Privacy Notice for Users

 

1. GOAL

Tecto Data Centers (“Tecto” or “We”) is committed to informing Users (“User” or “You”) of its website (https://tecto.com/pt/) about the Processing of Personal Data collected, used, stored or otherwise processed in the context of the relationship between Tecto and You. This Privacy Notice for Users (“Notice”) aims to provide clear and accurate information to Users of the Tecto website about the Processing of Personal Data carried out by Us.

This document aims to objectively present the characteristics and hypotheses of Processing of your Personal Data. Tecto undertakes to treat Users’ Personal Data with respect to their privacy, complying with privacy and data protection laws, regulations and under the terms of the Brazilian General Law for the Protection of Personal Data – Law No. 13,709/2018 (“LGPD”).

The Notice is in force for an indefinite period and may be reviewed and updated whenever necessary.

2. WHAT DOES TECTO DO? 

Tecto provides data center services in the colocation modality.

The Data Center service in the colocation modality consists of offering a highly secure and structured environment for companies to allocate their own servers and Information Technology (“IT”) equipment, maintaining full control over their data and assets. In this model, the data center does not provide servers, only the physical infrastructure necessary to ensure availability, connectivity, and security.

Among the main resources offered by the provider are redundant power, controlled air conditioning, physical and logical security, in addition to a connectivity network via optical fiber, essential for efficient and secure information traffic. Connectivity is accomplished through cross-connects, which establish physical links between different equipment or organizations within the same data center.

These connections take place in a technical environment called Meet Me Room (MMR) — a controlled room where the provider mirrors the door of the customer’s equipment to another technical room, without ever accessing the data trafficked between the parties. This mirroring transforms the provider into a neutral point of physical interconnection, providing only the medium (the optical fiber), without interfering with operations or content. Content providers and other customers connect in a secure, efficient, and isolated way.

As the number of available physical ports is limited, the provider maintains a rigorous record of all established connections, ensuring traceability, organization and integrity of the interconnections.

Tecto does not have access to the customer’s server data. Teto’s customers continue to own their servers and manage them, while the data center provides the structural support needed for critical operations around the clock.In addition to offering timely protection, proactive defense, and streamlined operations, this model revolutionizes the way businesses handle network and security management. With the support of advanced technologies and automation processes, it is possible to extend the convergence between network and security, including to the edges of the network, benefiting remote and distributed users.

Colocation is therefore a strategic solution for organizations looking for high availability, scalability, and resilience, without the high costs of building and maintaining their own data center. Its model combines the best of both worlds: robust infrastructure with operational autonomy. 

3. DEFINITIONS

Anonymization: data relating to the Data Subject that cannot be identified, considering the use of reasonable technical means available at the time of its Processing.

ANPD: Brazilian data protection authority responsible for ensuring, supervising, and implementing compliance with the provisions of the LGPD in the national territory.

Controller: natural or legal person, under public or private law, who is responsible for decisions regarding the Processing of Personal Data, in accordance with article 5, VI of the LGPD.

Personal Data: information related to an identified or identifiable natural person, in accordance with article 5, I, of the LGPD.

Sensitive Personal Data: Personal Data about racial or ethnic origin, religious conviction, political opinion, union membership or religious, philosophical or political organization, data related to health or sex life, genetic or biometric data, when linked to a natural person, in accordance with article 5, II of the LGPD.

Data: Personal Data and Sensitive Personal Data.

Data Protection Officer (DPO): person appointed by the Controller and Processor to act as a communication channel between the Controller, the Data Subjects and the ANPD.

Purpose: carrying out the Processing for legitimate, specific, explicit and informed purposes to the Data Subject, without the possibility of further Processing in a way that is incompatible with these purposes in accordance with article 6, I of the LGPD.

Processor: natural or legal person, under public or private law, who carries out the Processing of Personal Data on behalf of the Controller.

Data Subject: natural person to whom the Personal Data that is subject to Processing refers, in accordance with article 5, V of the LGPD.

International data transfer: transfer of Personal Data to a foreign country or international organization of which the country is a member, in accordance with article 5, XV of the LGPD.

Processing: any operation carried out with Personal Data, such as those referring to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction, in accordance with article 5, XI of the LGPD.

4. WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?

Tecto, as Controller, will be responsible for making decisions related to the Personal Data processed in the context of the relationship established with You.

5. HOW IS YOUR DATA PROCESSED?

 Your Personal Data may be processed in different ways and for different purposes:

  • Collection. We may collect Personal Data as we relate to the User, either through our digital channels or in other types of service;
  • Storage. After collecting, your data is stored securely in our local databases or cloud services;
  • Processing. We use advanced technology tools to process your information securely and offer products and services; and

Sharing. We may share data with partners, regulatory bodies or internal areas of Tecto, to perform our services or meet legal/regulatory obligations.

6. PERSONAL DATA WE PROCESS AND THEIR PURPOSES

 Tecto needs to process your Personal Data for various purposes such as compliance with a contract, legal or regulatory obligation, and to exercise your rights regularly.

The Personal Data that Tecto processes may include, but is not limited to:

    • Registration data: name, e-mail, position, company, telephone, nationality;
    • Browsing data: IP, system activity, date, time, URL, Internet connection and access logs to Tecto applications, IMEI, Internet browsing history and information, data collected by cookies.
    • Security data: recordings of calls made to Tecto’s Customer Service and Support, geolocation data and others that make it possible to know your location in real time, through latitude and longitude coordinates and a precise radius.

The Personal Data mentioned above is provided directly by the User through access to and browsing our website. There is also the collection of automatic information, made through cookies and related technologies.

The data mentioned above will serve the following purposes:

  • Performance of our Services. We may process the data for the administration and implementation of the contract signed with the User, covering all actions necessary to carry out Tecto’s activities, including, but not limited to, the provision of services, records in systems, monitoring the use of the object of the contract, among others;
  • Communication with the User. The data may be processed to carry out commercial communications and receive contact requests through Contact Us or other service channels;
  • Legal and Regulatory Obligations. We may also process the data to meet legal or regulatory obligations, as well as Tecto’s internal policies and rules;
  • Improve Products and Services. We may also process your data to evaluate the performance of our services and develop new products.

7. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

There is a possibility that Tecto will share your Personal Data with third parties, competent authorities or business partners that are relevant to the performance of the contract. Such sharing will take place based on the criteria and for the purposes described below.

  • Service providers or business partners: We may share your Personal Data with service providers contracted with Tecto or business partners for the following purposes: (a) providing software and systems used by Tecto in the exercise of its functions and/or other information technologies; (b) defense in administrative or judicial proceedings involving Tecto; (c) hiring consultants, advisors, specialists and service providers to assist in Tecto’s attributions related to the User (such as law firms, credit and collection companies, and Market Solutions, marketing, document risk management, information, security and fraud prevention companies, among others); (d) customer service, such as call centers; and (e) administration of contracts with other third parties.
  • Request from competent authority: Tecto may also share your Personal Data with third parties (including government agencies) to respond to investigations, lawsuits, legal process or to investigate, prevent or take action regarding illegal activities, suspected fraud or situations that pose potential threats to the physical safety of any individual, or as required by law.

8. INTERNATIONAL TRANSFER OF PERSONAL DATA

The entire operation and Processing of Personal Data by Tecto is carried out in the national territory and the data is stored in Teto’s Data Center located in Fortaleza/Brazil. In this way, there is no international transfer of your Personal Data. 

9. HOW LONG WILL WE RETAIN YOUR PERSONAL DATA?

We store and maintain your Personal Data: (i) for the period required by law; (ii) until the Processing of Personal Data is concluded, as mentioned below, or (iii) when one of the hypotheses provided for in article 16 of the LGPD is applicable. In this way, we will process your Personal Data, for example, during the applicable limitation periods or as long as it is necessary for compliance with legal or regulatory obligations.

The Processing of Personal Data will be terminated in the following cases:

  • When the purpose for which the Personal Data was collected is achieved and/or the Personal Data collected is no longer necessary or relevant to achieve that purpose;
  • When the User exercises his/her right to request the interruption of the Processing and the deletion of his/her Personal Data and makes such a request;
  • When there is a legal order to that effect.

In these situations where the Processing of Personal Data is terminated, except in the cases of retention and/or storage provided for by applicable legislation or by this Privacy Notice for Users, the Personal Data will be deleted.

10. RIGHTS OF THE DATA SUBJECT IN RELATION TO THE PERSONAL DATA PROCESSED

 The LGPD guarantees certain rights to the Data Subject in relation to their Personal Data, as Data Subjects. These rights include, but are not limited to:

  • Obtain clear and detailed information about the Processing of your Personal Data, including sharing situations;
  • Request access to your Personal Data and/or confirmation of the existence of the Processing;
  • Request correction of any Personal Data that is inaccurate, incomplete, or out of date;
  • Oppose Processing activities, request Anonymization and the deletion of Personal Data that is unnecessary, excessive or that has been processed in violation of the LGPD;
  • Request the portability of your Personal Data;
  • Revoke consent at any time, if Tecto processes your Personal Data based on this consent, and request its deletion;
  • Request information about the public and private entities with which the Controller has shared the Personal Data;
  • Request information about the possibility of not granting consent and the consequences of such refusal; and
  • Request the review of automated decisions that may impact your interests;
  • File a petition regarding your Personal Data with the ANPD.

The Data Subject may exercise these rights by contacting us through the channel available on our website or in this Notice (see item 12). We will do our best to comply with your requests in the shortest possible time, respecting the deadlines established by the LGPD, and we will keep the Data Subject informed of the progress of the request.

To ensure your security and proper handling of Personal Data, we may verify your identity before responding to your requests in a timely manner. We inform you that, in the absence of the necessary evidence to prove your legitimacy as a data subject, the request may be denied.

11. HOW WE PROTECT YOUR DATA

Tecto adopts appropriate technical and organizational measures to protect your Personal Data against unauthorized or illegal Processing, as well as against accidental loss, destruction or damage. Your Personal Data is stored securely on protected devices, which will be accessed by a restricted number of people with legitimate reasons for this access.

Despite our best efforts to protect your privacy and preserve your Personal Data, it is essential that the User is aware that no transmission of information is absolutely secure. Therefore, we cannot guarantee that all information we receive and/or send is free from unauthorized access, which may occur through illicit methods, such as viruses or database invasions. In the event of a breach of the Personal Data under our responsibility, we undertake to apply all necessary efforts to correct and mitigate the consequences of such an incident.

However, the Company’s liability will be limited to direct damages proven to be caused by failures in its security measures, and it will not be liable for indirect damages, loss of profits or any other losses arising from events beyond its reasonable control, such as cyber-attacks, failures of third-party systems or fortuitous and force majeure events.

Furthermore, it is the sole and exclusive responsibility of the Data Subject for the accesses made through their login and registration and must adopt all necessary measures to ensure the security of their access information. The Data Subject undertakes to maintain the confidentiality of their login and password, not disclosing them to third parties, and to immediately inform Tecto of any unauthorized use of their account or any other breach of security of which they are aware. Tecto is not responsible for any damages or losses arising from the improper use of Data Subject’s access credentials.

12. CHANGES TO THIS PRIVACY NOTICE

 Tecto reserves the right to modify this User Privacy Notice at any time by posting the updated version. If there are material changes to this User Privacy Notice, we will notify you of them.

13. DATA PROTECTION OFFICER

If you have any questions or issues involving your Personal Data, please contact the DPO, Maria Cecília Oliveira Gomes, through the Data Protection channel: pp-privacidadevtal@vtal.com.