Privacy Policy

Date of update: September 24, 2020.

a. Neogrid Informática, legal entity registered in Brazil, Avenida Santos Dumont, 935, CEP 89223-002, Joinville, Santa Catarina.

b. Neogrid North America Ltd., legal entity registered in the United States of America under number 52-2242825, headquartered at 6750 N. Andrews Avenue, Suite 200, Fort Lauderdale, FL 33309, Florida, USA.

c. Neogrid Netherlands B.V., legal entity registered in the Netherlands under number 3416.6499, headquartered at Science Park 406, 1098 XH Amsterdam;

The purpose of this Privacy Policy is to demonstrate Neogrid's commitment to your privacy and the protection of personal data collected from all visitors and users of the services provided by Neogrid, establishing the rules on processing of data collected from users, within the scope of services and features in accordance with current laws, with transparency and clarity towards users and the market in general.

In order to access and use the features offered in Neogrid environments, the user declares that they have read this Policy completely and attentively, being fully aware, thus granting their free and express agreement with the terms stipulated herein, and granting their free and express agreement for processing of the data mentioned herein, according to the conditions specified below.

SPECIAL NOTE FOR CHILDREN AND ADOLESCENTS UNDER 18 YEARS OLDPlease do not register to access Neogrid Environments if you are under 18 years old.

SPECIAL NOTE TO LEGAL REPRESENTATIVESAlthough we prohibit the registration of children and adolescents under the age of 18, parents must supervise the online activities of their underage children.If Neogrid becomes aware of the existence of data collection from children or adolescents, it will take reasonable steps to eliminate these data.

1. 1. Data Collection and Activity Log

1.1. Neogrid collects personal data in the following ways:

1.1.1. Platform: Data are collected when entered or submitted voluntarily by our user when using the Platform offered by Neogrid, which includes, but is not limited to access, creating a User Account, browsing and contracting / using services. In addition, the Platform will be able to record all activities performed by the user through logs.

1.1.2. Websites and Landing Pages: When inserted or submitted voluntarily by the user when filling out forms available on the pages of our websites or landing pages. Moreover, the website and landing pages can record visitor activity using cookies.

1.1.3. Third Parties: Neogrid receives data through third parties, including data intelligence bureaus and business partners, when the data subject has authorized the sharing of such data or if it has a legitimate interest in using it.

1.2. Personal data we collect through:

1.2.1. Platform Access:

a) Name and surname;

b) Email address;

c) Address;

d) Phone;

1.2.2. Websites, phone calls and Landing Pages:

a) Name and surname;

b) Business email address;

c) Business phone;

d) Company the person works for

e) Position held;

1.3. The user is solely responsible for the accuracy, veracity, or lack thereof in relation to the Data they provide or for these data being outdated. Likewise, it is the user's responsibility to ensure accuracy or keep them up to date.

1.4. Furthermore, Neogrid is not obliged to process or handle any of the user's Data if there are reasons to believe that such processing may imply any violation of any applicable law, or if the user is using the Platform for any purposes that are illegal, unlawful or against morality.

1.5. Data collection on the Platform may include:

a) IP address, logical port of origin of users and geolocation;

b) Actions performed by users on the Platform;

c) Screens accessed by users;

d) Dates and times of each activity performed, as well as user access to the Platform;

e) Data about the device used by the user, in particular: version of the operating system, browser, geolocation and other installed applications, if necessary;

f) Session ID of users, when available;

g) History of operations performed; and,

h) Behaviors identified in interactions with the Platform.

1.6. The Platform and Websites can also leverage technologies such as:

a) Cookies, used to improve the functionality of Neogrid systems, according to the information that is available in the Cookies Policy. The user or visitor can block the use of Cookies through their browser settings, in which case, some Platform features may be limited;

b) Web Beacons to collect user behavior data when accessing pages, where installation of files on the equipment may not be necessary;

c) Beacons that emit signals, using Bluetooth Low Energy (BLE) technology, which can be captured by technological resources that allow the interaction between the user and a technological resource;

d) Other technologies for obtaining browsing data by the user (API analytics).

1.7. All the technologies used will always respect current legislation and the terms of this Policy.

1.8. It is important to highlight that, once on the Platform or Websites, the user may be taken, via link, content or services, to other portals or platforms that are not Neogrid's property and that may collect their information and have their own Privacy Policy.

1.8.1. It is the user's responsibility to read the Privacy Policy of such platforms outside the Neogrid environment, and it is the user's responsibility to accept or reject it. Neogrid is not responsible for the Privacy Policy or content of any websites, content or services located outside of the Neogrid Websites and Platform.

2. Data Usage

2.1. The data collected from Neogrid users and activity logs can be used for the following purposes:

a) Identify and authenticate them properly, in addition to processing transactions in the User Account;

b) Engage buyers to contact suppliers to request quotes and other information (delivery time, available quantity, quality information, among others) about the products they intend to buy;

c) For the supplier to receive e-mail notifications and enable them to respond to buyers through the Neogrid system;

d) Manage system functions, provide services and fulfill obligations arising from the use of Neogrid services;

e) Provide user support, including answers to questions about the platform;

f) Optimize and improve the user experience;

g) Conduct statistics, studies, surveys and research relevant to user behavior activities when using the platform;

h) Promote Neogrid's products and services, as well as the following Neogrid companies: Neogrid Netherlands BV (Amsterdam - Netherlands), Neogrid North America LLC (Fort Lauderdale Office - Delaware LLC - USA), and its commercial and technological partners.

i) Inform users about news, resources, content and other events relevant to maintaining the relationship with our users;

j) Send communications³ to Neogrid's customers and prospects, as well as other third parties, about: (i) marketing and advertising campaigns for Neogrid's products and services; (iii) content promotion; (iv) invitations to virtual and on-site events; (v) contacting potential customers and partners, among others.

k) To safeguard Neogrid's rights and obligations related to the use of the platform, as evidence in cases of illegal acts or acts contrary to this Privacy Policy or any other legal document provided by Neogrid; in the event of undue changes in its systems and records or actions that could put the platform and its users at risk; and

l) To enrich the Neogrid database and prevent fraud.

2.1.1. It should be noted that all marketing emails sent by Neogrid have a link to unsubscribe if the recipient does not wish to receive any more messages of this type.

2.2. User consent regarding data usage:

2.2.1. Consent for data usage purposes will be collected individually, and the user is not required to grant consent to any of them.

2.2.1.1. If the user does not grant their consent for the purposes causally linked to the provision of services by Neogrid, the services will not be provided to them.

2.2.1.2. If the user does not grant consent for optional purposes, the provision of services by Neogrid will continue to be made regularly.

2.2.2. The user of the Platform may change their consent grants by opening a ticket to Neogrid Support, being able to grant new permissions or withdraw their consent for the current permissions, being warned of the consequences that the withdrawal of consent may cause.

2.3. The collected data and recorded activities may also be shared:

2.3.1. With relevant judicial, administrative or government authorities, whenever there is a request, requisition or court order;

2.3.2. Automatically in case of corporate movements, such as merger, acquisition and incorporation;

2.3.3. Automatically with the companies that provide services to Neogrid necessary for the activities developed by it, carrying out the processing of personal data according to Neogrid instructions and for the respective purposes, among which stand out:

a) Hosting Service Providers - Data Center services for colocation and/or hosting services;

b) Software as a Service - used for data processing for internal management;

c) Software and Hardware Maintenance Suppliers - for replacement and maintenance of defective parts, as well as for software updates;

d) Telecommunications Services - data link and Internet connectivity;

e) Consulting (information technology, legal, administrative, accounting, human resources) - for operational management and internal procedures;

f) Advertising agencies - to send Neogrid newsletters and advertisements;

g) Telephone and cellular services - for communication with customers and prospects;

h) Postal services and carriers - to send Neogrid newsletters and advertisements;

i) Financial and insurance services (banks, brokers) - to process payments and implement insurance;

j) Travel agencies - to organize trips to serve customers and prospects;

k) Event management - organizers to communicate with customers and prospects;

l) Marketing platforms - to communicate with customers and prospects;

m) Business Partners - for service provision and data processing.

2.3.4. If these external companies have access to personal data, Neogrid guarantees that the respective parties have previously signed data processing and confidentiality agreements with Neogrid to comply with applicable data protection legislation.

2.3.5. These service providers may be located in the European Union, Brazil, Asia and the United States, and international data transfers must be made in accordance with section 6 (International Data Transfers).

2.4. Neogrid is solely responsible for the database established by the data collection of its platform.

2.5. The use, access and sharing of data from the Neogrid database will only occur within the limits and purposes of the business described in this Policy.

2.5.1. However, considering that no security system is fail-safe, Neogrid disclaims any liability for any damages and/or losses arising from failures, viruses or invasions of the Neogrid database, except in cases where there is intention or fault.

2.6. Neogrid may also share data from its database with the authorities whenever legally required.

2.7. The user is responsible for the confidentiality of their personal data. Sharing passwords and login details violates this privacy policy and the terms and conditions for use of our platform.

2.8. It is very important that the user protects their Data and understands that Neogrid will never send electronic messages requesting confirmation of data or with attachments that can be executed (extensions: .exe, .com, among others) or links to any downloads.

2.9. Internally, access to user data is restricted only to authorized Neogrid employees, respecting the principles of proportionality, necessity and relevance to the objectives of our business, in addition to the commitment to confidentiality and preservation of user privacy under the terms of this Policy.

2.10. To optimize and improve communication, when Neogrid sends an email to the user, we can receive a notification when they are opened, as long as this possibility is available. It is important for the user to be aware, as emails are sent only through the domains: neogrid.com.

3. Data Storage

3.1. User data collected by Neogrid will be stored for the duration of the relationship with the user and while there is no request for exclusion or revocation of consent, under the terms of article 9, item II, of the Brazilian General Personal Data Protection Act. Neogrid may keep the user data history for a longer period in the cases in which the applicable law or standard establishes, as in the case of a period of 6 (six) months for digitally identifiable data, pursuant to article 15 of the Brazilian Civil Rights Framework for the Internet, and 03 (three) years for other data, based on Article 206, § 3, item V, of the Brazilian Civil Code. This period may differ according to specific customer requirements.

3.1.1. Anonymized data are not subject to the storage periods described above, pursuant to Article 12 of the Brazilian LGPD.

3.2. The data collected from users will be stored in SaaS data centers or on-premises infrastructure. The datacenters can be third-party infrastructure, cloud (Cloud Computing) located in the United States or in any other location where Neogrid and/or the Customer has operations.

4. What the User Rights Are and How to Exercise Them

4.1. The data subject can request the viewing or modification of personal information through their accounts or support tools provided by Neogrid or by contacting our Data Protection Department, and may also request:

(i) Limiting the use of their Personal Data;

(ii) Expressing their opposition and/or revoking consent regarding the use of their Personal Data; or

(iii) Requesting the deletion of their Personal Data that has been collected by Neogrid.

4.2. Once the contract between the user and Neogrid ends, all accounts are canceled, and access is revoked.

4.3. If the user removes their consent for purposes that are essential to the proper operation of the Platform, the platform's features and services may be unavailable to the user.

4.4. After the maintenance period and the legal requirements are over, personal data will be deleted using secure disposal methods, or used anonymously for statistical purposes.

Questions or requests regarding privacy can be directed to the current Neogrid Data Protection Officer, Leandro Fabricio Dix, by e-mail dpo@neogrid.com or by the address below:

GDPR - RGeneral Data Protection Regulation (2016/679) Neogrid Netherlands B.V.
Neogrid Netherlands B.V.
Science Park 406, 1098 XH Amsterdam, Netherlands.

LGPD - Brazilian General Personal Data Protection Act (13709/2018)
Neogrid Informática Ltda
Av. Santos Dumont, 935, 4° Andar, CEP 89223-002, Joinville, Santa Catarina, Brasil.

5. Data Recipients

5.1. Your personal data will be processed by Neogrid professionals in the respective departments that need access to personal data:

a) Contact details: any departments that may be involved in processing your request;

b) Comments data: marketing or the respective product departments responsible for the operation of blogs or discussion forums;

c) Job application data: HR and the departments responsible for the job that you applied;

d) Direct marketing data: marketing and sales departments responsible for your region;

e) Usage data and browser data: marketing and IT departments responsible for the operation of the respective sites.

5.2. Neogrid is a corporation with global operations. To ensure that your request is processed, it may be necessary to forward your data to local subsidiaries or local distribution partners, whose registered office may also be located in other countries (see section 6). However, these data transfers occur only within Neogrid Group companies, and the legality of the data export will be based on the placements of the competent data protection authorities.

5.3. Moreover, we do not forward your data to third parties unless we are required to do so under contractual obligations, EU statutory provisions or the order of any judicial authority or other national or EU public authorities or if you have expressly requested data portability or gave your consent for that purpose. Your personal data will not be sold, rented, or exchanged.

6. International Data Transfers

6.1. The recipients of your personal data may be located outside Brazil, the European Union, or the European Economic Area, where data protection laws may not be equivalent to the data protection laws from Brazil and the European Union. In such cases, the recipient will be asked to adopt measures to protect your data.

6.2. We will take all necessary measures to ensure that transfers to such organizations are adequately protected in accordance with applicable data protection legislation, for example, signing an agreement with data recipients including standard contractual clauses stipulated by the National Data Protection Agency (“ANPD” ) or the EU Commission. You can request a copy of these relevant safeguards by contacting our Data Protection Department at: dpo@neogrid.com

6.3. If data transfer is required to official authorities in countries outside Brazil or the European Union or European Economic Area (so-called third-party countries) from other countries, and if not required by law, by consenting to this Privacy Policy, you gave us your express consent for the international data transfer to take place.

7. General Provisions

7.1. The Platform does not use any type of decision solely automated, based on personal data, that impacts the user.

7.2. Neogrid may change the content of this Privacy Policy at any time, according to the purpose or need, such as for the adequacy and legal compliance of a standard or law provision that has equivalent legal force, and it is up to our user to check it whenever accessing the Neogrid Platform.

7.2.1. In the event of significant updates to this document that require gathering new consent, Neogrid will notify the user through the tools available on the platform and/or available support tools or by the contact email provided by the user.

7.3. If you have questions about this Privacy Policy, please contact Neogrid through the service channel https://neogrid.com/en/contact/privacy.

7.4. If outsourced companies process any data collected by Neogrid, they must comply with the conditions stipulated herein and Neogrid's Information Security rules.

7.5. If any provision of this Privacy Policy is considered unenforceable by the data or judicial authority, the other conditions will remain in full force and effect.

7.6. The user acknowledges that all communication conducted by e-mail (to the addresses informed in their registration), SMS, instant communication applications or any other virtual and digital form, are also valid, effective and sufficient for the disclosure of any matter that concerns the services provided by Neogrid, as well as the conditions of their provision or any other matter addressed therein, subject to the expressed provisions set forth in this Privacy Policy.

8. Glossary

8.1. For the purposes of this document, the following definitions and descriptions should be considered for better understanding:

Anonymization: Use of reasonable technical means available at the time of Processing, which do not allow the possibility of associating data, directly or indirectly, to an individual.

Beacons: These are small devices that use Bluetooth Low Energy (BLE) technology, which emit signals that can be picked up by technological resources, enabling interaction between the user and the technological resource. Web Beacons are programs that have the purpose of monitoring a user's navigation on a web page.

Cloud Computing: It is a service virtualization technology built from the interconnection of more than one server through a common information network (e.g. the Internet), in order to reduce costs and increase the availability of sustained services.

Cookies: Files sent by the Platform's server to the user's computer, with the purpose of identifying the computer and obtaining access data, such as browsed pages or links accessed, thus allowing customization of user navigation on the Platform, according to their profile.

User Account: A user's credential that may be required to use or access a restricted area and exclusive features of the Platform offered by Neogrid.

Data: Any information entered, processed, or transmitted through Neogrid Environments.

Personal Data: Data related to the identified or identifiable individual.

Solely automated decisions: These are decisions that affect a user and that have been programmed to function automatically, without the need for human operation, based on automated processing of personal data.

Data Protection Officer (DPO): Person appointed by Us to act as a communication channel between the controller, data owners and data protection authorities.

IP: Abbreviation for Internet Protocol. It is the alphanumeric set that identifies users' devices on the Internet.

Landing Pages: Web pages containing forms that the visitor can fill out to access the content of materials such as e-books and special offers.

Logs: Records of user activities performed on the Platform.

Platform: Neogrid's virtual environment for connection between buyers (legal entities) and suppliers (legal entities).

Session ID: Identification of the user's session in the service purchasing process or when access to the restricted area is completed.

Users: People who access or interact with the activities offered by the Neogrid Platform and websites.

Processing: Any operation performed with Personal Data, such as those relating to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, handling, filing, storage, elimination, evaluation or control of information, modification, communication , transfer, diffusion or extraction.

9. Applicable Law and Jurisdiction

9.1. This Privacy Policy will be governed and interpreted according to Brazilian law, in Portuguese language, and the jurisdiction of the user's residence is hereby elected to settle any dispute or controversy involving this document, unless specific proviso of personal, territorial or functional competence by the applicable legislation.

9.1.1. If the user does not have an address in Brazil, they state they are aware that, when making use of the features of Neogrid environments, they will be submitted to Brazilian legislation, agreeing, therefore, that in the event of a dispute to be resolved, the jurisdiction of the city of Joinville/SC will be used.

Thank you for your attention, and welcome to Neogrid!