Privacy Policy

What is the purpose of processing collected data?

META is a company focused on agile technological solutions that simplify processes and deliver real value to organizations. We work to evolve your business quickly, consistently, and in line with the increasingly rapid changes of our time.

We are committed to privacy and the protection of the information we handle. We also understand your concern for your personal data and how it is used.

To this end, we request that you carefully read this Privacy Policy, which will explain what personal data will be collected through our website, the reasons for its collection, and how we will use it.

Our Privacy Policy aims to reinforce our commitment to society, ensuring that your interactions with our website align with Brazil’s General Data Protection Law (LGPD).

Who collects and processes the data?

Our website collects personal data through cookies and form fields requested in the “Contact,” “Talents,” or “Compliance” portals.

The collection of data entered on the site is carried out directly by META via a WordPress plugin, which automatically redirects a message to the communication channels. META manages the portal, compiles the information, and transfers it to the responsible departments. META may also perform other processing tasks, such as classification, data extraction, and filtering within the system.

META is not authorized to perform any processing beyond what is indicated.

What data is collected?

When you access our webpage, additional personal information such as your name, email, phone number, and date of birth may be collected if you voluntarily provide it with your consent, for example, when filling out a “Contact” form as part of a registration process.

For registration in our “Talents” portal, we collect the following data: personal information required to apply for our positions, including email, full address, and phone number, as well as other information pertinent to your professional career.

In our “Compliance” portal, if you choose to submit an identified report, we will collect the following data: name, email, phone number, date of birth, and your relationship with META. Additionally, in the description of the facts, we may collect other data, including sensitive data, if you freely provide it.

We also use unique identifier cookies to provide users with a personalized and secure experience, enabling META to access information such as access device characteristics, browser details, IP address (with date and time), IP origin, click information, pages accessed, or any search terms entered on the site or related to it. These details will be further explained in the cookies section.

This data will not be used by META for other purposes.

Sensitive data will be collected in the “Compliance” reporting channel only if you provide it voluntarily and in an identified manner.

Pourpose of Processing Collected Data

META collects and processes your personal data for the following purposes:

• To optimize your experience on our portals through cookies.
• To identify, manage, monitor, and respond to your requests via the “Contact” and “Talents” channels.
• To authenticate the identity of the contact made by phone, electronic means, or other methods.
• For direct marketing purposes (newsletters) with information about new products, services, projects, events, and/or institutional updates.
• To identify, monitor, manage, and investigate reports submitted through our “Compliance” portal.

META will always process your personal data in accordance with applicable legal bases.

For interactions via the “Contact” and “Talents” channels, data processing occurs with the consent of the data subject. META does not process the data of children (under 12 years old) in these portals.

For identified reports submitted through our “Compliance” portal, the processing of personal data, including sensitive data, is based on legal obligations related to anti-corruption laws, as outlined in Law No. 12.486/2013. If a report involves data from children (under 12 years old), parental or guardian consent will be requested.

Collected information will be stored as long as it is necessary for its intended purpose or as required by law.

About Cookies

Cookies are small files that store information related to your device and usage when visiting our web portal. Cookies help determine how frequently our website is visited, the number of users, and assist in marketing configurations to ensure relevance and efficiency.

META uses the following types of cookies to enhance navigation, analyze website traffic, and personalize content and advertisements:

• Strictly Necessary Cookies: Essential for navigating the website and using its features. Without these, requested services cannot be provided.
• Performance/Statistics Cookies: Collect anonymous information about how visitors use the website, such as the most frequently accessed pages. This data is aggregated and used solely to improve website functionality.
• Functionality/Preferences Cookies: Allow the website to remember user preferences and provide enhanced and personalized features. These cookies may store anonymized information and cannot track your browsing activity on other websites.
• Advertising/Marketing Cookies: Deliver more relevant ads based on your interests, limit ad frequency, and help measure ad campaign effectiveness. These cookies are usually placed by advertising networks with the website operator’s permission.

User consent for cookies is recorded and documented via the Cookiebot tool, which logs the user’s anonymized IP address, browser user agent, website URL, consent date and time, and a unique encrypted key stored in Cybot’s cloud provider data center, Microsoft Ireland Operations Ltd in Dublin, Ireland.

After 12 months, user consent is automatically deleted by the registry tool and used only in an aggregated and anonymous manner as part of META’s statistics.

If you wish to object to cookie processing, you can configure your preferences directly in your browser. Detailed instructions can be found through the following links, or consult the browser developer’s website for more information:

• Chrome
• Mozilla
• Internet Explorer
• Edge
• Opera
• Safari

Alternatively, you can use your browser’s anonymous/private mode. Links for instructions are available above.

Please note that the use of cookies allows us to provide a better experience on our website. If you block cookies, we cannot guarantee the proper functioning of all features, and some tabs may become inaccessible or work incorrectly.

It is also important to clarify that META is not responsible for the use of cookies by third parties. Be aware that third-party cookies may continue to monitor your online activities even after you leave our website. It is recommended to regularly clear your browsing history.

• Chrome
• Mozilla
• Internet Explorer
• Edge
• Opera
• Safari

Remember that the use of cookies allows us to provide you with a better experience on our website.
If you block cookies on our site, we cannot guarantee the proper functioning of all features, and you may be unable to access certain tabs. Additionally, some functions and pages may not operate as expected.

It is important to clarify that META is not responsible for the use of cookies by third parties. Be aware that third-party cookies may continue to monitor your online activities even after leaving our site, so it is recommended to regularly clear your browsing history.

META’s Legitimate Interest

We will use this legal basis when no less intrusive method exists to process your personal data, always respecting the legitimate expectations of the user, fundamental rights, and freedoms. You may object to this processing at any time, as described in the “Rights of Data Subjects” section.

How do we protect your personal data?

META makes every possible effort to ensure the protection of your personal data.

We have implemented best practices and governance rules to prevent any unlawful treatment of personal data, mitigating risks such as misuse, interference, loss, unauthorized access, modification, or disclosure of stored information.

Our measures include implementing access controls for IT environments, as well as encrypting, pseudonymizing, and anonymizing personal data whenever possible.

Access to your personal data is restricted to our employees and agents who need it for their work, and is subject to strict contractual confidentiality obligations when processed by third parties.

Who is Responsible?

For any questions regarding the processing of your personal data, please contact our DPO:

Jefferson Cardoso
Email: [email protected]
Address: Avenida Theodomiro Porto da Fonseca, 3101, Prédio 8, Bairro Cristo Rei, CEP: 93022-715
Phone: +55 (51) 4007-1320 (Option 6)

Rights of data subjects

You have the right to contest the processing of your personal data at any time. To exercise your rights, contact us through the “Request Your Data” channel or reach out to our DPO.

Under applicable legislation, data subjects may request the following:

1. Confirmation of data processing.
   II. Access to data.
   III. Correction of incomplete, inaccurate, or outdated data.
   IV. Anonymization, blocking, or deletion of unnecessary, excessive, or non-compliant data.
   V. Portability of data to another service or product provider upon express request, as regulated by the national authority, respecting trade and industrial secrets.
   VI. Deletion of personal data processed with consent, except in cases provided for by the LGPD.
   VII. Information about public and private entities with which the controller has shared data.
   VIII. Information about the possibility of not providing consent and the consequences of refusal.
   IX. Revocation of consent as provided by the LGPD.

If a request for deletion/elimination is made, we may choose to anonymize personal data instead, for control and demand classification purposes.

We emphasize that some data may be retained and/or processed even in cases of deletion requests, objections, blocking, or anonymization, in certain circumstances such as compliance with legal, contractual, and regulatory obligations, safeguarding and exercising META’s regular rights, and prevention of illegal acts, including legal, administrative, and arbitration proceedings, among other cases provided by law.

Note on website use by children under 12 years old

META does not collect or process personal data from children through the “Contact” or “Talents” sections of its site. If children under 12 attempt to interact with these channels, their data will be discarded without storage.

For cases involving reports in the “Compliance” portal that include data related to children, we will request consent from a parent or legal guardian, in compliance with LGPD Article 14, §1º.

We advise children under 12 not to browse or interact with our portal.

Changes to the Privacy Policy

This Privacy Policy may be subject to revisions and updates. Therefore, we recommend that you periodically visit this page to stay informed about any modifications. If relevant changes requiring new consent are made, we will publish the updates and request your consent again.

For any questions, please contact our Data Protection Officer (DPO)

For more information on the legislation:

http://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/L13709.htm

Glossary

Personal Data
According to the law, personal data refers to “information related to an identified or identifiable natural person.” This includes anything that can directly or indirectly identify a person, such as name, document numbers, photographs, biometric records, etc., or indirectly, data that can be cross-referenced to infer information, such as a corporate email or an IP address.

Anonymized Data
These are data related to a subject without direct identification, considering the technical means available at the time of processing. Typically, these data are used for research and public policies.

Sensitive Data
This refers to personal data concerning racial or ethnic origin, religious beliefs, political opinions, union membership or affiliation with organizations of a religious, philosophical, or political nature, data related to health or sexual life, and genetic or biometric data when linked to a natural person.

Data on Children and Adolescents
The processing of data on children and adolescents requires special care and can only be carried out with the specific consent of a parent or legal guardian.

Data Protection Officer (DPO)
The individual designated by the controller to act as a communication channel between the controller, the data subjects, and the National Data Protection Authority (ANPD).

Data Subject
The data subject under the law is always a natural person: “an individual to whom the personal data being processed pertains.”

Personal Data Processing
Processing is the term used in the law as an umbrella for a variety of procedures involving data. Examples of processing actions include: collection, production, receipt, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, evaluation, control, modification, communication, transfer, dissemination, or extraction.