Privacy Policy

Glass Group (hereinafter "we", "our", or "Glass Group") is committed to protecting and respecting the privacy of personal data of our clients, users, and partners. This Privacy Policy describes how we collect, use, store, and protect your personal information in compliance with the Brazilian General Data Protection Law (LGPD - Law No. 13,709/2018) and other applicable legislation.

1. Information We Collect

1.1. Data Provided Directly by You

• Registration Data: Full name, email, phone number, company, position
• Contact Data: Messages sent through contact forms
• Access Data: Login credentials, encrypted passwords (when applicable)
• Commercial Data: Information about proposals, contracts, and business transactions

1.2. Data Collected Automatically

• Browsing Data: IP address, browser type, pages visited, time spent
• Cookies and Similar Technologies: Information about preferences and browsing behavior
• Device Data: Operating system, browser version, screen resolution
• System Logs: Access records, date and time of service usage

1.3. Data from Third Parties

We may receive data from business partners, credit bureaus, and other legitimate sources, always with proper consent and appropriate legal basis.

2. How We Use Your Data

2.1. Processing Purposes

We use your personal data for the following purposes:

• Service Provision: Provide, operate, and maintain our platforms and software solutions
• Communication: Respond to requests, provide technical support, and send relevant information
• Improvement: Enhance our products, services, and user experience
• Security: Protect against fraud, unauthorized access, and illegal activities
• Legal Compliance: Meet legal and regulatory obligations
• Analysis and Statistics: Generate analytical reports and usage statistics (always anonymized)
• Marketing: Send communications about products, services, and events (with your consent)

2.2. Legal Basis for Processing

The processing of personal data by Glass Group is based on the following legal grounds provided by the LGPD:

• Consent: When you expressly authorize the processing
• Contract Performance: To fulfill contractual obligations
• Legitimate Interest: For legitimate interests of the company or third parties
• Legal Obligation Compliance: To meet legal and regulatory requirements
• Credit Protection: For credit analysis and protection

3. Data Sharing

3.1. Who We Share With

We may share your personal data with:

• Clients and Partners: Financial institutions and companies that contract our services
• Service Providers: Hosting providers, data analytics, technical support
• Public Authorities: When required by law or court order
• Credit Bureaus: For authorized credit inquiries and analyses
• Insurers: For processing insurance contracted through our platforms

3.2. International Transfer

Some of our service providers may be located outside of Brazil. In such cases, we ensure that international data transfers comply with LGPD requirements, including standard contractual clauses and adequate protection guarantees.

4. Storage and Security

4.1. Security Measures

We implement appropriate technical and organizational measures to protect your data:

• Encryption: TLS 1.3 for data in transit and AES-256 for data at rest
• Access Control: Multi-factor authentication and principle of least privilege
• Monitoring: Intrusion detection systems and 24/7 monitoring
• Backups: Regular encrypted backups with appropriate retention
• Security Testing: Periodic audits and penetration testing
• Compliance: Certifications and compliance with security standards

4.2. Retention Period

We retain your personal data for as long as necessary to fulfill the purposes described in this policy, unless a longer period is required by law or necessary for:

• Compliance with legal and regulatory obligations
• Resolution of disputes and enforcement of agreements
• Fulfillment of legitimate interests

5. Your Rights

Under the terms of the LGPD, you have the following rights regarding your personal data:

• Confirmation and Access: Confirm whether we process your data and request copies
• Correction: Request correction of incomplete, inaccurate, or outdated data
• Anonymization, Blocking, or Deletion: Request anonymization, blocking, or deletion of unnecessary or excessive data
• Portability: Request data portability to another provider
• Data Deletion: Request deletion of data processed based on consent
• Sharing Information: Obtain information about entities with which we share data
• Consent Refusal Information: Be informed about the possibility of not providing consent
• Consent Revocation: Revoke consent at any time

5.1. How to Exercise Your Rights

To exercise any of these rights, please contact us through the channels indicated in the "Contact" section below. We will respond to your request within 15 business days.

6. Cookies and Tracking Technologies

6.1. Types of Cookies Used

• Essential Cookies: Necessary for the basic functioning of the website
• Performance Cookies: Collect information about how visitors use the site
• Functionality Cookies: Remember your preferences and choices
• Marketing Cookies: Track your online activity for advertising purposes (with consent)

6.2. Cookie Management

You can control and/or delete cookies through your browser settings. Disabling cookies may affect the functionality of the website.

7. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not intentionally collect personal data from minors. If we become aware that we have collected data from a minor without proper parental consent, we will take steps to delete that information.

8. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes through:

• Notice on our website
• Email to the registered address
• Notification on our platforms

The updated version will take effect on the date of its publication.

9. Applicable Law and Jurisdiction

This Privacy Policy is governed by Brazilian laws, in particular the General Data Protection Law (Law No. 13,709/2018). The courts of the District of Apucarana, State of Parana, are elected to resolve any disputes arising from this policy.