This site is maintained and operated by Hauz.
We collect and use some personal data belonging to those who use our website. By doing so, we act as the controller of this data and are subject to the provisions of Federal Law No. 13.709/2018 (General Data Protection Law – LGPD).
We care about the protection of your personal data and, therefore, we provide this privacy policy, which contains important information about:
- Who should use our website
- What data we collect and what we do with it;
- Your rights regarding your personal data; and
- How to contact us.
1. Data we collect and reasons for collection
Our website collects and uses some personal data from our users, as provided in this section.
1. Personal data expressly provided by the user
We collect the following personal data that our users expressly provide when using our website:
– Full Name;
– Email;
– Phone.
This data is collected at the following moments:
– When the user fills out a form;
The data provided by our users is collected for the following purposes:
– So that the user can obtain a customized quote.
– So that the user can contact us.
– So that we can send offers, information, and notices to our users.
2. Personal data obtained in other ways
We collect the following personal data from our users:
– IP Address;
– Geolocation data;
This data is collected at the following moments:
– When the user visits a page;
– When the user fills out a form.
This data is collected for the following purposes:
– To personalize the user experience.
3. Sensitive data
We do not collect sensitive data from our users, as defined in Articles 11 and following of the General Data Protection Law. Therefore, no data will be collected regarding racial or ethnic origin, religious belief, political opinion, trade union membership or membership in a religious, philosophical, or political organization, data concerning health or sexual life, genetic or biometric data, when linked to a natural person.
4. Cookies
Cookies are small text files automatically downloaded to your device when you access and browse a website. They basically serve to identify devices, activities, and user preferences.
Cookies do not allow any file or information to be extracted from the user’s hard drive, nor is it possible, through them, to access personal information that has not been provided by the user or the way the user uses the site’s features.
a. Site cookies
Site cookies are those sent to the user’s and administrator’s computer or device exclusively by the website.
The information collected through these cookies is used to improve and personalize the user experience. Some cookies may, for example, be used to remember user preferences and choices, as well as to offer personalized content.
b. Third-party cookies
Some of our partners may set cookies on the devices of users who access our website.
These cookies generally aim to allow our partners to offer their content and services to the user who accesses our website in a personalized way, by obtaining browsing data extracted from the user’s interaction with the website.
The user can obtain more information about third-party cookies and how the data obtained from them is treated, as well as access descriptions of the cookies used and their characteristics, by accessing the following link:
Google Analytics:
https://policies.google.com/technologies/cookies?hl=pt-BR
c. Cookie management
The user may object to the registration of cookies by the website, simply by disabling this option in their own browser. More information on how to do this in some of the main browsers used today can be accessed through the following links:
Internet Explorer:
https://support.microsoft.com/pt-br/help/17442/windows-internet-explorer-delete-manage-cookies
Safari:
https://support.apple.com/pt-br/guide/safari/sfri11471/mac
Google Chrome:
https://support.google.com/chrome/answer/95647?hl=pt-BR&hlrm=pt
Mozilla Firefox:
https://support.mozilla.org/pt-BR/kb/ative-e-desative-os-cookies-que-os-sites-usam
Opera:
https://www.opera.com/help/tutorials/security/privacy/
Disabling cookies, however, may affect the availability of some tools and functionalities of the website, compromising its correct and expected functioning. Another possible consequence is the removal of user preferences that may have been saved, harming their experience.
5. Collection of data not expressly provided
Occasionally, other types of data not expressly provided for in this Privacy Policy may be collected, provided they are supplied with the user’s consent, or further, that the collection is permitted based on another legal basis provided by law.
In any case, the collection of data and the resulting processing activities will be informed to the website users.
2. Sharing personal data with third parties
We do not share your personal data with third parties. Nevertheless, it is possible that we may do so to comply with some legal or regulatory obligation, or to comply with an order issued by a public authority.
3. How long your personal data will be stored
The personal data collected by the website is stored and used for a period of time that corresponds to what is necessary to achieve the purposes listed in this document and that considers the rights of its owners, the rights of the site controller, and applicable legal or regulatory provisions.
Once the periods for storing personal data have expired, they are removed from our databases or anonymized, except in cases where there is the possibility or necessity of storage due to legal or regulatory provisions.
4. Legal bases for processing personal data
A legal basis for processing personal data is nothing more than a legal justification provided by law. Therefore, each personal data processing operation must have a corresponding legal basis.
1. Non-sensitive personal data
We process the non-sensitive personal data of our users in the following cases:
– with the consent of the personal data owner
– to comply with a legal or regulatory obligation by the controller
– for the regular exercise of rights in judicial, administrative, or arbitration proceedings
– for the execution of a contract or preliminary procedures related to a contract to which the data subject is a party, at the request of the data subject
– when necessary to meet the legitimate interests of the controller or a third party
2. Consent
Certain personal data processing operations carried out on our website will depend on the user’s prior consent, which must be expressed freely, informed, and unequivocally.
The user may revoke their consent at any time. If there is no legal basis that allows or requires the data to be stored, the data provided with consent will be deleted.
Additionally, if desired, the user may choose not to agree with a specific personal data processing operation based on consent. In such cases, however, they may not be able to use a functionality of the website that depends on that operation. The consequences of not providing consent for a specific activity will be informed before processing.
3. Compliance with legal or regulatory obligations by the controller
Some personal data processing operations, especially data storage, will be carried out so that we can comply with obligations provided for by law or other normative provisions applicable to our activities.
4. Legitimate interest
For certain personal data processing operations, we rely exclusively on our legitimate interest. To learn more about the specific cases in which we use this legal basis, or to obtain more information about the tests we conduct to ensure that we can use it, please contact our Data Protection Officer through any of the channels provided in this Privacy Policy, in the “How to contact us” section.
5. User rights
The website user has the following rights, granted by the General Data Protection Law:
– confirmation of the existence of processing;
– access to the data;
– correction of incomplete, inaccurate, or outdated data;
– anonymization, blocking, or deletion of unnecessary, excessive, or non-compliant data;
– data portability to another service or product provider, upon express request, in accordance with the national authority’s regulations, subject to commercial and industrial secrets;
– deletion of personal data processed with the consent of the holder, except in cases provided by law;
– information about public and private entities with which the controller shared data;
– information about the possibility of not providing consent and the consequences of refusal;
– revocation of consent.
It is important to note that, under the LGPD, there is no right to the deletion of data processed based on legal grounds other than consent, unless the data is unnecessary, excessive, or processed in non-compliance with the law.
1. How the holder can exercise their rights
The holders of personal data processed by us may exercise their rights by sending a message to our Data Protection Officer, either by email or by post. The necessary information is in the “How to contact us” section of this Privacy Policy.
To ensure that the user intending to exercise their rights is indeed the data holder, we may request documents or other information to assist in their proper identification, in order to safeguard our rights and those of third parties. This will only be done if absolutely necessary, and the requester will receive all related information.
6. Security measures for personal data processing
We employ technical and organizational measures capable of protecting personal data from unauthorized access and situations of destruction, loss, misplacement, or alteration.
The measures we use take into account the nature of the data, the context and purpose of the processing, the risks that a potential breach would pose to the user’s rights and freedoms, and the standards currently employed in the market by companies similar to ours.
Among the security measures we adopt, we highlight the following:
– Access restrictions to databases;
Although we do everything within our reach to prevent security incidents, it is possible that a problem may occur exclusively caused by a third party – such as in hacker or cracker attacks or, also, in cases of the user’s sole fault, for example, when they themselves transfer their data to a third party. Therefore, although we are generally responsible for the personal data we process, we disclaim responsibility if an exceptional situation like these occurs, over which we have no control.
In any case, if any kind of security incident occurs that could generate risk or significant harm to any of our users, we will notify the affected parties and the National Data Protection Authority about the incident, in accordance with the provisions of the General Data Protection Law.
7. Complaint to a supervisory authority
Without prejudice to any other administrative or judicial remedy, data subjects who feel, in any way, harmed may file a complaint with the National Data Protection Authority.
8. Changes to this policy
This version of this Privacy Policy was last updated on: September 2, 2024.
We reserve the right to modify these rules at any time, especially to adapt them to any changes made to our website, whether by making new features available or by suppressing or modifying those already existing.
Whenever there is a modification, our users will be notified about the change.
9. How to contact us
To clarify any doubts about this Privacy Policy or about the personal data we process, please contact our Data Protection Officer through any of the channels mentioned below:
Email: hauz@hauz.com.br
Phone: (11) 5501-6901
Postal address: Rua Prof. Filadelfo de Azevedo, 521 | Vila Nova Conceição
São Paulo – SP | CEP 04508-011