Privacy Policy – EBInterchange Website
Consent Management “EBInterchange” (EBInterchange Serviços de Informática¹) values your privacy and understands that transparency is fundamental. Therefore, in this Privacy Policy, we, “EBInterchange,” present all the necessary information so that You – the Data Subject – know how we use your Personal Data on our websites, portals, and solutions, always in compliance with current legal requirements.
We are committed to respecting privacy, personal data protection, and data security, treating the collected personal data in accordance with privacy laws in Brazil, such as Law No. 13,709/2018 (LGPD).
This Policy applies to: (i) EBInterchange employees; (ii) EBInterchange’s individual and corporate clients; (iii) All third parties, whether individuals or legal entities, acting for or on behalf of EBInterchange in operations involving the processing of personal data; and (iv) Data subjects whose data is processed by EBInterchange.
With this Privacy Policy (“Policy”), we aim to clarify objectively and transparently:
- Which personal data we collect;
- How and why we use it;
- To whom we disclose it; and
- How we protect your privacy when you use our services or platforms.
Principles
“EBInterchange” shall comply with the following personal data protection principles when processing personal data:
- Purpose: Processing shall only be carried out for legitimate, specific, explicit, and informed purposes disclosed to the data subject.
- Suitability: Processing must be compatible with the purposes informed to the data subject.
- Necessity: Processing shall be limited to the minimum necessary to achieve its purposes, covering relevant, proportional, and non-excessive data.
- Free Access: Guaranteeing data subjects easy and free consultation regarding the form and duration of the processing, as well as the integrity of their data.
- Data Quality: Guaranteeing accuracy, clarity, relevance, and updating of the data.
- Transparency: Guaranteeing clear, precise, and easily accessible information about the processing and the respective processing agents.
- Security: Use of technical and administrative measures to protect personal data from unauthorized access and accidental or unlawful destruction, loss, or alteration.
- Prevention: Adoption of measures to prevent damage due to the processing of personal data.
- Non-discrimination: Impossibility of processing for unlawful or abusive discriminatory purposes.
- Accountability: Commitment to demonstrating the adoption of effective measures capable of proving compliance with data protection rules.
Children and Adolescents
Our services are not designed for or intended to be used by minors under 18. We do not knowingly collect information from minors. If such information is received, it will be deleted. If you suspect a minor is using our services, please contact: [email protected].
What personal data do we collect?
- Platform: Information necessary for access and operation, including Personal Data, technical info (IP address, browser, OS).
- Website: Browser type, IP address, average time spent, date/city of access, and navigation paths.
- Cookies: Collected as per our Cookie Policy.
- Social Media: Information shared when interacting with us on platforms like LinkedIn, Facebook, etc.
- Public Information: Data from publicly available sources to better understand user interests. Specific Data: Name, Tax ID (CPF), email, phone, address, and birth date. We do not typically collect Sensitive Data (health, ethnicity, religion).
How and why is your information used?
- Providing requested information/services;
- Processing orders;
- Fulfilling contractual obligations;
- Market research and service improvement;
- Notifying changes and sending marketing communications (when authorized).
| Entry Type | Purpose | Personal Data | Legal Basis |
| Forms | Communications | Name, Email, Phone, Job Title | Legitimate Interest |
| Marketing | Registration/Login | Name, Region, LinkedIn, Contact info | Performance of Contract |
| Survey | Research | Name, Phone, Department | Performance of Contract |
Data Retention
We keep personal data only as long as necessary to achieve the specific purpose or to comply with legal/contractual obligations. Retention periods are reviewed annually.
Who has access to your personal data?
We do not share data with third parties for marketing purposes. We may disclose data to:
- Service providers and subcontractors (under strict confidentiality contracts).
- Third parties in the event of a business sale or corporate reorganization.
- Legal authorities to comply with statutory obligations.
Legal Processing (Legal Bases)
According to LGPD, we process data based on:
- Specific Consent: Free and informed agreement.
- Performance of a Contract: To fulfill our obligations to you.
- Legal Obligation: To comply with court orders or regulatory bodies (e.g., ANPD).
- Protection of Life: In medical emergencies.
- Legitimate Interest: For business operations, service improvement, and prospecting potential clients.
Your Rights
Under the LGPD, you have the following rights:
- Access: Request access and copies of your data.
- Correction: Correct incomplete or inaccurate data.
- Anonymization/Blocking/Deletion: For unnecessary or excessive data.
- Portability: Transfer data to another service provider.
- Objection: Object to processing based on legitimate interest or for direct marketing.
- Information: Know about the possibility of denying consent and the consequences.
To exercise these rights, contact: [email protected]. We aim to respond within 15 days.
Security
We implement technical and organizational controls. While no internet transmission is 100% secure, we make every effort to ensure the security of our systems. You are responsible for the confidentiality of your passwords.
Changes and Review
This policy was last updated on March 1, 2025. Changes will be posted on this website.