Privacy Policy

CONCEPTA DG COMPLIANCE LTDA and CONCEPTA DG SERVIÇOS, TREINAMENTO and EMBALAGENS LTDA are committed with the compliance of laws of privacy of customer data protection and the general public.  This page is designed to provide information on how we are meeting the data protection standards, what information we collect while you are browsing our communication channels, and how this information is collected, used and protected by us in accordance with Law No. 13,709/2018 (General Data Protection Law – “LGPD”). Our products and services use, as well as our platforms, and other interactions means made available, is subject to acceptance of this Privacy Policy, including with regard to our employees.

1. Personal Data Source

The aforementioned companies will have access to personal data in the following situations:

  • Through the interaction with a customer:  When the Customer provides and assigns personal data necessary for the provision of our products and services;

  • Interaction with your collaborators: When its employees and collaborators of any nature use its systems and platforms to fulfill the duties and obligations arising from the contractual relationship they have.

2. Types of personal data and sensitive personal data collected

Without prejudice to the data commonly collected and processed from its employees for the purposes of the legal relationship they have, CONCEPTA companies may still collect the following personal data:

  • Names and contact details such as first and last name, email address, postal address, telephone number and other similar types of contact details such as bank details;

  • Device information, such as information about your device, such as IP address, location or provider;

  • Information on usage and browsing history, such as information about how the User navigates within our services, his/her browsing history and which elements of the services of CONCEPTA companies are most used;

Sensitive personal data, which occasionally are collected by CONCEPTA companies, will have their purpose separately informed to the User, who must consent to us using them in a specific way, and in case of disagreement, the data will be automatically deleted from our databases;


CONCEPTA Companies do not collect data from minors, except with parents or guardians authorization, if collected without authorization, as soon as CONCEPTA becomes aware, it will immediately delete the data collected, according to the Terms of Use and this Privacy Policy rules.

3. Use of Collected Personal Data

When collected, CONCEPTA companies will use personal data to:

  • Provide and improve the contracted services;

  • Comply with a legal or regulatory obligation;

  • Manage the relationship with Users;

  • Configure and manage User accounts;

  • Provide technical assistance, support and training to the User;

  • Contact Users;

  • Internal research and development purposes and to improve, test and perfect the features and services of CONCEPTA companies functions;

  • Provide Users with marketing, publicity, advertising, including from partner companies as permitted by law;

  • Meet internal and external audit requirements, including information security obligations of CONCEPTA companies;

  • Send messages by electronic mail to: a) confirm or cancel requests through the use of the platform; b) communicate future changes that this policy may undergo; and c) disclose updates, changes, additions of new data sources and platform improvements.

  • In order to exercise the rights of CONCEPTA companies, including, but not limited to privacy, security, networks, systems and their properties or those of third parties;

  • Comply with requests from the courts, law enforcement authorities, regulatory bodies and other public institutions and government authorities, including, but not limited to, any rules in force outside the user's country of residence;

  • CONCEPTA companies exercise of the rights and to defend themselves from any legal actions, as well as to comply with any legislation or regulation applicable to the companies or third parties with whom we work, as well as for the good agreements performance signed between our companies and their users;

4. Third-Parties Personal Data Sharing

The User accepts and agrees that CONCEPTA companies share their personal data with the following categories of recipient:

  • Companies that provide access or are responsible for the registration on which the user is dependent;

  • Partner companies, such as third-party service providers and other companies that assist us in providing our services or who may take action on our behalf, protecting our rights, users, systems and services;

  • Third parties to which CONCEPTA companies owe a satisfaction or are authorized to disclose information by law (Example: government agencies, regulatory agencies, the judiciary power and other public authorities);

  • Third parties in order to participate in the sale, merger, acquisition, restructuring, joint venture, assignment, transfer of part or all of the CONCEPTA companies' business, event in which the User's data will be considered an asset and transferred in an eventual negotiation;

  • Third parties who need the data to protect the rights of companies CONCEPTA;

  • Any individual or legal entity for which the User requests their data portability.

5. Personal Data International Transfer

CONCEPTA Companies do not have the objective to carry out any personal data transfer of the User captured outside Brazil, provided that if not the cases listed below, Users will be informed in advance by e-mail, at which time the user may or may not accept the transfer, and in case of disagreement, you may have your access rights blocked.


The international transfer of data described in the General Data Protection Law (LGPD) lacks the designation of guidelines to be established by the National Authority for the Protection of Personal Data (ANPD), whereas, when defined, CONCEPTA companies will commit to complying with them in their entirety.

6. Processing Personal Data Protection

CONCEPTA companies use appropriate technologies and procedures to protect any personal data collected (including administrative, technical and physical protections) according to the risk level and service provides, having a legally responsible team to deal with the secure management of data in line with legal provisions, regulatory requirements, changes in technology, among other relevant factors that may influence the way to protect personal data.


We use all reasonable market efforts to ensure the security of our systems and the data collected, using highly qualified and reputable Internet providers and database and storage servers, in addition to security certificates (SSL) and software to protect against unauthorized access to systems, as well as standard methods for encrypting and anonymizing the data collected.


This Policy represents our efforts to protect the Users information. However, due to the very nature of the Internet, it is not possible to guarantee that malicious third parties will not access improperly the stored information, reason why, if this occurs, the CONCEPTA companies will be responsible within the limits provided by law.


CONCEPTA companies, within a reasonable period to be defined by the National Data Protection Authority (“ANPD”), must notify the ANPD and the affected User of the occurrence of a security incident that may cause relevant risk or damage to the affected User, mentioning, at least:

  • the description of the nature of the personal data affected;os dados pessoais afetados;

  • the information about the holders involved;

  • the indication of the technical and security measures used for data protection, observing commercial and industrial secrets;

  • the risks related to the incident;

  • the reasons for the delay, in case the communication was not immediate; and

  • the measures that have been or will be adopted to reverse or mitigate loss effects.

7. Data Processing and CONCEPTA Companies Responsibilities

CONCEPTA companies will be responsible for the treatment as follows:

  • When dealing with personal data provided directly by their Customers, CONCEPTA companies will be Operators acting without interference in the treatment form indicated by the Controller, but under the LGPD terms;

  • CONCEPTA companies will be the Controller of the Personal Data of their employees, treating them based on the Contracts Execution, in Compliance with legal or regulatory obligations, and still, in specific and determined situations, in Consent. 

The CONCEPTA companies may adopt different legal bases for personal data different processing.

8. Processing Personal Data Deadline

CONCEPTA companies calculate personal data retention period according to the following criteria:

  • Period necessary to fulfill the collection purpose;

  • The moment the Customer/User ceases to use the services of our companies;

  • The moment when there is a consent revocation or a request for personal data deletion by the Holder;

  • The time required to demonstrate compliance with the duties and obligations of CONCEPTA companies;

  • The necessary period provided for by law, regulations, court decisions, etc.;

  • Determination of the Data Protection National Authority;

  • Legal obligation or regulatory compliance by the Controller;

  • Perfect execution of the agreement;

  • Needs related to compliance with the legal system, as well as for any legal disputes;

  • Transfer to a third party, provided that the data processing requirements established by law are complied with; or

  • Controller exclusive use, which access by a third party is prohibited, and provided that the data is anonymized.

9. User Rights

According to the Brazilian Data Protection General Law, the user will have the following rights in relation to the personal data processing:

  • Confirmation Right: the User may confirm whether CONCEPTA companies process any of their personal data;

  • Access Right: the User may make a written request for details of how your information is being used, as well as for a copy of such information;

  • Correction Right: the User may correct or remove any data that is incomplete, inaccurate or outdated;

  • Anonymization, Blocking or Deletion Right: the User may request the anonymization, blocking or deletion of unnecessary, excessive or treated data in disagreement with the purposes for which consent has been given, observing, for that purpose, other rules of the legal system;

  • Exclusion Data: the User may request some data exclusion, except those in which the law authorizes its conservation;

  • Information Right: The User may request information from the public and private entities with which the companies have shared their data, as well as the consequences if they choose not to consent to the collection and processing of their personal data;

  • Refuse Marketing Right: At any time, the User may request receiving advertisements cancellation and other materials through the link provided in the marketing email sent.

  • Portability Right: The User may request that their personal data be transferred to themselves or third parties, except for those that have already been anonymized and excluded by CONCEPTA companies.

  • Withdraw Consent Right: The User may withdraw any consent previously given to us to use their personal data. The User is aware that the cancellation will not affect the use or data carried sharing out prior to the request for revocation of consent.

The rights provided for in this chapter are not absolute, and the User must, whenever they want to exercise them, contact us through the channel: This email address is being protected from spambots. You need JavaScript enabled to view it.


CONCEPTA companies undertake to respond to such requests as soon as possible and at no cost to the User, limited to a maximum period of 15 (fifteen) days from the request receipt, unless a longer period is required to respond due to complexity, reasons of fact or law, opportunity in which the User will be communicated.


CONCEPTA companies will immediately communicate to the processing agents with whom they have shared User data about the correction, deletion, anonymization or blocking of data, so that the same procedure can be repeated.


Confirmation of the existence or access to the User's personal data provided for in this chapter will be provided, electronically or expressly, in a simplified format or by means of a clear and complete statement, indicating the data origin, the lack of registration, the criteria used and the processing purpose, always observing the commercial and industrial secrets of the CONCEPTA companies.

10. Cookies

The CONCEPTA companies and any partners may use cookies and other similar technologies to store and manage User preferences, offer targeted advertising, enable content and collect analytical and usage data, for example. The use of cookies and other tracking technologies is standard across websites and platforms, through which information about the User's activities on the platform, websites or other services is collected.


A cookie is a small text file, placed on a computer or other device, used to identify the User, device used and to collect information and can perform the following functions:

  • Necessary Cookies: they are essential to allow the User to browse a platform and use its features.

  • Performance Cookies: they collect information about how the User uses our platform and serve to improve his/her navigation and improve his/her experience. The information collected includes, for example, internet browsers and operating systems used, the web site domain name visited previously, visits number, the average duration of the visit and the pages viewed.

  • Functional Cookies: they allow the platform to remember choices the User has made (such as their username or ID, language preference or the area or region the User is in) and provide enhanced and more personal features.

  • Advertising Cookies: they track the User's browsing habits and are used to deliver targeted advertising. These cookies also limit the number of times you see an ad and measure the effectiveness of advertising campaigns. They also remember that the User has already visited a website and this information is shared with other organizations, such as advertisers.

We use necessary and performance cookies.


At any time, the User may deactivate the Cookies by means of his/her browser settings, installing plug-ins available in the market, or even making use of other technologies that it deems necessary.


In addition to cookies, we use other tracking technologies, such as:


Web Server and Platform Logs: our servers automatically collect certain information to assist, administer and protect the services offered, as well as to analyze usage and improve the User experience. The collected information include:

  • IP address and browser type;

  • Device information, including the Unique Device Identifier (UDID), MAC address, Identifier for Advertisers (IFA) and similar identifiers assigned by us or third parties;

  • Device operational system and other technical data;

  • City, state and country from where you are accessing the BRAZIL RISK platform, including for fraud prevention;

  • Typed information or texts;

  • Clicked links and buttons;

Connections via Social Networks: Some of our services may include social media features such as Facebook “Like” buttons and widgets; “Share” button and interactive mini-programs.


We may allow the User to choose to use the logins of their own social networks to access some of the services offered, in which we may receive and store authentication information from these services.

11. Contact’s Information

Doubts, comments, suggestions and/or complaints regarding this Privacy Policy, as well as any need for personal data information, alteration or deletion, may be made by the User directly to CONCEPTA companies, through the email: This email address is being protected from spambots. You need JavaScript enabled to view it.

12. Amendments

We seek constant updates and improvements, so this Privacy Policy may be updated at any time, always aiming at a better provision and protection to users.


In the event of changes that reach the purpose and duration of the processing of the User's personal data, the User will be informed through the email registered in our services or through the platform itself in advance of 30 (thirty) days. If there is disagreement with the changes, the User may revoke the consent provided, being unable to use our services.


If in the future we change our policy to share data with third parties, we will forward a message 30 (thirty) days in advance to the user through the registered email, who may disagree with the sharing, occasion when you will continue to use our services normally.


The User is advised to periodically read this policy in order to keep up to date with its content.

13. Legislation and jurisdiction

This Policy will be governed, interpreted and enforced in accordance with the laws of the Federative Republic of Brazil, regardless of the conflicts of these laws with the laws of other states or countries, being competent the jurisdiction of São Paulo to resolve any doubts arising from this instrument, with the waiver of any other, however privileged it may be.


All rights reserved.

Where we are

Useful Links

© 2021 All rights reserved.

Useful links

Learn about national and international regulations.

Let's talk!

Get in touch with our team and ask your questions.