The protection of privacy and personal data reflects Prony resources values and this Privacy Notice aims to affirm our commitment to security and transparency in the processing of such data, in accordance with the current personal data protection laws
This Privacy Notice aims to detail how the company collects, uses, shares and protects personal data, as well as the available alternatives in relation to the processing of such data.
Prony resources process personal data, which are those that can identify or allow a natural person identifiable.
The company collects personal data to carry out regular activities with users of Prony resources’s services. The list of collected data typically includes: identification data, contact data, financial data, navigation data (cookies, IP address), health data, biometric data and other data that may be needed to perform these services. The list of collected data may vary according to the relationship with the data subject.
More information regarding the use of this data can be found in the specific terms of each service, available on their respective platforms.
Personal data are collected for the performance of services, such as:
In addition to the performance of services, the company collects personal data from its employees, suppliers and contracted parties. The processing of such personal data is regulated through specific documents.
The collection and processing of personal data within Prony resources are carried out to legitimate, explicit and specific purposes. Most of the personal information is provided directly by the data subjects, for one of the following reasons:
More information on the purposes and legal basis for collecting and processing personal data can be found in the specific terms of each service, available on their respective platforms.
The company stores the evidence of opt-in (express) consent, when such consent is considered, by the applicable personal data protection laws, indispensable for the data processing activity. Likewise, if consent is revoked, evidence of such revocation will also be stored.
Prony resources may share personal data with its subsidiaries and suppliers, if necessary, for the provision of our services. For this sharing, rights and duties of the parties are established, aiming to prevent the use of personal data in a different way from that established by the company and / or that violate the applicable data protection laws. It is also required that everyone involved process personal data in a secure and confidential manner, and keep it only for a specified period. These obligations remain even after the end of the relationship between the parties.
In some circumstances, Prony resources may be legally required to share personal data in order to respond to inquiries or investigations.
Prony resources may share personal data with its subsidiaries or with contracted companies with headquarters outside the national territory, subject to local legal requirements. The company shall only carry out a transfer to countries or international organizations that ensures an adequate level of protection related to the transferred personal data or that guarantees the compliance with the principles, rights and data protection regime of the applicable personal data protection laws.
It is possible to use one of the following safeguards: (i) contractual clauses approved by the supervisory authorities, according to the applicable personal data protection laws; or (ii) binding corporate rules.
Data subjects have the following rights related to its personal data, to the extent that such rights are recognized by applicable laws:
It is possible to exercise these rights by contacting us using the form found at the bottom of this page.
Personal data is protected against unauthorized access, illegal processing or disclosure, as well as accidental loss, modification or destruction. This applies regardless of whether such data is processed electronically or on paper.
The company has appropriate technical and organizational measures to protect personal data, such as information classification, data backup and restoration and identity and access management. These measures are based on security analysis and data protection risks.
In the event of deletion of personal data, the process is carried out safely, in line with the appropriate technical measures, in order to ensure that the deleted personal data cannot be recovered.
All personal data collected will be processed and preserved as long as necessary for the fulfillment of the purposes described in the section “What is the purpose of collection and processing of personal data?”.
The data may be kept in our files in compliance with and observance of the deadlines defined in the legal system in question. This justifies, therefore, the retention of personal data in our databases, under the same security and protection mechanisms.