information such as your name, email address, telephone contact, as well as less notorious data such as an identification number, electronic location data and other digital identifiers.
  2. What are your rights as a User?
    1. The User has the following rights, in accordance with the General Data Protection Law (Law No. 13,709/18): 
  3. Confirmation of the existence of the treatment;
  4. Access to data;
  5. Correction of incomplete, inaccurate or outdated data;
  6. Anonymization, blocking or elimination of unnecessary, excessive or treated data in violation of the provisions of Law No. 13,709/18;
  7. ’s commercial and industrial secrets CBD;
  8. Deletion of data processed with the consent of the holder, except in cases of legal custody and others provided for by law;
  9. Revocation of consent, when the treatment is based on it; 
  10. Information about the possibility of not providing consent and about the consequences of denial;
  11. Information on the public and private entities with which the controller made shared use of data; and
  12. Full copy of your data when the legal basis is consent or contract execution. 
  13. What personal data is collected by CBD?
    1. Website CBD, it may collect and process the following personal data defined below:
  14. CBD collects and processes the personal data of its Users when they contact the company, through forms contact for questions, technical assistance and budgets; through a form to be filled in by representatives of any companies interested in entering into a partnership with CBD. The personal data collected are name, e-mail, telephone, company, department, city and country and the purpose of the treatment is to answer the User’s question and/or request.. CBD also collects and processes the personal data of its Users when CVs are sent by those interested in a job opportunity at CBDThe data collected are name, age, address, photo, academic background and professional experience, e-mail and telephone and the purpose of the treatment is to answer the User’s question and/or request. 
  15. When the User allows the use of cookies and device IDs, including location and other tracking technologies.

CBD personal data from its Users through cookies and other technologies, such as web beacons; Device IDs; advertising IDs; geolocation; Cookies; and IP addresses. 

  1. Personal data obtained otherwise
    1. below CBD provides information on which personal data may be obtained indirectly through the use of the Services available on the CBD.
  2. Device IDs. 

They include IDs associated with the mobile device operator of each CBD, such as: IMEI, MEID, IMSI; Platform-specific IDs such as Android ID, Google AID, and Apple IDFA; and IDs that are part of the device’s hardware, such as WiFi MAC address and serial number. Exactly which device IDs are passed will depend on the user’s mobile device platform and operating system version. Device IDs and network addresses include IP addresses, MAC addresses, and SSIDs of other networked devices or wireless access points.

  1. General location data. 

Services CBD may transmit general location data. General location data may be obtained through GPS services; triangulation of cell towers; or known location of nearby Wi-Fi hotspots. Coarse location and approximate general location data and sensor data, including the local network, may also be collected and processed to improve the provision of the Services by CBD.

  1. How CBD handles personal data of children and adolescents
    1. The Services offered by CBD are intended for persons of legal age and capable. The User of CBD must be at least 18 (eighteen) years of age.
    2. Notice to parents or legal guardians: If you, a parent or legal guardian, notice that a child or adolescent has provided us with personal data without your consent, please contact us through the CBD specified below. If CBD finds that an individual under 18 (eighteen) years of age has provided us with their personal data even with the consent of 1 (one) of their parents or legal guardian, CBD take appropriate measures to eliminate, as soon as possible. possible, all personal data provided, as well as proceed with the cancellation of the registration created with CBD.
  2. How CBD handles sensitive personal data
    1. does CBD not collect any sensitive data through accessing its Site.  
  3. How does CBD process the personal data of its Users in general?
    1. the CBD principles of purpose, adequacy and necessity, in order to carry out the processing of personal data for legitimate and specific purposes, within the strict limit of what is necessary to achieve the objectives and benefits revealed by CBD to the User. 
    2. The collection and processing of any and all personal data of the User of the CBD must always have a clear and specific legal basis. 
    3. The following table describes CBD in collecting and processing its Users’
personal data: Personal data processed by CBDPurpose for processing personal dataLegal Basis
Name, e-mail, telephone, company, department, city and country .Answer any queries using forms.Consent 
Name, e-mail, telephone, company, department, city and country.Provide technical assistance through forms. Contract execution. 
Name, email, phone, company, department, city and country.Respond to quote requests received through forms.Contract execution. 
Name, email, phone, company, department, city and country.Respond to requests for possible partnerships through a form to be filled in by the legal representatives.Contract execution.  
Name, age, address, e-mail, telephone, photo, academic background and professional experience. Receiving and processing CVs in selection processes.legitimate interest.  
Device ID
Allow device identification in order to authorize the provision of the Services offered by CBD.Legitimate Interest. Article 7, IX, of Law No. 13.709/18, General Data Protection Law: “When necessary to meet the legitimate interests of the controller or third parties, except in the case of fundamental rights and freedoms of the subject that require data protection to prevail personal”.
Location IDAllow the identification of the location in order to authorize the provision of the Services offered by CBD.Legitimate Interest. Article 7, IX, of Law No. 13.709/18, General Data Protection Law: “When necessary to meet the legitimate interests of the controller or third parties, except in the case of fundamental rights and freedoms of the subject that require data protection to prevail personal”.
  1. With the provision of consent by CBD, or when data protection legislation waives consent (for example: based on a legitimate interest of CBD), CBD may carry out the collection and processing of personal data for marketing purposes, which may range from contacting the User via email, to sending notifications with news and offers regarding the Services offered by CBD, including new updates and news on the company’s Website. 
    1. Under no circumstances will the User of CBD receive illegal, unauthorized or spam marketing.the CBD protection and safety of its Users, in compliance with applicable legal principles and guidelines.
  2. the CBD free and unequivocal consent of its Users or, at least, inform them in a clear and transparent way, before sharing their personal data with third parties for marketing purposes, with Users having the possibility of revoking the consent, indicate opt-out, at any time (when the basis for sharing is the User’s consent).
  3. The Services offered by CBD may use third-party cookies, as detailed below in Part 17. Please consult that Part for more information on cookie control and settings. Please note that CBD does not control the activities of third parties and the use of its own cookies, much less the personal data collected by third party cookies.the CBD privacy policies of said third parties.
  4. In some circumstances, when permitted or required by specific legislation, CBD will process the personal data of its Users without their knowledge or consent. 
  5. retention period of personal data
    1. ‘s CBD will store and maintain your information:
  6. For as long as required by law;
  7. Until the end of the processing of personal data;
  8. ‘s legitimate interest CBD;
  9. For the time necessary to safeguard the regular exercise of CBD.
  10. In relation to item “ii)”, the following situations should be understood as “end of data processing”:
  11. When the purpose for which the User’s personal data were collected is achieved and/or the personal data collected is no longer necessary or pertinent to the achievement of such purpose; 
  12. When the User has the right to request the termination of the treatment and the deletion of his personal data and he does so; and 
  13. When there is a legal determination to that effect. 
  14. Sharing of Users’ personal data by CBD
    1. It is possible that CBD shares it with third parties to enable the fulfillment of contractual obligations contracted with the User, to provide its Services or, still, to comply with legal or regulatory determination, as well as an order issued by an authority public.
    2. CBD shares personal data with:
  15. 12.2.1.Contractors, service providers and other third parties that we use to support our activities, and that are contractually bound by CBD;
  16. 12.2.2.Our business partners, in the fulfillment of our contracts and agreements;
  17. 12.2.3.Any governmental authority, in compliance with any court order, law, legal or administrative process;
  18. 12.2.4.Payment or financial institution, to process the purchase of a product or the acquisition of a service, as well as to make payments and/or tax collections arising from an employment relationship or service provision;
  19. 12.2.5.Anyone, if we believe that disclosure is necessary to protect the rights, property and safety of CBD, our partners or third parties.
  20. Transfer of personal data by CBD
    1. By using the CBD and providing their personal data, the User agrees and consents to the transfer of their personal data and information to the cloud hosting services, services which may or may not transfer their personal data outside the Brazilian national territory. 
    2. the CBD regulations of Law No. 13,709/18, General Data Protection Law, it adopts all measures of good practices and diligent posture to verify the level of data protection in this possible transfer, unless otherwise established otherwise in this policy.the CBD expression of consent of its Users as a legal basis for the transfer of data, and they may be asked to provide explicit consent for the achievement of said transfer, as an inseparable part of the account creation process with the company’s Services. .
  21. Security measures and protection of CBD Users’ personal data
    1. Your privacy is very important to CBD. In this sense, CBD has invested in the implementation of security systems and technical, physical and managerial procedures usually adopted by the market to protect its data.
    2. Although CBD adopts all technical and administrative measures at its disposal to avoid data protection security incidents, it is possible that a problem occurs exclusively motivated by a third party – such as in the case of attacks by crackers or even in the case of fault exclusive to the User, which occurs, for example, when he himself transfers his data to a third party. Thus, although CBD is, in general, responsible for the personal data that it processes, CBD disclaims responsibility in the event of an exceptional situation such as these, over which we have no control, as well as other listed hypotheses. in article 43, caput and items, of Law No. 13,709/18, General Data Protection Law.
  22. How will the User be able to control their personal data?
    1. 15.1.In addition to the rights of Users under Law No. 13.709/18, General Data Protection Law, set out in Part 5 of this Policy, when the User provides their consent for the collection and processing of their personal data by CBD, they may, nevertheless, restrict the way in which collection and treatment will take place. In particular, CBD intends to provide its Users with strict controls over the use of their data for direct marketing purposes, including the ability to opt out of receiving emails.
    2. 15.2. Consent to Email Communication: After signing up to receive email communications, the User may choose to unsubscribe using the unsubscribe link in any commercial email sent by CBD. Please note that if the User unsubscribes from “all emails”, this means “all emails except strictly necessary emails”. The User will also receive communications from CBD by email if they are strictly necessary to provide the Services or to confirm or validate a transaction, recover accounts, etc.
  23. Refusal to provide personal data
    1. 16.1.The User will not be able to access the Services offered by CBD without providing some personal data, since the available features and functions depend exclusively on their personal data for the proper functioning of the CBD. If you do not agree with the provision of personal data, please do not use our Services.
    2. 16.2.Website, CBD it may be necessary to submit or allow the collection of certain personal data. Users have the possibility to restrict the use of cookies by CBD. For more information, see Part 17 of this Policy.
  24. How does CBD use cookies?
    1. 17.1.Cookies are data files that are placed on your computer or other devices as you browse the Site.
    2. 17.2.Website CBD may place and access certain first-party cookies on your computer or mobile device. First-party cookies are those placed directly by CBD and are used exclusively by CBD. 
    3. 17.3.the CBD experience of its Users on the Site, in order to provide and continuously improve the provision of its Services.and CBD every cookie to be used, as well as takes all reasonable measures to ensure that the privacy and personal data of its Users are protected and respected at all times.
    4. 17.4.By giving consent to the placement of cookies by CBD, the User will be giving consent for CBD to offer the best experience and Services possible. The User may, if desired, deny consent to the placement of cookies. However, certain features of the CBD may not function fully or as intended. The User will have the opportunity to change any and all settings of first-party cookies and block third-party cookies, at any time, from the first access to the CBD.
    5. 17.5.Site CBD rely on cookies to function. Law No. 13,709/18, General Data Protection Law, considers these cookies “strictly necessary”, according to the wording of article 14, § 4, of the aforementioned Law. Such cookies are set out in the table below. User consent will not be required to place these cookies, but it is still important that all Users have easy access to and knowledge of these cookies. The User may also block these cookies by changing the settings of his Internet browser, as detailed below, but he must be aware that the CBD may not function properly if certain cookies are disabled.Law CBD adopts all technical and administrative measures to ensure adequate protection and security in all processes of possession of the User’s personal data, in accordance with current legislation, in particular Law No. 13,709/18, General Data Protection.
    6. 17.6.The following first-party cookies may be placed on your computer or device:
Cookie nameDomainPurpose
Google Analytics
ga ga_KMBQ6NRT8J		 collect data on browser type and settings, device type and settings, operating system, mobile network information including carrier name and phone number and application version number.
  2. In addition to the controls provided by CBD, the User may choose to activate or deactivate cookies in their Internet browser. Most Internet browsers also allow the User to choose whether to disable all cookies or only third-party cookies. By default, most Internet browsers accept cookies, but this can be changed. For more details, see the help menu in the web browser on your computer or mobile device.
  3. The User may choose to delete cookies on their computer or device at any time. However, if you do so, you may lose any information that allows you to access the CBD properly and efficiently, including, but not limited to, login and personalization settings.
  4. It is recommended that the User keep his Internet browser and operating system up to date and that he consult the help and guidance provided by the developer of the respective Internet service or the manufacturer of the computer or mobile device, if he is not sure how to adjust his privacy settings.
  5. How do I contact CBD?
    1. 18.1.In case of any doubts regarding the way CBD handles their personal data or for inquiries and requests, the User may contact our Data Protection Officer, [insert name of DPO], via email [insert e- mail from the DPO], which will always seek to serve you in the shortest possible time.
  6. Application and Update of this Privacy Policy
  7. CBD reserves the right to change this Privacy Policy at any time. If CBD changes its privacy practices, a new Privacy Policy will reflect those changes and the effective date of the revised Privacy Policy will be set out in this paragraph. This Privacy Policy was last updated on November 19, 2021 and is effective as of that date.

This Privacy Policy will be drafted and interpreted based on Law No. 13,709/18, General Data Protection Law, and other regulations applicable to privacy and protection of personal data.

This Privacy Policy was last updated on November 19, 2021.