To provide guidance on the guidelines applicable to the privacy and protection of personal data of customers, employees and partners to which Prohards has access in the performance of its activities, establishing the rules applicable to the collection, recording, storage, use, sharing, enrichment and deletion of collected data, in accordance with applicable laws.
All administrators and employees of PROHARDS COMÉRCIO, DESENVOLVIMENTO E SERVIÇOS EM TECNOLOGIA DA INFORMAÇÃO LTDA, hereinafter referred to as (“Prohards” or the “Company”), as well as third parties, service providers and/or suppliers who have access to information of customers of these companies.
All Controlled Companies of the Company must define their guidelines based on the guidance set forth in this Policy, taking into account their specific needs and the legal and regulatory aspects to which they are subject.
With respect to Affiliated Companies, representatives of the Company who serve in the management of Affiliated Companies must make efforts to ensure that they define their guidelines based on the guidance set forth in this Policy, taking into account their specific needs and the legal and regulatory aspects to which they are subject.
This Policy aims to demonstrate Prohards’ commitment to:
The following are subject to this Policy:
By nature, information may be classified into two (2) groups:
Specific privacy practices in relation to other products and services that Prohards may make available to its customers will be associated with the customer’s or third party’s acceptance of each product or service.
Information will be collected by ethical and lawful means and stored in a secure and controlled environment, for the period required under applicable regulations. Prohards undertakes to take all appropriate measures to maintain the absolute confidentiality and strict secrecy of all information, personal data or specifications to which it has access or which it may come to know or become aware of regarding transactions, cardholders, card and payment method data of its customers, as well as individuals directly related to customers, to which it may have access by reason of the provision of services by Prohards (namely, capture, transmission, processing of information and settlement of transactions, among other services), being prohibited from disclosing and/or allowing third-party access to such information, except in the cases described in this Policy.
Third-party access to information collected by Prohards is granted exclusively to fulfill the purposes stated in this Policy and within the limits necessary for the performance of activities relating to the normal course of its business, including, but not limited to:
The use of information collected by Prohards, in any of the cases provided for in item 3.1 above, is carried out exclusively to fulfill the purposes stated in this Policy in the performance of Prohards’ activities or in offering the customer specific content based on the use of information in anonymized and aggregated form regarding their area of activity.
Prohards may share information in aggregated form, publicly and/or with its partners, provided that such information is not personally identifiable. For example, it may publicly share information to demonstrate trends regarding the general use of Prohards’ products and services.
Whenever it becomes necessary to use information collected by Prohards for purposes other than those defined in this Policy or those expressly authorized by the data subject, Prohards will directly inform the data subject of this new purpose and, when necessary, obtain new authorization.
Prohards requires all third parties to maintain the confidentiality of information shared with them or to which they have access by virtue of the performance of their activities, as well as to use such information exclusively for expressly permitted purposes. However, Prohards shall not be liable for the improper use of such information, whether by third parties or their employees, due to breach of this Policy and the contractual obligations assumed by such third parties with Prohards through appropriate instruments.
In order to ensure the security of information provided by customers, Prohards has physical, logical, technical and administrative security processes compatible with the sensitivity of the information collected, the effectiveness of which is periodically assessed by independent audit.
Prohards implements new procedures and continuous technological improvements to protect all personal data collected from customers.
Notwithstanding the security measures adopted, Prohards shall not be liable for damages resulting from breach of the confidentiality of information due to the occurrence of any fact or situation that cannot be attributed to it.
In processing collected information, Prohards uses structured systems designed to meet security and transparency requirements, good practice and governance standards, and the general principles established in Law No. 13,709/2018 – General Personal Data Protection Law (“LGPD”).
All technologies used will always comply with applicable legislation and the terms of this Policy.
In cases where disclosure of personal data of customers, employees or partners becomes necessary, whether due to compliance with the law, court order or competent supervisory body overseeing the activities carried out by Prohards and/or third parties, such information shall be disclosed only in the strict terms and limits required for its disclosure, and the data subjects whose information is disclosed will, to the extent possible, be notified of such disclosure so that they may take appropriate protective or remedial measures.
If required by the regulator, customers may:
This Privacy and Data Protection Policy shall remain in effect until defined otherwise by the regulatory body and may be amended at any time, as required for purpose or need for adaptation and compliance with legal provisions, or whenever Prohards deems it necessary. Amendments will be published on the website www.prohards.com
Continued use of Prohards services or provision of services to Prohards, as applicable, after publication of amendments shall be deemed acceptance by the customer and third parties of the new terms and conditions.
9.1 The customer has the right to request the regulatory body to delete their personal data from the database. File a complaint with the regulatory body if they can prove improper use of their personal data.
10.1 Provide all personal data listed in point 2.2.1 above in order to access betting on lottery products of the State of Rio de Janeiro lottery. Failure to provide the data and/or inaccuracy of the information provided makes betting impossible.
Employees, suppliers or other stakeholders/publics of interest who observe any deviations from the guidelines of this Policy may report the matter to the Ethics Channel (canalconfidencial@prohards.com), with or without identifying themselves.
Internally, failure to comply with the guidelines of this Policy entails the application of accountability measures to the agents who breach it, according to the respective severity of the breach.
When an incident reported to the Ethics Channel involves personal data and/or sensitive personal data, the Ethics Channel must promptly inform the Privacy and Data Protection Officer of the report.
Administrators, employees and third parties:
Observe and ensure compliance with this Policy and, when necessary, contact the Privacy and Data Protection Officer (DPO) for consultation on situations involving conflict with this Policy or upon the occurrence of situations described therein.
Risk, Compliance and Prevention Department (DPO):
Legal Department:
Clarify doubts relating to applicable legislation and regulations.
Customers: Natural persons who have registered in the Prohards system, to whom the personal data that are the subject of processing refer;
Personal data: Any information relating to an identified or identifiable natural person, such as: name, surname, date of birth, personal documents (CPF, RG, driver’s license, work card, passport, voter registration, among others), residential or business address, telephone, email, cookies and IP address;
Sensitive personal data: Any personal data concerning racial or ethnic origin, religious belief, political opinion, membership of a trade union or religious, philosophical or political organization, data relating to health or sex life, genetic or biometric data, when linked to a natural person;
Information: Data, processed or not, that may be used for the production and transmission of knowledge, contained in any medium, support or format;
Privacy and Data Protection: The data subject’s ability to autonomously determine how their own personal data is used, together with the establishment of a series of safeguards to prevent such personal data from being used in a manner that causes discrimination or harm of any kind.
Affiliated Companies: Companies in which the Company or its partners hold an equity interest.
Controlled Companies: Companies in which the Company, directly or indirectly, holds shareholder or equity rights.
Stakeholders/Publics of Interest: All relevant publics with interests pertaining to the Company, or individuals or entities that assume some type of risk, direct or indirect, vis-à-vis society. Among others, the following stand out: shareholders, investors, employees, society, customers, suppliers, creditors, governments, regulatory bodies, competitors, press, associations and trade entities, users of electronic payment methods and non-governmental organizations.
Third parties: Natural or legal persons, public or private, that provide services to Prohards, on its premises or remotely, and in the performance of their activities may have access to information relating to Prohards’ business or that of its Customers.