Preamble:

PragmaVision Management Consulting Group (“PragmaVision” or “we”) is committed to safeguarding personal privacy and protecting the personal data of our employees, clients, suppliers and other entities with which we conduct business. PragmaVision’s Privacy Policy (the “Privacy Policy”) describes how we gather and process personal information and provides a clear understanding of how data (or “personal data”) is controlled and secured, and the rights of each person in relation to their personal information.

Personal data and confidential information are key assets for PragmaVision Consulting Group, and for its clients and suppliers. PragmaVision is committed to ensuring the security and protection of personal information and is also committed to maintaining compliance and consistency in the approach to data protection.

PragmaVision complies with all regulatory requirements and any other legislation regarding data protection in the countries that we hold subsidiaries, such as the EU General Data Protection Regulation 216/679 act (“GDPR”), a regulation approved by the European Union (EU) regarding data protection and privacy for all residents within the EU, as well as the Law number 13.709/2018, a legislation approved by the Brazilian Government regarding data protection and privacy for all residents within Brazilian territory. Except where this policy explains otherwise, each PragmaVision subsidiary maintains individual control in relation to the personal data collected from its employees, clients and suppliers, being considered the “controller” of the respective personal data in accordance with the definition established on both legislations herein mentioned.

PragmaVision is a management consulting organization with headquarters in Brazil and subsidiaries in United Kingdom, Germany, United States of America, Mexico, Chile and Argentina.

Policy:

  1. To whom this Privacy Policy applies
  2. Personal information we collect
  3. How we use personal data
  4. Updates and communication
  5. Who may receive your information
  6. Where and how we store personal data
  7. How we protect personal information
  8. Individual rights related to personal information
  9. PragmaVision’s contact information

Personal Data Protection and Privacy Policy:

1. TO WHOM THIS PRIVACY POLICY APPLIES

1.1 This Privacy Policy applies to individuals that are or were representatives of PragmaVision’s clients or suppliers, employees or former employees of PragmaVision, candidates for a job within the organization, students, trainees and any other individual that is or was a partner or associate of PragmaVision.

2. PERSONAL INFORMATION WE COLLECT

2.1 PragmaVision does not collect and process personal data without consent, except when the information is necessary due to a contractual or legal obligation or when PragmaVision has a legitimate interest in collecting the information to accomplish its management consulting activities. Thus, we may collect data from you if:

  1. You are a prospective client, existing client or supplier of PragmaVision;
  2. You work or have worked for a client or supplier of PragmaVision;
  3. You are an employee, partner or associate of PragmaVision;
  4. You are candidate for a job position within PragmaVision, or a prospective partner or associate of PragmaVision;
  5. You work for a company to whom PragmaVision wants to advertise or market its services or events.

2.2 PragmaVision may use all available methods to collect information, including but not limited to, in-person communications, communication by phone, email, letter or notice, other paper-based communication methods, etc. Our primary means of obtaining personal data is directly from the person. Data that is not collected directly from the person may be obtained through:

  1. Your employer in connection with work that relates to us;
  2. Third parties we work closely with, such as personal contacts, trustees, business partners, subcontractors, or analytics and public information providers;
  3. Government bodies;
  4. Websites or other applications and platforms operated by PragmaVision that are utilized by the individual too.

2.3 We collect basic information that identifies each person as an individual and the company the person represents, such as:

Business contacts of clients or suppliers a. full name;
b. the name of the company you represent;
c. your job function and department;
d. business address;
e. business email;
f. private email;
g. business telephone and mobile phone;
h. month and day of your birth;
i. information to fulfill legal or contractual obligations.
 

Employees, job candidates, students, trainees, associates and partners

 

All information necessary to complete the contractual obligation as a partner or associate of PragmaVision, as well as all personal data necessary to completing the employment agreement.

2.4 Sensitive Personal Data: We may collect and process sensitive personal data when it is relevant and necessary to the consulting management services PragmaVision provides, or required to fulfill a legal or contractual obligation; for example, life insurance policies or specific activities of a client that require PragmaVision to obtain
health reports.

2.5 Technical Data: PragmaVision may store also the IP addresses of clients who access PragmaVision’s website and other platforms. Also, we store the navigation data from internal users for audit purposes, including URLs, date/time and browsing time, application type and protocols such as HTTP and FTP.

3. HOW WE USE YOUR PERSONAL DATA

3.1 PragmaVision does not use personal data without first obtaining the consent of its owner. Exceptions to this rule may occur if: (i) we are obliged by law; (ii) it is necessary to completing a contractual obligation or to defending our rights; or (iii) it is necessary to exercising PragmaVision’s legitimate interest in processing your data to provide management consulting services.

3.2 PragmaVision does not disseminate, sell or commercialize personal information to any third parties, or in any way identify the individual owner of personal information. PragmaVision may share information with third parties, or its subsidiaries for processing. In this situation, PragmaVision will continue to act as controller of the information, and the third party, or subsidiary shall act according to this Privacy Policy.

3.3 Regarding business contacts, the processing of personal data is done for the purpose of delivering and providing management consulting services, or to accept services from the suppliers the individual represents. Personal data may also be processed to make available relevant content to the owner of the information, such as:

  1. Institutional messages;
  2. Newsletters;
  3. Event-related materials—invites, reminders and thank you notes;
  4. Congratulatory, holiday and birthday cards;
  5. Event materials produced by PragmaVision;
  6. Client feedback surveys.

3.4 Regarding PragmaVision professionals (employee, associate, partner, ex-employee, ex-associate or expartner) their data are stored and is subject to processing for the purpose of managing the employment relationship, contractual obligation or due legal obligation in accordance with PragmaVision’s Internal Policies and/or local legislation.

3.5 Candidates for jobs at PragmaVision, as well as students and trainees engaged for the purposes of recruitment, may also have their data, such as, but not limited to resumes, profile, collected and stored by PragmaVision to enable communications, interviews and offers of employment. PragmaVision will not store this information for any longer than two years from the date of the initial interview or receipt of the job application, whichever occurs later.

4. UPDATES AND COMMUNICATIONS

4.1 Where permitted in our legitimate interest, to fulfil a legal or contractual obligation or with prior consent from the individual where required by law, we may use personal data to request updates to PragmaVision’s internal CRM (Client Relationship Management) system.

4.2 You can opt out of receiving further marketing materials or communications from us at any time by updating your contact details within your account or indicating this preference through the “unsubscribe” link included at the end of all digital communications addressed to you.

5. WHO MAY RECEIVE YOUR INFORMATION

5.1 We may share your personal information with any other subsidiary of PragmaVision as described herein this Privacy Policy. We may share information with a third party regarding your contractual obligation with PragmaVision to process or support processing of personal data. In the event a third party receives individual personal data, PragmaVision will maintain a nondisclosure agreement and the data will be strictly limited to the purpose agreed upon by PragmaVision.

5.2 We may also share personal data with PragmaVision business partners, suppliers and subcontractors for the delivery of a contract we enter into under normal business circumstances with you or the company you represent, with our auditors and with our legal advisors when it is necessary.

5.3 PragmaVision may disclose your personal data to appropriate third parties if it sells any business or assets, in which case PragmaVision must disclose personal data to the prospective buyer of such business or assets.

5.4 PragmaVision may disclose or share your personal data to comply with any legal obligation, judicial or any authorities order.

6. WHERE AND HOW PERSONAL DATA IS STORED

6.1 The personal data that PragmaVision collects might be transferred, stored and processed in PragmaVision’s headquarters located in Brazil. In addition, PragmaVision may also process data outside the EU either directly or by use of third parties contracted by us. When necessary, PragmaVision may transfer personal data to:

  1. Enable PragmaVision to provide services and fulfill its contract with an individual or a company they represent;
  2. Operate the business, where it is in PragmaVision’s legitimate interests and the company has
    concluded there is no risk of infringement of individual rights surrounding the information.

6.2 Personal data may be shared with the PragmaVision subsidiaries listed herein this Privacy Policy, strictly for the completing of PragmaVision’s legal or contractual obligations with individuals, clients or suppliers. If your information is transferred outside EU, PragmaVision will take all the steps reasonably necessary to ensure that the data is treated securely and protected.

7. HOW PERSONAL DATA IS PROTECTED

7.1 We have put in place internal procedures that restrict access to personal data except to those individuals who have a relevant business need. All individuals who have contact with personal data are subject to PragmaVision’s confidentiality policy.

7.2 We have also implemented security measures to prevent personal data from being lost, used, altered, disclosed or accessed by unauthorized individuals.

7.3 The transmission of information via the internet is protected through best practice-based technology, and continual updates to our platform. Transmission of information through the internet is never 100% secure, but we are committed to protecting the transmission of information through all reasonable measures; for example, use of advanced encryption (AES 256, HTTPS, Bitlocker), internet links segmentation, SSL certificates from external companies (DIGICERT), recurrent penetration tests in all systems, and Wi-Fi and Endpoint protection such as Antivirus, Intrusion Prevention System and Data Leak Prevention features.

7.4 We will only retain your personal data for as long as it is necessary to complete the purpose we collected the information for, and to fulfill legal or contractual obligations.

7.5 Depending on the circumstance, we may anonymize personal data to avoid any association with an individual.

8. INDIVIDUAL RIGHTS RELATED TO PERSONAL DATA

8.1 PragmaVision will ensure your personal data is up to date and accurate. When permitted by applicable legislation, you can request the correction, updating or deleting of your personal data in part or total. In this situation, the individual shall contact us by email at [email protected]. We will make all reasonable efforts to comply with your request.

8.2 When permitted by local legislation and submitted by individual request, PragmaVision may provide the person with a copy of the respective personal data stored and information on how the data has been processed. The individual may request that PragmaVision restrict or object to the sharing of personal data, and where the sharing of data is based on consent, the individual has the right to withdraw consent at any time.

8.3 An individual can exercise their rights by contacting PragmaVision at [email protected]. To comply with a request, PragmaVision may need to request specific information to confirm their identity, as well as take additional appropriate security measures.

9. PragmaVision’S CONTACT INFORMATION

9.1 PragmaVision has designated a special team to develop and implement compliance measures surrounding the new privacy and data regulations that are being introduced throughout the EU, Brazil and globally. We understand that continuous employee awareness and education is essential to compliance with these legal requirements that ensure the protection of personal information worldwide.

9.2 If you have any concerns or questions about this Privacy Policy, please contact [email protected].