Privacy Policy
Introduction
Marketplace B2B Serviços Inteligentes Ltda (CNPJ 31.415.786/0001-31), trading as Salesrun ("Company," "we," or "our"), is committed to protecting the privacy of its users ("User," "you," or "your"). This Privacy Policy ("Policy") describes how we collect, use, and disclose your personal information when you use our services ("Services"). By using our Services, you agree to the terms of this Policy.
Compliance with Regulations
This Privacy Policy has been designed to comply with the European Union's General Data Protection Regulation ("GDPR") and Brazil's General Data Protection Law ("LGPD").
Collection of Personal Information
We collect the following personal information when you use our Services:
-
Contact Information: Name, email address, phone number, and personal document.
-
Account Information: Username, password, and other information you choose to provide when creating an account with us.
-
Usage Data: Information about how you use our Services, such as your IP address, browser type, operating system, pages visited, and the time spent on each page.
-
Third-Party Information: We may collect information about you from third parties, such as websites and social media services that you connect to your account with us.
Legal Basis for Processing
We process your personal information based on the following legal grounds:
-
Consent: We request your explicit consent to process your personal data for specific purposes, such as direct marketing and new services that may be of interest to you. You may withdraw your consent at any time, which will not affect the legality of the processing based on the consent before its withdrawal.
-
Contract Performance: We process your personal data to fulfill the contract you are a part of, such as to register your account, provide our contracted services, and respond to your requests and inquiries.
-
Legitimate Interest: We process your personal data based on our legitimate interest, which includes analyzing and improving the use of our Services, personalizing your experience, and preventing fraud. We consider and balance any potential impact on you and your rights before processing your personal data for our legitimate interests. You may object to this processing.
-
Legal Obligation: We process your personal data when necessary to comply with legal obligations, including responding to government or judicial authorities as required by law.
Each legal basis is applied according to the nature of the interaction you have with our Services and helps ensure that our processing complies with applicable data protection regulations.
Use of Personal Information
We use your personal information for the following purposes:
-
Providing and Improving our Services: We use your personal information to provide and improve our Services, including processing your requests/orders, providing customer support, and sending marketing communications (with your consent).
-
Personalizing Your Experience: We use your data to personalize your experience with our Services, such as recommending products and services that may interest you.
-
Analyzing Service Use: We use aggregated data to understand how our Services are used and to improve their functionality and performance.
-
Preventing Fraud and Abuse: We use your data to detect and prevent fraud and abuse in connection with our Services.
-
Complying with the Law: We use your personal information to comply with applicable laws and regulations.
Disclosure of Personal Information
Committed to maintaining the confidentiality and integrity of your personal information, we disclose your data in the following situations:
-
With Your Consent: We share your personal information with third parties when we have your explicit consent to do so. This may include sharing your information to provide products or services you requested.
-
To Service Providers: We work with service providers who assist us in operating our services, such as payment processing, data analysis, marketing and advertising, and customer support. These providers are subject to strict contractual obligations to maintain the confidentiality of the personal information they receive and are prohibited from using the data for any purposes other than those specified in our contracts.
-
Legal Compliance: We may disclose your personal information when necessary to comply with applicable laws, respond to legal processes, and protect the rights and safety of our company or third parties, including enforcing our terms and conditions.
-
Corporate Transactions: In the event of a restructuring, merger, sale, joint venture, assignment, transfer, or other disposition of all or any part of our company, assets, or stock, we may transfer personal data to third parties involved in the process.
-
Protection and Security: We use your personal information to help detect, investigate, and prevent fraudulent or illegal activities and protect the security of our users and our platform.
We ensure that all such transfers comply with applicable data protection laws and that information is adequately protected. In each case of international data transfer, we ensure the implementation of appropriate safeguards, such as Standard Contractual Clauses, to protect your information.
International Data Transfers
Your personal data may be transferred to servers located outside Brazil and the European Union. In such cases, we ensure that transfers are made according to appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission.
Cookies and Similar Technologies
We may use cookies and other tracking technologies to collect and store certain data whenever you access our Services. You can adjust your browser settings to disable cookies. Please note that disabling cookies may limit your ability to use all features of our Services.
Data Retention
Salesrun retains your personal information for the time necessary to fulfill the purposes for which it was collected, in accordance with our internal retention policies and applicable laws. We detail below how and why we retain your data and for how long they are usually retained:
-
Contact and Account Information: We retain your contact information, such as name and email, and account details while your account is active and for up to 5 years after account closure to resolve potential legal or support issues.
-
Usage Data: Information about how you use our services is retained for no more than 3 years to analyze and continuously improve our services.
-
Third-Party Information: Data collected from third parties, if integrated with your account, are retained under the same conditions as account information.
-
Employment Data: In the case of job applications, information is retained during the recruitment period and, if unsuccessful, up to one year after the recruitment process ends, unless you consent to retain this information for a longer period.
-
Legal Compliance Information: Certain data may be retained for longer periods as required by legal, regulatory, tax, or accounting obligations.
At the end of retention periods, your personal information is completely deleted or anonymized so that it cannot be reconstructed or read. If the data is used for statistical analysis, it will be aggregated and anonymized to not identify any specific individual.
Data Retention after Deletion Request
When you request the deletion of your account and associated data, we typically remove your personal information from our systems. However, in some cases, we may retain certain data to fulfill legal obligations, resolve disputes, and maintain security. For example:
-
Legal Obligations: We retain records necessary to meet legal, tax, or regulatory requirements for periods that may exceed the duration of your account.
-
Legal Disputes: If there is a pending dispute or litigation, we may retain necessary information until the matter is resolved.
-
Security and Fraud Prevention: We may retain information to prevent fraud and abuse of the system.
This data will be securely maintained only for the time strictly necessary to fulfill these purposes.
Data Security
At Salesrun, we take the security of your personal information seriously and implement robust technical and organizational security measures to protect your data from unauthorized access, alteration, disclosure, or destruction. Our security measures include:
-
Cloud Infrastructure: We use Google Cloud Platform (GCP) to host and manage our data, leveraging its advanced security and compliance capabilities.
-
Advanced Protection: We employ Cloudflare and Cloud Armor to provide an additional layer of protection against threats, such as DDoS attacks and other forms of malicious intrusion.
-
SSL Encryption: To ensure data transmission security, we use SSL certificates from GoDaddy, which encrypt communication between end-users and our servers.
-
Best Security Practices: We follow best security practices in our company, including strict access management, regular audits, and ongoing training of our employees in cybersecurity.
-
Information Classification Policy: We have implemented an information classification policy that is rigorously followed by our employees to ensure that all data is handled and stored according to its level of sensitivity.
-
Incident Response Procedures: We have established an incident response procedure disseminated across all company areas. This procedure ensures a quick and effective response in managing and mitigating any data security breach.
We are committed to maintaining the integrity and security of your personal information. Although no security measure on the internet is infallible, our proactive approach and advanced security tools help minimize potential risks.
Your Rights
You have significant rights concerning the processing of your personal information, including:
-
Access: You have the right to request a copy of the personal information we hold about you.
-
Rectification: You have the right to ask us to correct information you believe is inaccurate. You also have the right to request that we complete information you believe is incomplete.
-
Deletion: You have the right to request the deletion of your personal information, under certain circumstances.
-
Restriction of Processing: You have the right to request that we restrict the processing of your personal information, under certain circumstances.
-
Portability: You have the right to request that we transfer the data we have collected to another organization or directly to you, under certain conditions.
-
Objection: You have the right to object to our processing of your personal information, under certain conditions, including processing for direct marketing purposes.
To exercise any of these rights, please contact us at support@salesrun.io. We will respond to your request as required by law, usually within one month. If your request is particularly complex or if you have made several requests, it may take longer. In such cases, we will notify you and keep you updated on the progress of your request.
Changes to this Policy
We may update this Policy from time to time. We will notify you about any significant changes to this Policy by email or by posting a notice on our website.
Contact
If you have any questions about this Policy, please contact us at https://salesrun.io, through the contact form, or by email at support@salesrun.io.
Additional Notes
-
This Policy does not apply to information collected from third parties, except when such information is combined with your personal information.
-
This Policy does not apply to the practices of companies we do not own or control.
Example of Data Breach Disclosure:
If we are required by law to disclose a data breach that affects your personal information, we will make every effort to notify you by email as soon as possible. The notification will describe the nature of the breach, the affected data, and the corrective measures taken.