TOTVS Privacy Policy

TOTVS is a Brazilian company that is expanding its business to the international market. As such, based on Brazil’s General Protection Data Law (Law 13,709/2018) and the Civil Rights Framework for the Internet (Law 12,965/2014), the Privacy Policy of TOTVS Group underlines the company’s commitment to the transparent processing of the Personal Data of Subjects and to security in the services provided.

The GDPL Assistant (on the right side of the screen) assists data subjects in protecting, preserving and respecting their privacy.

Click here to access the TOTVS Privacy Policy.

We follow the best corporate practices and ethical conduct to uphold and improve the compliance of personal data protection processes in order to provide Data Subjects with transparency and clarity in exercising their rights. The GDPL Assistant is our chatbot designed to clarify doubts about the rights of Data Subjects or the opening of tickets for human assistance or when some vulnerability in our process or product is identified.

TOTVS, as the controller of personal data through the GDPL Assistant, offers data subjects the following rights:

  • Confirmation of the existence of processing;
  • Access to data;
  • Correction of incomplete, inaccurate or outdated personal data;
  • Anonymization, blocking or elimination of unnecessary or excessive Personal Data or that which was not processed in compliance with the GDPL;
  • Portability of Personal Data to another service provider or product upon express request from the Data Subject;
  • Gathering of information about public or private entities with which TOTVS Group shares the Personal Data of the Subject;
  • Information about the possibility of the Subject not giving their consent to the processing of Personal Data, as well as being informed about the consequences in such a case;
  • Revocation of consent;
  • Other questions related to data processing and based on applicable law.

Depending on the processing activity, TOTVS Group companies may be classified as:

  • Software vendor, without the responsibility of acting as the Controller or Processor of personal data, the TOTVS Group acts as the partner of customers in their processes of adaptation to the GDPL, implementing methodologies such as Privacy by Design and Privacy by Default in developing their products and services; or
  • controller of personal data, acting with transparency and integrity with the subjects of the data collected; or
  • processor of personal data, complying with contractual guidelines defined by the controllers (TOTVS customers), always based on applicable laws, especially the GDPL.

Depending on the situation, personal data can be used for the following:

  • Sale and customization of your products to customers;
  • Provision of services;
  • Meeting customer requests;
  • Operation and management of websites;
  • Compliance with the rights and obligations related to your staff;
  • Communication and marketing activities;
  • Protecting the rights of subjects;
  • Analysis of statistical data to study how to improve the performance of your products and services, removing the characteristics of sensitive and personal data.

The Personal Data of TOTVERS can be shared to:

  • Meet the legal obligations and uphold the rights of subjects;
  • Meet contractual obligations;
  • Grant benefits.

With regard to customers, the TOTVS Group can share Personal Data to meet: (i) the requests made by the customers themselves; (ii) the legal obligations from a commercial relationship.

The TOTVS Group can also share Personal Data, when authorized and provided it is in compliance with the GDPL, with the following third parties:

  • Service providers;
  • Partners;
  • Government authorities.

The TOTVS Group implements strict measures to guarantee the integrity and security of Personal Data of Subjects by adopting a policy of restricted access to Personal Data.

TOTVS websites may contain links to other websites. If you follow any of these links, note that third parties have their own policies / terms of use not related to TOTVS. TOTVS is not responsible for the policies or terms of use of third parties. We recommend checking the privacy notices of these third parties before sending any personal data to them.

If you have any doubt, contact our Data Subject Services Channel or our Data Protection Officer:

Ronie Teixeira Leite — DPO

[email protected]

If you have any doubt, contact our Data Subject Services Channel or our Data Protection Officer:

Ronie Teixeira Leite — DPO