Privacy Policy

1. Objective

This document presents the privacy policy for data processed by Blockbit Tecnologia Ltda, in compliance with Federal Law no. 13.709/2018 (General Law on Protection of Personal Data – LGPD).

2. About data collection made by Blockbit

This agreement term aims to clarify how Blockbit uses the personal data collected and stored. To offer its solutions and content, Blockbit collects various data and information, aiming, above all, to provide an increasingly better experience for its users and channels. We have a substantial responsibility and are committed to ensuring privacy.

Acceptance of our Policy is carried out by legal means and via consent. To enjoy our solutions, even if free of charge, acceptance of this Policy is necessary, whether when using or installing any Blockbit technology – hardware, software, firmware, updates or any solution provided by Blockbit.  Acceptance indicates science and full agreement with how personal information and data are used. If you do not agree with this Privacy Policy, please do not continue any procedure and do not use the solutions provided by Blockbit.

Whenever you use or install any Blockbit technology – hardware, software, firmware, updates – it will be understood as voluntary acceptance of the terms of this Policy.

In addition, any individual who contacts us, visits any of our websites, portals or other resources in our ecosystem, applies for a job and/or voluntarily inserts information in one of our online forms, will also be in accordance with the terms of this Policy.

Blockbit prioritizes security and transparency, which is why we make this Privacy Policy available, which contains relevant information on how Blockbit processes personal data and for what purposes. In this policy you will understand better about:

  • Who uses our sites, portals and hardware / software / firmware / updates;
  • What data we collect and what we do with it;
  • Rights of the holder of personal data; and
  • How to contact Blockbit.

3. Who uses our sites, portals and hardware/software/firmware/updates

3.1 Sites

Our websites are public for access by any individual, but it is advisable to be accessed only by people over 16, and when used by minors, data collection will only be possible with the consent of at least one of their parents or guardians.

3.2 Portals

Our portals can only be accessed by Blockbit employees, authorized channels and/or customers, by signing legal contracts. The logins and passwords provided for these accesses are individual and non-transferable, precisely so that Blockbit has control of permissions according to the level of each user and the records of all actions performed on these systems. These users are over 18.

3.3 Software/Hardware/Firmware and updates

Blockbit solutions are accessed by end users who purchased our solution and they can grant access to a Blockbit employee or employee of an authorized Blockbit channel, for support, deployment, configuration, analysis or any other reason, as long as it is formally and legally consented by the organization and/or a legal representative who purchased one of our products.

4. What data we collect and what we do with it

Blockbit uses appropriate technologies and procedures to protect all personal data. Our information security policies and procedures are strictly in line with accepted standards and are regularly reviewed and updated, as necessary, to meet our business needs, changes in technology and/or regulatory requirements.

Any data captured by Blockbit products are used only for analytical purposes and restricted to groups that need to know this information to process it and are subject to strict contractual confidentiality obligations.

Whenever personal data is collected directly by cloud providers, or third party services to which we may be subscribed, Blockbit is exempt from any responsibility for the security, storage and /or privacy of any information collected.

4.1 Blockbit as a Data Controller

Blockbit may ask you to share information such as, but not limited to: your name, company address, phone number, mobile number or email address. Eventually, the request for some information can be done through direct contact of Blockbit with users via email or phone. Whenever this data is processed for the benefit of our own business, Blockbit is considered a Data Controller.

As a controller, Blockbit can use data as follows:

  • To provide products, services and other offers from our business;
  • To promote events, training and certifications;
  • To launch and optimize websites and manage web communities;
  • For marketing, advertising and communication purposes;
  • For human resources and recruitment purposes;
  • For sales and customer service purposes;
  • To promote relationships with customers, partners, suppliers, leads etc.;
  • To conduct market research;
  • To comply with rules described in the law and market standards; and/or
  • To ensure business continuity.

In addition, we can collect information automatically from any of our products for evaluation and optimization purposes. This may include, but is not limited to: IP address, device type, operating system details, unique device identification numbers, browser type, language, time zone, operating system, geographic location or other technical information.

Some data can be collected through Cookies on our websites. However, our software does not use cookies. For a better understanding, see the cookie statement.

Only Blockbit employees will be able to see personal information stored in our systems and, among these, only people with the proper authorizations. No personal data can be publicly disclosed. All data collected is confidential and any use of this information will be in accordance with this Policy. Blockbit makes every effort to ensure the security of our systems.

4.2 Blockbit as Data Operator

In certain cases, whenever disclosure is legally permitted or granted by the Holder, Blockbit can process data on behalf of our partners and customers. In such cases, Blockbit is considered the Data Operator.

As an Operator, Blockbit can use data as follows:

  • To provide products and services, technical support, deployment, maintenance, updates and evaluation;
  • For sales and/or customer service purposes;
  • To comply with rules described in the law and market standards; and/or
  • To evaluate credit decisions.

4.3 Use of personal data

Blockbit undertakes not to transfer or disclose your personal data, except in the cases indicated below:

  • With the internal teams of Blockbit, only for commercial purposes, whenever the processing of information is necessary to provide a quality service;
  • With suppliers, service providers, audit agencies etc., whenever information processing is necessary to provide a quality service;
  • With Blockbit shareholders;
  • With Blockbit authorized channels, to process orders and manage sales, subscriptions, support, etc;
  • With government agencies, always by official request, as a matter of applicable regulation and approved by law; and/or
  • With a court, to defend our legal rights or to limit damages in litigation.

For any mentioned necessary cases or other adverse situations, there will always be legal consent from the Holder.

We can use services from companies and third parties to:

  • Supply the product on behalf of Blockbit;
  • Perform services related to Blockbit solutions; or
  • To help us analyze how the Blockbit solution is used.

These third parties can have access to personal information. The reason is to perform the tasks assigned to them on our behalf. However, Blockbit is legally guaranteed that third parties cannot disclose or use the information for any other purpose.

4.4 Retention and deletion of personal data

Blockbit can retain your information for as long as necessary for the purposes described in this Privacy Policy and to comply with applicable regulatory requirements, provided that we have legitimate business purposes and are permitted by law.

Once the periods for stored personal data have expired, they have to be removed from our databases or anonymized, except in cases where there is a possibility or need for storage due to legal or regulatory provision.

4.5 Sensitive data

No sensitive data will be collected from any user on our website, portals and/or systems, as understood by those defined in articles 11 and following of the Brazilian General Data Protection Law. That is, Blockbit will not collect any sensitive data related to racial or ethnic origin, religious belief, political opinion, union membership or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person.

4.6 Legal Bases

4.6.1 Consent

Consent is defined as a clear and unambiguous declaration of will. It is the case that the person agrees to the use of his data for the purposes proposed by Blockbit. A practical example of the legal basis of consent, in the context of Digital Marketing, is the checkbox (opt-in) in our form fields, to ask for authorization to send communications.

  • Consent is free: the person cannot be forced to provide consent. It is a choice. If you are interested in consenting the data to Blockbit, you can choose in one click if you accept or not share personal data for a specific purpose;
  • Consent is informed: the user must understand what is consenting to. Blockbit makes sure that it will clearly explain exactly what the person is agreeing to;
  • Consent must be unambiguous: it is from the manifestation through a positive act of the individual. In other words, Blockbit will receive personal data if there is a user action indicating acceptance, either by sending an e-mail, electronic signature, or even by clicking on a specific location. There will be no doubt about whether consent has been provided or not;
  • Consent must be provided for specific and determined purposes: it is part of all LGPD logic to specify the reason why personal data is used. Blockbit will not use the data for a purpose other than that which the person has given consent to.

4.6.2 Legitimate Interest

For certain personal data processing operations, we rely solely on our legitimate interest. To find out in which cases, specifically, does Blockbit use this legal basis, or to obtain more information about the tests we do to make sure we can use the data, contact our data protection officer or through the channels informed in this Privacy Policy, in the section “How to contact Blockbit”.

4.6.3 Contracts

In the case of the legal basis of contracts, personal data can be processed by Blockbit in two cases: the first is for the fulfillment of an obligation provided for in the contract and the second when data processing serves to validate and start an agreement.

4.6.4 Other legal bases

In addition to those mentioned above, there are other types of legal bases that may justify the processing of personal data:

  • Legal Obligation: in that case, the processing of personal data is justified by requirements of other laws. These are scenarios where Blockbit needs to use or store personal data to comply with legal obligations;
  • Execution of Public Policies: when the processing of personal data is protected by the public interest or by the need for an official authority exercising the role of controller of that data;
  • Studies by research agencies: personal data can be processed for the purposes of studies by officially accredited research agencies. In this case, whenever possible, the data must be anonymized by Blockbit, ensuring maximum privacy of the Holders;
  • Judicial process: personal data can still be processed to exercise rights in lawsuits;
  • Life Protection: it is possible to justify the processing of personal data when its use is of vital interest, whether from the data subject or from another person;
  • Health Guardianship: when healthcare professionals, healthcare services or health authorities need to process personal data;
  • Credit Protection: for credit approval, reducing transaction risks, it is possible for personal data to be consulted by assessing the citizen’s payer profile.

5. Rights of the holder of personal data

As defined in the LGPD, the Holder of personal data has the following rights:

  • Confirmation of the existence of treatment: whether or not your data is processed by Blockbit, as Controller;
  • Access to data: if the treatment is confirmed, the Holder has the right to access them in a controlled manner, in order to prevent access to his data by others;
  • Correction of incomplete, inaccurate or outdated data: respected the limitations by legal requirement to maintain history, your data can be corrected. Depending on the treatment given to them, it may be necessary to provide documentation that proves the update, completeness or correction carried out by Blockbit;
  • Anonymization: transformation that prevents the identification of the Holder, when it is not necessary;
  • Treatment limitation: it is the right of the Holder to limit the processing of his personal data, which can be obtained when he disputes the accuracy of the data, when the processing is illegal, when Blockbit no longer needs the data for the proposed purposes and when he has opposed the processing of the data;
  • Elimination of unnecessary, excessive or treated data in non-compliance with the LGPD: is the right to delete data, except under the conditions provided for in the same Law;
  • Data portability: at the time of publication of this policy it was still pending regulation by the national authority;
  • Elimination of data or the right to be forgotten: represents the right to have your data deleted from Blockbit’s systems, except under the conditions set forth in the same Law;
  • Sharing information: be informed about the sharing of your data and with which entities;
  • Non-consent: when consent is requested for the collection and processing of data, the consequences of non-consent will be informed;
  • Revocation of consent: revocation can be requested at any time by the express consent of the Holder. Revocation does not cancel previous treatments unless the elimination is also formalized.

6. Changes to the Privacy Policy

This Privacy Policy can go through updates and any changes will be posted on the Blockbit website as a means of confirming privacy and protecting personal data.

If any purpose of data collection is different from the one presented here, we will request new authorizations and immediately update this Policy.

7. How to contact Blockbit

At any time, the Holder of personal data can contact the data protection officer to answer questions or exercise the rights mentioned above. Communication can be via email or letter, but it is always important to be formalized:

Care of Guilherme Araújo

  • E-mail: privacidade@blockbit.com
  • Adress: R. Eng. Francisco Pitta Brito, 779, 3º Andar, Santo Amaro, São Paulo – SP, 04753-080
  • Phone: +55 11 2165-8888