DATA PRIVACY POLICY

Autodoc Tecnologia is committed to prioritize data security and responsibility, supplying our clients and users with transparency on personal data management that are provided on our platforms.
This Policy explains how Autodoc may collect and manage your personal information, presenting roles of each agent involved in the process of data security and unravelling the purpose of data collecting.
We would like to highlight that all requirements specified on the General Personal Data Protection Law (LGPD) are embodied here.

Roles and Responsabilitities

Know more

When does Autodoc operate as Controller?

Know more

When does Autodoc operate as DPO?

Know more

Communication Channel

Know more
ROLES AND RESPONSABILITITIES

There are three active agents in the cycle of Personal Data life:

Holder
Person whose personal data are registered or collected on our plasform;

Controller
Responsable to input and manage personal datas;

Office (DPO)
Person who performs the processing of personal data on behalf of the Controller.

WHEN DOES AUTODOC OPERATE AS CONTROLLER?

For monitoring and tracking user actions, solution improvement and/or new features delivery, our platform collects a few personal data, such as:​

  • IP Address;
  • Geolocation coordinates (mobile apps);
  • Operational system and browser information.
WHEN DOES AUTODOC OPERATE AS DPO?

Autodoc offers solutions through Saas (Software as a Service) platforms.

We provide access logins so our customers are enabled to input their users and collaborators personal data with the purpose of workflow management only. Understanding that our client as a user is the one to select and input data on our platform, it’s Autodoc responsibility to comply with the guidelines on good practice data processing security. Therefore, regarding data privacy, it’s applied agreement management, traffic/ rest cryptography, verification/authorization, monitoring and tracking.

Personal data collecting and processing are likely to happen for:

Users Administration

To control users’ access on apps we work with:

Name: for clear identification who the user is. This information may be presented on specified reports with the purpose of recognizing who is accountable for the actions taken on the system;
E-mail: for transactions emails regarding notifications linked up with the user’s interests. We also use this information to send notifications about Autodoc products, which the user can disable whenever they find convenient.

Collaborators Administration

Autodoc offers products which, by themselves, use our client’ collaborators’ information to operate, with the purpose of: building site access control, legal/ tax documentation and certified training management. Information is input on the application interface and is available in reports targeted at those who are accountable for this process.

Informations are:

  • Name

  • Birthdate

  • Photo

  • ID Number

  • CPF (social security number)

  • PIS

  • Other personal documents required by the contractore

Guest Administration

Autodoc GD4 offers a guest register function to access our client building sites. This function is a legal imposition to identify every person that enters the building site, acknowledging eventual responsibility verification on site.
Informations are:

  • First and last name

  • ID number

  • Photo

CHANNEL FOR COMMUNICATION WITH THE DPO

In compliance with the guidelines set forth under the General Data Protection Law (LGPD), AutoDoc has appointed the Data Supervisor (Bruno Tavares Fernandes) to lead the service front for Holders of Data and for the National Data Authority.  
Out of respect for the holders, AutoDoc has a specific channel for communications related to their personal data and to clear possible doubts. In this channel, upon request, we will inform which of the holders’ personal data are on our platforms. In that same environment, holders may also revoke prior consents, demand data extractions for service portability, or even request the definitive deletion. On the
AutoDoc Customer Portal, use the “Data Privacy” section to interact with us. 

USE OF COOKIES

Some AutoDoc sites or systems may use cookies. Cookies are small text files that are recorded by the device to store data that our applications will use at a later moment. AutoDoc uses required cookies.

Required Cookies

We use required cookies to perform essential website functions. For example, they are used to log you in, save your language preferences, improve performance, detect screen size, and to improve the user’s experience. These cookies are necessary for our systems to work.
DATA HOLDER RIGHTS
  1. AutoDoc system users always have the right to choose not to disclose their data on our Platforms, with the reservations described with regard to the limitations that this may bring to the systems’ operation. Users will always have the right to privacy and to the protection of their personal data – sensitive according to the LGPD, and we have to guarantee access to awareness concerning such rights.
  2. Set of rights of the holder of the data, according to Brazilian data protection laws:
    • Request for Access to Personal Data – This means that the user may request and get a copy of all their personal data that AutoDoc has on its systems. The holder must make this request with a copy to the controller of his/her data for the request to take effect.
    • Request for the rectification of personal data – this right allows the user to request the correction or rectification of his/her personal data, provided that they do not have the authority to carry out this activity autonomously through the system itself. If the user is not the controller featured in the contract with AutoDoc, the holder must make this request to AutoDoc (data operator) with the consent of the controller of the data. These requests, and the status of the process may be obtained through our Privacy Portal.
    • Right to object to data processing; the holder of the data may object to the processing of the data if he/she believes that his/her fundamental rights and freedoms are being affected. AutoDoc also has the right to contest this reason, since this processing (e-mail sent by marketing) is necessary for the user to become aware of updates, new features, and new AutoDoc policies.
    • Restriction of personal data – this right allows the user to request the suspension of the processing of their personal data. Also in this case, the opening of the request will materialize when the notification of the request is sent to the controller of the data and upon the confirmation of the receipt thereof. It is understood that processing does not have the same scope as storage.
    • Right to an explanation about the purposes for collecting the data – the user may request explanations about the data governance process through the Privacy Portal. Also valid for this process is the sending of the notification previously made to the controller of the data, who is the one who has a contract with AutoDoc.
    • Right to withdraw consent at any time – the user may withdraw his/her consent – opt-out – at any time. The user will be informed that this action will not affect the legality of any data processing carried out prior to the withdrawal of consent. It should also be clear to the user that the same procedure carried out for AutoDoc, which is the data operator, must have been done previously for the controller of the data, a legal entity that has a contract with AutoDoc. And both parties, the Holder of the data and the Controller of the data, must be aware that the services provided by AutoDoc may suffer interruptions due to this action.

To have access to the rights, the Holder of the data must contact AutoDoc through our AutoDoc Customer Portal, make a brief registration and, in the Data Privacy option, make his/her request; our DPO (Data Supervisor) will analyze the request and reply to the Holder.