Policies
Privacy Notice
This Privacy Policy presents, in a simple, objective, and transparent manner, information on how the SEK Group – Security Ecosystem Knowledge collects and uses the personal data of users and visitors to our Institutional Portal.
The SEK Group – Security Ecosystem Knowledge is committed to providing the protection resources required by Latin American organizations to defend themselves against the broad and sophisticated range of current cyber threats.
We value transparency, respect your privacy, and are committed to complying with applicable national and international privacy and personal data protection laws, as well as this document, which describes how we process your personal data, your rights, and the means available for you to seek information.
To facilitate understanding of the Policy, whenever we use the term “YOU” in uppercase or lowercase, we are referring to the user or visitor of our website.
If you are a user or simply a visitor to our Portal, we will act as the “controller” of your personal data whenever we collect it. And what does that mean? It means that we determine the means and purposes for using your personal data.
In addition, we must clarify what your rights are and provide you with the appropriate means to exercise them. Therefore, below you will find the access channel to our Privacy Portal and the contact information for the Data Protection Officer of SEK Group – Security Ecosystem Knowledge.
You can contact our Data Protection Officer to exercise your rights, request information, and clarify any doubts through the following communication channels:
Privacy Portal
Names of DPOs:
Colombia: Juan Carlos Lara ([email protected])
Brazil: PDK Advogados – Raphael Dutra da Costa Campos ([email protected])
Read this document, as it is linked to your rights regarding personal data processing activities;
In the event that you provide us with third-party personal data, or that third parties provide us with your personal data, we will only use it for the specific reason for which such data was provided. Please note that you are solely responsible for (i) ensuring, prior to providing any third-party data to SEK Group – Security Ecosystem Knowledge, the legality of such sharing, (ii) informing the third party about the terms of this Policy, and (iii) keeping SEK Group – Security Ecosystem Knowledge exempt from any liability related to the lack of information and/or consent of the third party (we may need to contact them to verify the authenticity of personal data subject requests); and
By providing your personal information, you authorize us to process it in accordance with this Policy and applicable legislation.
Personal data is any information that can identify you or be related to you, directly or indirectly. Therefore, in order to carry out its activities, SEK Group – Security Ecosystem Knowledge collects and uses personal data. Regarding how your personal data is collected, the following situations are highlighted:
- When you browse the SEK Group – Security Ecosystem Knowledge portal
When you access and browse the SEK Group – Security Ecosystem Knowledge website, whether you are a partner, employee, or simply a user interested in our activities, we collect your IP address, information about the device used, and the date and time of access.
In addition, the storage of access-related information (such as the IP address, for example) is mandatory under the Brazilian Internet Civil Framework (Law 12.965/2014), which requires access records to be kept for a minimum period of 6 months.
- When you interact with us
We collect personal data when you show interest in our activities and wish to become a collaborator or part of our network by filling out our registration forms. We also collect data when you contact us through our communication channels (such as social media, phone, email, or contact forms available on our Portal) to ask questions, raise issues, or send us suggestions.
- When you register through the Portal
When you complete a registration, we collect your data through registration forms in order to evaluate your profile and get in touch with you. This may include collecting your first name, last name, job title, company, phone number, email address, etc.
To honor our commitment to your privacy, we only use your data in accordance with what is permitted by the General Data Protection Law (LGPD). Here are the reasons why we process your data:
With the free, explicit, informed, and unambiguous consent of the DATA SUBJECT, only when legally required, necessary, or permitted. If SEK Group – Security Ecosystem Knowledge uses the DATA SUBJECT’s consent as the legal basis for processing their Personal Data, the DATA SUBJECT may withdraw their consent at any time.
To comply with a legal or regulatory obligation.
For the regular exercise of rights in judicial, administrative, or arbitration proceedings.
To establish a contractual relationship between the DATA SUBJECT and the COMPANY and to fulfill our obligations under the terms of a contract.
In order to respond to requests from the DATA SUBJECT.
To protect the vital interests of any person.
Based on any other legal basis permitted by the LGPD.
When necessary to serve the legitimate interests of SEK Group – Security Ecosystem Knowledge, for example:
Obtaining data to support and promote the activities of SEK Group – Security Ecosystem Knowledge.
Obtaining data to ensure the exercise of the DATA SUBJECT’s rights or to provide services that benefit them.
Ensuring the information security of our networks and systems.
Managing and conducting business operations within the COMPANY.
Preventing or investigating suspected or actual violations of the law, contractual breaches, or other policies of SEK Group – Security Ecosystem Knowledge.
Optimizing or expanding our commercial reach and the relevance of our communications.
You have control over your information and may object to the processing of your personal data. You can choose to unsubscribe from receiving updates about SEK Group – Security Ecosystem Knowledge at any time, free of charge. Additionally, you can:
- Request confirmation about which data we use or share and for what purposes;
- Request the deletion of your data from our database.
You can exercise your rights through the Privacy Portal, as well as through our Data Subject Rights Request Form, in accordance with the General Data Protection Law (LGPD).
You have the right to confirm whether or not we process your personal information. If so, you may request access to your personal information, along with additional details about the data processing activities, such as:
- the categories of personal data processed about you;
- the purposes of the personal data processing activities;
- the retention periods of the personal information;
- e outras questões que possam esclarecer as atividades de tratamento de dadosand other relevant information that may clarify the data processing activities.
Please note that, in order for your request to be fulfilled, you must verify your identity by presenting your identification document or, in the case of a legal representative, a power of attorney. Additionally, your request will be answered within 15 (fifteen) days from the date we receive it.
The confirmation of whether or not there are personal data processing activities related to you will be provided within 24 (twenty-four) hours from the receipt of your request (or within a longer period if permitted by applicable law), provided the request includes the required supporting documentation mentioned above. However, for a complete statement regarding personal data processing activities and additional information about those activities, we will comply with the maximum deadline of 15 (fifteen) days (or within a longer period if permitted by applicable law).
You have the right to request the correction and rectification of any inaccurate, incorrect, or outdated personal data about you.
You may object to the processing of your personal data when it is carried out based on one of the legal grounds that does not require your consent.
You may withdraw any consent previously granted. This action will prevent us from continuing to process your personal data. However, any operations carried out prior to the date of withdrawal will remain valid.
You may also request the portability of your personal data to another organization. In this case, we will send you a copy in CSV format so that you can provide it to the appropriate party. If you request it and it is technically feasible, we will transfer your personal information to you. However, we will not do so if the portability involves personal data of third parties other than yourself, as the request must be made exclusively by the data subject.
Note: The data considered portable are those provided to us by you, meaning data that may have been generated or supplemented by SEK Group – Security Ecosystem Knowledge and that do not compromise our trade or industrial secrets.
You have the right to request the erasure of your personal data held by SEK Group – Security Ecosystem Knowledge whenever the data is no longer necessary or is excessive for the purposes originally established.
It is important to note that in some situations, the deletion of your personal data may not be possible, such as in cases where data retention is a legal obligation.
In such cases, we will respond to your request with a proper explanation of the reasons that prevent us from deleting or anonymizing your personal data.
You may file a complaint with the National Data Protection Authority or consumer protection agencies. However, we kindly ask that you contact us first in an attempt to resolve your request directly with us.
We have a specialized team in Information Security, as well as in Privacy and Data Protection.
The security of your information is important to us, and for that reason, we have implemented technical and administrative security measures designed to protect personal data from unauthorized access and from accidental or unlawful situations of destruction, loss, alteration, disclosure, or any form of improper or unlawful processing.
From this perspective, we apply technical and organizational measures to safeguard personal data from destruction or loss, unauthorized access, disclosure, dissemination, or alteration by third parties. These measures take into account the risks, structure, scale, volume of operations, and the specific nature of the personal data processed by SEK Group – Security Ecosystem Knowledge.
And remember:
- Unfortunately, no data transmission is 100% secure, but we do our best within our technical and technological capabilities to ensure the privacy and protection of your data in accordance with the best practices recognized in the market.
If you believe your privacy or data has been violated, please contact us immediately through the Privacy Portal or by sending an email.
The personal data we collect and all our data processing activities are carried out in our offices, on our own servers, as well as on external servers—that is, third parties that provide storage services to SEK Group – Security Ecosystem Knowledge.
The retention and storage of your personal data, including your records, will follow the period necessary to fulfill the purposes listed above, as well as to comply with our obligations, such as: when it is necessary to retain your data for matters related to audits and legal and/or regulatory obligations, to resolve legal disputes, and/or to enforce our contracts.
We will share personal information when: (i) there is a legal, regulatory, or judicial obligation; (ii) upon request from our donors or sponsors, always supported by a valid legal basis; (iii) to respond to requests from public authorities; (iv) due to contractual obligations; and (v) with service providers and suppliers who support the execution of our actions and philanthropic projects; (vi) among the organizations that are part of the SEK Group – Security Ecosystem Knowledge ecosystem, provided they have a legitimate interest in processing your information, always respecting your rights and offering you mechanisms to object to the processing of your data, in order to ensure the lawfulness of the operation.
SEK Group – Security Ecosystem Knowledge relies on service providers that carry out personal data processing activities to support the development of our operations. The sharing of personal data occurs only to the extent necessary to enable the provision of contracted services.
Our contracts and partnerships are established with companies we believe to be among the best in their respective fields.
We ensure that your personal information will only be shared through a contractual agreement and always in accordance with this Privacy Notice.
We use cookies, unless you choose to disable them in your browser settings. Cookies are issued, collected, and stored based on your interaction with our website and help us measure usage metrics of our Portal, as well as statistically observe your navigation, with the goal of improving the user browsing experience.
We also use cookies to engage with you according to your browsing habits, in order to present you with advertising that matches your profile.
Congratulations on reaching the end of our Privacy and Personal Data Protection Policy. We designed it with the aim of ensuring maximum transparency with you, using clear and helpful language to support your understanding.
Feel free to contact us and clarify any remaining questions through the following email: [email protected]
Be sure to read this Policy regularly, as we will publish any changes on this page – and of course, significant changes will be notified via email.
Privacy Portal
DPO:
Colombia: Juan Carlos Lara ([email protected])
Brazil: PDK Advogados – Raphael Dutra da Costa Campos ([email protected])
Last update of this Privacy Notice: 09/26/2024
