Introduction and Overview: senhasegura’s Approach to Data Protection and Privacy
References to “We”, “us” or “senhasegura” in this statement mean MT4 Tecnologia Ltda. Our contact details for these entities and their respective office locations can be found here. References to “You” or “your” mean the corporation or individual person (as appropriate in the circumstances) who has or may in the future enter into a relationship with senhasegura as a customer, vendor, authorized channel partner, employee or otherwise uses the senhasegura website.
At senhasegura, we pride ourselves on being an organization that has a privacy-minded culture consistent with legal requirements. We will ensure that your personal data is: (a) processed by senhasegura lawfully, fairly and transparently; (b) only collected for clear and legitimate purposes; (c) limited in scope and time to only the extent necessary for the purpose of that processing; (d) kept accurate and up-to-date; (e) secured against unauthorized or unlawful processing and against accidental loss, destruction or damage.
What senhasegura entity is responsible for processing your personal data?
The senhasegura entity that will be responsible for processing your personal data will depend on how you use senhasegura Services and your geographical location, but will most likely include senhasegura’s headquarters in São Paulo, Brazil, as senhasegura’s principal place of business.
The relevant senhasegura entity will be referred to as “senhasegura” in this policy. A full list of senhasegura’s entities and contact information can be found here.
You can contact senhasegura at any time to request more information about the way we process personal data via [email protected] We will respond to your request in the timescales prescribed by the relevant local laws.
What personal data does senhasegura process?
The personal data that senhasegura processes will vary based on your relationship with senhasegura, but may include:
- where you are a third party with whom senhasegura has, has had or may have a business relationship, certain business contact information (e.g. business email addresses, business telephone numbers and names) in relation to performance of any contract with you or to pursue our legitimate interests;
- where you are an existing customer of senhasegura Services, so that we can provide you and your company with the senhasegura Services (such as maintenance and support services) that you have purchased and meet our contractual obligations and exercise any contractual rights (for example, invoicing you for payment);
- where you are an authorized channel partner, to manage your account for the Partner Portal and your use of the Partner Portal, including responding to questions you have raised;
- where you are any other third party with whom senhasegura currently has, in the past had, or may in the future have a contractual relationship (for example a supplier of goods or services to senhasegura) to provide you with, receive from you or jointly pursue with you any relevant goods or services where you have expressed an interest in senhasegura Services, attended a senhasegura hosted or sponsored conference or event, or downloaded any know-how from our website, so that we can explore potential solutions for you and your business;
- to notify you about developments, improvements or issues relating to senhasegura Services or related events, or otherwise where we process business contact information about you for our legitimate interests in maintaining records regarding how our customers use our products/services;
- to operate our business, for example transmitting your personal data within the senhasegura company for internal administrative purposes, such as auditing and accounting; or
- to undertake “know-your-client” and anti-fraud checks to help prevent any illegal activity, comply with applicable laws and requests from regulators and other enforcement bodies, or otherwise administer and protect our business and this website.
To opt-out of receiving communications relating to marketing, events or promotions from senhasegura, you can contact us at any time via [email protected] We will record the fact that you have opted-out of receiving marketing or promotional communications from us, unless you ask us to erase all personal data that senhasegura holds on you. Please note that if you are an existing customer then we may need to retain business contact information in order to provide you with senhasegura Services. Where you have entered into a written agreement with senhasegura which describes in more detail how senhasegura will process, store, handle or retain any such information, then that agreement will prevail. Please note that revoking your consent to our use of your business contact information could prevent us from providing you with certain senhasegura Services.
Where you use our website, certain identity information (e.g. names, usernames or similar identifiers) and technical information (e.g. IP address, login credentials, browser type and version, location data and relevant plug-ins, operating systems and platforms employed by your device(s)) to administer our website or pursue our legitimate interests to provide you with relevant website content and advertisements and measure the effectiveness of such content in your use of the website and resulting products/services through the use of data analytics to improve such content and advertisements, your use of our products/services and other aspects of our business and your overall customer experience.
Where you are applying for a role with senhasegura Personal details (including your home address, telephone number and work history) to administer such application, perform certain legal obligations and to pursue our legitimate interests in order to process your application for a specific job vacancy and keep you updated in relation to any changes to such vacancies to notify you about upcoming jobs or other information concerning your application or job search.
From time to time we may use publicly accessible sources – such as corporate websites and social networking platforms – to obtain business contact information (as defined above), or purchase databases containing business contact information from third parties, where we reasonably believe that such companies or persons may be interested in hearing more about senhasegura Services. If senhasegura contacts you as a result of this activity and you are not interested in senhasegura Services then we will record your preference on our internal systems to ensure that we minimize the possibility of contacting you again in the future.
Will senhasegura share your personal data with third parties?
senhasegura won’t sell or provide any third parties with your personal data without first obtaining your consent.
The only exception to this general rule is where we use a third party to host certain information for us which may include your personal data, are required to share your personal data with third parties so that we can comply with certain legal obligations, or to make sure we comply with our own audit and security requirements, internal policies and procedures or other legal and contractual obligations.
senhasegura may also share anonymized or aggregated data containing your personal data to third parties in order to improve our services and internal practices, but in any case where a third party is involved that third party will only have access to anonymized data and will not be able to identify you as an individual.
We will also disclose your information to third parties in and outside your country only to the extent allowed by applicable law, including:
- to a buyer or prospective buyer that acquires all or substantially all of us or our business;
- to a third party in the event that we sell or buy any business or undergo a merger, in which case we may disclose your information to the prospective buyer or buyer of such business; and
- to a third party if we sell, buy, merge or partner with other companies or businesses, undergo a reorganisation, bankruptcy, or liquidation; or otherwise undertake a business transaction or sell some or all of our assets. In such transactions, your information may be among the transferred assets.
How will senhasegura store your personal data?
If you are a senhasegura customer, senhasegura will store your personal data for the period that you continue to receive senhasegura Services and for an appropriate period of time thereafter, which enables senhasegura to comply with applicable laws (for example, for a period of 6 years in respect of any financial or transactional data where you have a business relationship with us for tax and audit purposes) as well as its internal data retention policy, a copy of which is available from us on request (for example, for the purposes of complying with any audit or accounting processes, or complying with the terms of any legal action).
If you are not yet a senhasegura customer, then senhasegura will store your personal data for the duration of any pre-sales activities, or to record the fact that you are not interested in purchasing any senhasegura Services (to avoid you receiving unwanted communications from senhasegura).
If you are applying for a role with senhasegura, we will store your personal data for no more than 24 months. At the end of that period we will remove all of your personal data from our systems. By submitting your application and CV, you consent to senhasegura storing your data in the ways and for the period of time described in this statement. For more detail on how we will process your personal data in connection with an application to work at senhasegura, please visit our careers webpage.
You may contact us at any time via [email protected] to request access to your personal data, to correct any information which senhasegura’s holds on you that contains an error or to request that we erase some or all of the personal data that we hold relating to you, or to request a copy of our retention policy. If you are an existing senhasegura customer then revoking your consent to our use of business contact information could prevent us from providing you with certain senhasegura Services.
We will maintain administrative, physical and technical safeguards designed to protect the security, confidentiality and integrity of your personal data processed by us as part of your use of our products/services, this website and any other aspects of our business as described in this policy; and will not materially decrease the overall security of such items.
Where you are a partner using senhasegura’s Partner Portal
Where you are one of senhasegura’s authorized channel partners, we will process information (including certain personal data) that you upload to the Partner Portal. For example, when you register on the Partner Portal, we will collect your account name, contact details and job function.
If you submit a Deal Registration Form via the Partner Portal, we will also collect the following information: corporate name of end customer and contact details for your point of contact within the end customer (including name, job title and address). Where you provide senhasegura with such personal data, you agree that you have first sought all necessary consents and authorizations from relevant individuals to enable senhasegura to comply with all applicable laws.
Further details regarding information that is not personal data but may be required in order to effectively use the Partner Portal and complete a Deal Registration Form can be located on the Partner Portal.
Any marketing consents, opt-ins/opt-outs or other preference details provided to us in connection with another website or service operated by us (such as the senhasegura community or our transactional websites) will be recorded and administered separately from any preferences or consents provided in connection with the Partner Portal. You have the option to change your preferences registered in connection with any of our sites or services at any time.
If you are an authorized channel partner and no longer want us to contact you related to marketing events or information, please contact us at [email protected]
Where you are an end user of senhasegura Services
Certain senhasegura Services are for business users only and are provided and administered to you by your employer (or customer, if you are an independent contractor) (“Employer”) which contracts directly with senhasegura. In these circumstances, you are an “end user” of senhasegura Services and we will collect and process your personal data on behalf of Employer. Since we act on the instructions, and on the behalf, of Employer, senhasegura is a data processor and Employer is a data controller for the purposes of the EU General Data Protection Regulation (GDPR) and/or the UK Data Protection Act 2018 (and other applicable data protection laws in the UK).
We may collect the following personal data of end users:
- First and last name and title;
- Employer and position;
- Contact information (email, username, cell phone/ mobile number, physical business address);
- Device identification data (Device ID);
- Electronic identification data (IP address; MAC address);
- Technical data (operating system information; software logs; crash reports);
- username and password to senhasegura Services;
- in relation to certain senhasegura Services, including the senhasegura.go Application, photo; or
- in relation to certain senhasegura Services, including the senhasegura.go Application, location data (using a mobile device’s built-in GPS in order for the Employer to set policies for the Services).
We will share your data with Employer and with our third party service providers (for more information on how we share your data, including where this involves a data transfer outside the EEA and UK, see the section above (Will senhasegura share your personal data with third parties?).
We will retain your personal data for as long as needed to provide the senhasegura Services to your organisation but no more than as allowed by applicable law.
senhasegura.go Application Users
If Employer uses senhasegura.go, our endpoint user remote access authentication solution, and you install and use the senhasegura.go Application for mobile (Android or iOS version), you understand that (i) the section above Where you are an end user of senhasegura Services applies to you and (ii) Employer or Employer’s administrator, will have control over certain aspects of the Services including:
- Setting password and authentication policies for the Services, including types of biometric data (e.g. fingerprint, facial recognition etc.) required and photo required (if any). Please note that while your biometric fingerprint and/or biometric facial scan may be used to enable fingerprint and/or facial recognition as part of our authentication services, we will never access the underlying authentication data stored on your mobile device. We will only receive a result indicating authentication success or failure. We will not capture, collect, store or process any biometric information;
- Requiring you to undergo the senhasegura.go onboarding process in the App, where you will be asked to confirm your identity (including in the event of repeated failed authentications or if your device is lost or stolen);
- Deleting your account for the senhasegura.go Services in certain scenarios (including in the event your device is lost or stolen or you are no longer an employee or contractor of Employer); and
- Removing features of or restricting access to the Services if certain device features are disabled by you (for example, if you disable location services on your device, you may not be able to access the Services).
How to contact us regarding or complain about senhasegura’s processing of personal data
Depending on your location and the circumstances of our processing, you will have certain rights relating to your personal data under data protection laws. These include the right to: (i) request access to, correction of or deletion of your personal data; (ii) object to or otherwise restrict senhasegura’s processing of your personal data; (iii) withdraw consent from our processing of your personal data.
If you wish to exercise any of the rights set out above, or would like to complain about any aspect of senhasegura’s processing of your personal data, then please contact us via [email protected]
While we would always appreciate the chance to deal with your concerns before you approach an external regulator, you can also contact a data protection supervisory authority in any of the countries in which senhasegura is established and you are based.
How will I know if senhasegura updates this statement?
If you are an authorized channel partner, each time you use the Partner Portal we may also collect information including domain name/IP address, referring URL, browser and platform, time of visit, pages visited and any searches performed. This information is not itself personal data but may become personal data when used in conjunction with other information that you upload to the Partner Portal. We may use this information to help us improve the performance of the Partner Portal and to assess the suitability of, or requirements for, certain services on the Partner Portal.
senhasegura uses session-based Cookies on this website to improve your interaction with our website. These Cookies only exist for your visit to our website on that occasion and are removed automatically from your computer or device once you close your browser or turn-off your device.
Last Updated: April 15, 2020