This policy aims to guide the owner of personal data in the exercise of their rights, especially with regard to requests for personal data to Coats.
It should be noted that these requests include, but are not limited to: Request for confirmation of the existence of treatment; Request for access to data; Request for correction of incomplete, inaccurate or obsolete data; Request to block or delete unnecessary, excessive or processed data in violation of the law; Request for deletion of personal data processed with the consent of the owner and revocation of consent; Data portability request; Request for information from public and private entities with which Coats shared data and various requests.
Any request made to Coats based on this policy, in which it acts as the Data Controller, will be free and facilitated, always respecting the rights of the holders of personal data.
Every natural person has the right to be informed about the processing of their personal data, in this sense, this policy covers all natural persons subject to the General Law on Protection of Personal Data (LGPD), Law No. 13,709, of 14 of August 2018, regardless of whether Coats handles your data.
It is worth mentioning that this policy has effects in the cases in which the actions of Coats are demonstrated as Responsible for the Treatment, so that all the rights foreseen and listed will be analyzed, even if they are illegitimate or unreasonable, to, from there, be fulfilled. in case of prediction in law.
In situations in which the performance of Coats as an Operator is evident, we commit ourselves, solely, to direct our best efforts to make the request known to the controller, as a sample of good practices.
Coats provides direct contact via e-mail: DataProtection.BR@coats.com, which will do everything possible to respond to requests in the shortest possible time, respecting the suggested deadlines for each type of request.
In addition, Coats reserves the right not to respond to requests that are unfounded, excessive, illegal, that imply a disproportionate service effort, that involve the disclosure and exposure of Coats’ commercial and industrial secrets or when there is any risk of breach of data, and in these situations of refusal Coats will present its justification given the impossibility of meeting said request.
For the purposes of accounting for any term in days indicated in this Policy, only the business days in force in the city of São Paulo / SP will be counted, which will be counted excluding the starting day and including the expiration day.
Any natural person can contact Coats to send requests related to their own personal data.
You may also prefer that a third party (for example, a family member, friend, or lawyer) make a request on your behalf. In this case, as a form of security for his personal data, the third party must present a power of attorney by means of a public instrument, registered in the Public Notary, for the specific purpose of the request presented. If there is no evidence that a third party is authorized to act on her behalf, Coats will not comply with the request.
To prevent the personal data of one person from being sent to another, accidentally or as a result of fraud, Coats may need to validate them, either you the data subject or a third party with powers of representation for the data subject.
This level of security seeks to prevent possible damages that the undue disclosure of information could cause to the owner of the personal data.
You may just want to know if Coats handles your personal data.
Upon request for confirmation of the existence of data processing, we will answer you exactly whether or not Coats carries out the processing of your personal data, reaffirming our commitment to transparency, without any confirmation or submission of content.
Response time: 5 (five) days.
Once the request has been made and it has been established that Coats does not process your personal data, Coats will respond to your inquiry and will delete the personal data sent that instructed the request, within a maximum period of 3 (three) contact days from the sending the reply.
If you are aware that Coats has previously processed your personal data, but have received a response that there is no data stored in our systems, we inform you that the processing of your personal data may have ended, in which case we will delete it. your personal data or anonymize it so that it is impossible to identify it, it is no longer considered personal data. In these cases, as we do not keep any record of your data, by law, we will respond that we do not process your personal data.
We ask that you do not insist on reiterating requests in this situation, since your possible identified or identifiable personal data previously processed is not stored in any type of backup or location unknown by Coats, being deleted or anonymized in a secure way.
If you want to make a new request, you must start the new authentication step, since the data of your personal request will not be stored in our databases.
If you request access to personal data, we will display all of your personal data that we process.
Once the processing of your personal data has been identified, we will provide you with verification access for a period of 5 (five) days, and you will be able to select the data validation option, if they are correct and complete; or correction of the data if there is any need for correction, complementation or updating.
If we do not identify the processing of your personal data, we will return the negative information, in accordance with topic 8 above.
Return period: 10 (ten) days.
After accessing your personal data, you can request the correction of incomplete, inaccurate or outdated data. In this request you can inform us what data you want to change, based on the data we have processing.
We hope you understand that we carry out our activities with the limitation of the treatment to the minimum necessary, covering only relevant, proportional and not excessive data, that is, you will not be able to request additional types of data to those that we consider necessary for processing purposes.
If we have any questions regarding the request to modify your data, we may ask you to send the document containing the data you wish to modify, scanned, as a means of validating the information, thus preserving the quality of your data.
Return period: 10 (ten) days.
In some cases, you have the right to request the deletion or deletion of your personal data, when processed with your consent.
Please note that this is not an absolute right, as we may have legal or legitimate reasons to retain your personal data.
Return period: 10 (ten) days.
When you use our website to request information about our products or services, sign up for newsletters or events, respond to surveys or marketing communications, or use any of our community forums, or use our website to apply for a job, you can revoke The consent. to the processing of your data in cases where such processing is based on consent.
The withdrawal of consent does not affect the legality of the processing based on the consent before the withdrawal.
Return period: 5 (five) days.
The LGPD law grants the interested party the right of data portability to another provider of services or products. However, we understand that you, as the owner of the data, also have the right to obtain a copy of this data for yourself, in a structured, commonly used, machine-readable format in machine-readable format, whenever technically possible.
Therefore, we provide you with the opportunity to use a personal data file, in machine-readable format, for the purpose of preserving and storing personal data and granting authorization to data controllers in order to access and process personal data, in insofar as you understand it. necessary.
This right must be exercised by requesting data portability, which will include receiving a copy of your personal data, or sending the same file to a specific provider.
Exercising the right to receive the data in machine-readable format, we will send you the encrypted file. We recommend that from the moment you have possession of this file, you store and use it safely, as Coats is not responsible for any violation of this file and stored data after it leaves our sphere of control.
If you request data portability to another service or product provider, you must inform us of the recipient provider’s details.
In this case, it should be mentioned that the LGPD, nor the National Data Protection Agency (ANPD), to date, imposes on Coats the obligation to adopt or maintain treatment systems that are technically compatible with the other provider, nor the obligation of the recipient and accept the personal data contained in the portability file.
Return period: 20 (twenty) days.
You can request information from public and private entities with which Coats shared data usage, and we will respond to you which personal data was shared and with which entities.
Return period: 20 (twenty) days
In addition to the requests listed above, you can also contact us to submit requests not covered by this policy. In this situation, we will analyze your request and the best way to respond to it, if there is no prohibition that justifies our just refusal.
Given the impossibility of predicting what will be asked of us, we cannot estimate the response time, since it will depend on the evaluation of the effort required. However, we promise to return your request in the shortest time possible, with a limit of 30 (thirty) days depending on the type of request.
Likewise, we remind you that the requests described above and addressed to the controller are his sole responsibility, derived from his exclusive analysis of legality and legitimacy for the processing of your personal data, as well as the possibility of complying with the request presented.