Adiq Logo
Hero title

privacy policy

Discover our Privacy Policy.


last updated on

  • october, 2023
  • privacy policy

    objective


    This document aims to inform, in a clear and complete manner, about any Processing of Personal Data of customers, employees, third parties, service providers, suppliers and partners (“Holders”), which may be shared with ADIQ. This policy will establish the applicable rules on the collection, recording, storage, use, sharing, and elimination of data, in accordance with applicable good practices, regulations and legislation in force.

    term of accept


    By using and contracting our Products and Services, you are accepting and agreeing to all the terms and conditions set out in force on the date of acceptance. We warn that these Terms and Conditions of Use may be modified at any time by Adiq, due to changes in legislation or in the Services, due to the use of new technological tools or, also, whenever, at Adiq's sole discretion, such changes if necessary.

    By accepting the Terms and Conditions of Use, you declare that you are over 18 (eighteen) years old and capable of understanding the content of these Terms and Conditions of Use, as well as, to contract and use the Products and Services offered by Adiq. The use and contracting of online Products and Services by you, made available by Adiq, will imply express acceptance of these Terms and Conditions of Use. If you disagree or do not meet the requirements set out in these Terms and Conditions of Use, you must, at any time, terminate access, do not accept these terms and conditions or request Adiq to terminate any contracted Product or Service.

    access to restricted content


    Some of our Sites and Applications have an open content and restricted content area. To access restricted content, the User may be required to register by providing some personal information to create a login and password.

    Please ensure that the information provided is correct, as you are responsible for its veracity. If there is any inconsistency, this may impact your access to the Website or Application.

    application


    This Privacy Policy (“Policy”) applies to all services provided by ADIQ INSTITUAÇÃO DE PAGAMENTO S/A, a legal entity governed by private law, registered with the CNPJ under nº 20.520.298/0001-78, located at Alameda Vicente Pinzon, No. 51, 12th floor, Vila Olímpia, São Paulo, SP., CEP: 04547-130, (“ADIQ”), due to the HOLDER’s use of the Services provided by ADIQ.

    glossary


    Without prejudice to other definitions contained in this Policy or in the respective service provision contracts, words and expressions used with the first letter capitalized will have the following definitions:


    • "Register": internal record carried out by ADIQ of identifying data and other information necessary to make the Services available to the HOLDER.

    • “Service Agreement”: contract that regulates the rules, conditions and limits of the Services provided by ADIQ to the HOLDER.

    • “Anonymized Data”: data relating to the HOLDER that cannot be identified, considering the use of reasonable technical means available at the time of processing the data.

    • “Technical Usage Data”: information that ADIQ may process due to the use of a cell phone, computer or other device that the HOLDER uses to access the Platform and/or other Services provided by ADIQ. Technical Usage Data shows technical information about the Services provided by ADIQ, including the IP (Internet Protocol) address, statistics on how pages are loaded or viewed, the websites that the HOLDER has visited and navigation information collected through Cookies or similar technology.

    • "Personal data": information related to the HOLDER as a natural person, including a representative of a legal entity, identified or identifiable. They may include name, self-portrait, address, telephone number, email, date of birth, mother's full name, number or copy of official documents (for example, ID, CNH, CPF, CNPJ, among others). HOLDER

    • “Device Information”: data that can be automatically collected from any device used to access the Platform. This information may include, but is not limited to, device type, device network connections, device name, device IP address, device browser information, internet connection used to access the Platform. For mobile devices information may include, but is not limited to, IMEI, serial number, device model, operating system version, carrier.

    • “Applicable Legislation”: all applicable legislation on information security, privacy and data protection, including, but not limited to, Law No. 13,709/2018 - General Law for the Protection of Personal Data, Law No. 12,965/2014 - Marco Civil da Internet, Law No. 8,078/1990 - Consumer Protection Code, Complementary Law No. 166/2019 - Positive Registration Law, Law No. 12,527/2011 - Access to Information Law, Decree No. 7,962/2013 - Electronic Commerce Decree and other laws and standards applicable to the Payment System.

    • "Geographic location": information that identifies the HOLDER's location using, for example, latitude and longitude coordinates obtained by GPS, Wi-Fi or cellular location triangulation. The Platform may request permission to share the HOLDER's current location. If the HOLDER does not agree to the collection of Geographic Location information, the Services may not function properly.

    • “Service Providers”: eventual service providers, whose system is integrated with ADIQ to enable the execution of Services.

    • "Services": services provided by ADIQ to the HOLDER, in accordance with the conditions set out in the Services Contract.

    • “Payment Systems”: payment system provided by ADIQ for capturing, processing and settling Payment Transactions.

    • “Payment Transaction”: operation in which the HOLDER makes or receives payments through the payment instruments available in the contracted Services.

    • "Treatment": any operation carried out with the HOLDER's Personal Data and/or Sensitive Data, due to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information , modification, communication, transfer, diffusion or extraction.

    • "Holder": legal entity or natural person (including representatives, agents or agents authorized to carry out Payment Transactions) that provides their Personal Data to take the Services provided by ADIQ.

    responsibilities


    This Policy aims to demonstrate ADIQ’s commitment to:


    • Ensure the privacy and protection of Holders’ personal data, which are processed by ADIQ;

    • Inform the adopted guidelines that ensure comprehensive compliance with good practices, regulations and laws relating to the protection of personal data;

    • Promote transparency about the way in which ADIQ processes personal data.

    • Inform protective measures in relation to the risk of security incidents involving personal data.

    guidelines


    Any and all processing of personal data carried out by ADIQ is subject to this Policy.

    processing of personal data by Adiq


    • The processing of personal data by ADIQ may occur as necessary for the provision of services and/or development of partnerships and/or management of employees.

    • In the Processing of Personal Data, in accordance with applicable legislation and legal bases, the strict principles of purpose, adequacy, necessity, free access, data quality, transparency, security, prevention, non-discrimination, responsibility and accountability will be observed, any processing of personal data will be based on an appropriate legal basis.


    • The use of ADIQ applications and/or websites may result in the need for ADIQ to collect information from the device and geographic location of the HOLDER, aiming to ensure the security of the availability of ADIQ services. ADIQ can only make services available with informed collections; where the need for consent applies, the HOLDER will be notified and may consent to take the services; or refuse due to limited functionality of the services provided and/or the impossibility of using the services.

    purpose of treatment


    • Comply with regulatory or legal obligations

    • Exercise the right of defense in judicial, administrative or arbitration proceedings;

    • ADIQ Internal Policies or in accordance with sectoral regulations;

    • Comply with decisions and requests from administrative or judicial authorities;

    • Perform actions due to pre-contractual relationships, or during the contracting period (product life cycle) or post-contracting (retention, collection, etc.);

    • Analyze profile for granting credit, Know Your Customer (KYC) or risk management, in accordance with ADIQ's Internal Policies or in accordance with sectoral regulations;

    • Handle complaints, queries and requests (Customer Service, SAC, Ombudsman) and provide support to the holder;

    • Carry out product/service satisfaction surveys;

    • Carry out audits;

    • Analyze data to improve usability, experience and interactivity when using our portals, websites and applications;

    • Offer and/or provide recommendations that are more assertive to your needs or interests, including through marketing campaigns or simulations carried out;

    • Carry out communication and relationship marketing research to improve our products and services;

    • Promote campaigns, incentives, sponsorships and events;

    • Use cookies, in accordance with this Policy;

    • Carry out maintenance and registration updates;

    • Compliance with contracts, which require the processing and sharing of data with public bodies, third-party companies, Financial Institutions, Payment Institutions, external entities and companies in the Adiq group;

    • Verify your identity;

    • Identify and prevent possible security threats;

    • Behavioral/transactional analysis for the purpose of identifying and preventing fraud situations and security threats;


    as for the origin of the data, Adiq obtains it:

    a) Directly from the Holder when contracting Products and Services from this payment institution or in simulations at the proposal stage; or

    b) From legitimate external sources, with due legal or contractual basis; or

    c) Due to possible sharing of data previously authorized by the holder to Adiq or

    d) In the Open Banking scenario, with the consent of the data subject, other Financial Institutions.

    communication


    ADIQ may use a variety of means of communication with the HOLDER to inform about the Services and/or product offers and/or new services, namely via email, via WhatsApp, via the Platform, among others, all means of communication will be used in accordance with the privacy rules stipulated in this Policy.

    THE HOLDER may choose not to receive newsletters, promotional and marketing materials, upon express request to ADIQ through official company channels.

    ADIQ may use third-party services to carry out communications with Customers on its behalf. However, if the HOLDER receives such communications that he believes were not sent by ADIQ, he must refrain from taking any action and immediately contact ADIQ through official channels to confirm the veracity of the communication.

    sharing personal data with third parties


    Access by third parties to information collected by ADIQ is provided exclusively to meet the purposes stated in this Policy and within the limit necessary to carry out activities related to the course of its business, and may be carried out, including, but not limited to, with:

    • Establishers of payment arrangements and members of such arrangements;

    • Electronic funds transfer networks;

    • Clearing and settlement banks;

    • Service providers that perform commercial and/or information processing operations for ADIQ;

    • Partners of the Marketing Superintendence;

    • Independent auditors;

    • Collection agencies, credit protection services and the like;

    • Competent regulatory bodies.


    ADIQ requires all third parties to maintain the confidentiality of information and to comply with all obligations contained in this Policy shared with them or to which they have access due to the exercise of their activity, as well as to use such information exclusively for the purposes expressly permitted.

    international data transfer


    In order to meet better standards of security and protection of Personal Data, as well as to enable the use of our Solutions and Platforms, international transfer of your Personal Data may occur. We can use Partners located abroad who offer highly available technical infrastructure or even international payment arrangements, for example. There will only be an international transfer of Personal Data if the transfer is necessary to carry out the activities whose purposes were mentioned in this Privacy Notice.

    In this case, we will require that the transfer takes place in accordance with the requirements set out in national legislation, as well as that the processing of Personal Data is restricted to the purposes described in this Privacy Notice, always observing the principles, rights of the Holder and the protection regime of Personal Data provided for in the Regulations.

    period of storage of personal data


    Personal Data will be processed for the time necessary to carry out our activities, observing the need and relevance for achieving the purposes of the Processing, the security measures provided for in our Policies and, whenever applicable, the provisions provided for in the Contract and/or in Standards.

    security and confidentiality of personal data


    We work to implement security measures that protect our systems and Personal Data bases in accordance with international standards and norms such as PCI-DSS and ABNT NBR ISO/IEC 27001, making our efforts to protect Solutions and Platforms against attempts to violations or improper access to your Data.

    • ADIQ has strict access control, encryption of Personal Data and other Services when applicable, prevention and detection of intrusion and unauthorized access, prevention of information leaks, periodic testing and scanning to detect vulnerabilities, protection against software malicious software, traceability mechanisms, access controls and segmentation of the computer network, maintenance of backup copies of Personal Data, among others;

    • ADIQ will undertake measures so that employees, third parties or partners who process personal data commit to maintaining the absolute confidentiality of the information accessed, as well as adopting the best practices for handling this information, as determined in internal policies and standards;

    • ADIQ's obligations to ensure adequate processing of the HOLDER's Personal Data do not exclude the HOLDER's obligation to carry out and maintain adequate custody of their data;

    • ADIQ is not responsible for Personal Data that the HOLDER shares with third parties, and the HOLDER must take the necessary security measures to protect their Personal Data.

    • The HOLDER must not use unauthorized applications to access the Services provided by ADIQ, and if so, any Personal Data processed by a third-party application or accessed by a third-party application will be the exclusive responsibility of the HOLDER to the third party.

    • In case of suspicion or confirmation of an incident within the scope of the Services or loss of the HOLDER's Personal Data, ADIQ will use its best efforts and take immediate measures to eliminate or reduce the risks of damage to the HOLDER, and will inform the potentially affected HOLDERS and the competent authorities of such fact, the risks involved and the measures necessary to avoid such damage.

    holder´s rights


    The HOLDER is permitted, at any time, within the limits of Applicable Legislation, to exercise the following rights over their Personal Data (“Rights”):

    • Right to confirm the existence of Processing activity;

    • Right to access, rectify, delete or cancel Personal Data;

    • Right to object, restrict or oppose the Processing of Personal Data;

    • Right to review automated decisions made based on the Processing of Personal Data;

    • Right to portability of Personal Data;

    • Right not to provide consent or to withdraw it, and to be informed about the related consequences; It is

    • Right to anonymization of Personal Data

    • Sharing information


    Confirmations of the existence of Personal Data Processing will be provided, in a simplified format, within the period provided for in the legislation. For other requests, ADIQ may submit its response within 30 (thirty) days, which may be extended depending on the nature and complexity of the request.

    how to disable cookie collection


    We strongly encourage you to read the Cookies Policies on the Adiq website (adiq.com.br) to better understand how this data is used by Adiq and in what situations.

    Adiq provides a cookie management system. After consenting to the use of cookies, it is possible to disable part or all of the cookies simply and easily.

    Immediately after the first interaction between Adiq and the Holder, the cookie management system assigns a unique identification to the holder and records the date and time when consent was given to the processing of the data. To revoke this consent or access this information, simply click on the floating button located in the bottom right corner of our website.

    A new window will automatically open, presenting the options “manage”, “privacy policy, “cookie policy”, “reject” and “accept”. In the settings, you can identify which cookies have collection enabled, select your options and click “save options”.

    Furthermore, all browsers allow the user to accept, refuse or delete cookies, in particular by selecting the appropriate settings in the respective browser. You can configure cookies in the "options" or "preferences" menu of your browser (Google Chrome, Microsoft Edge, Firefox, etc.).

    Please note that, when disabling cookies, this action may prevent some web services from functioning correctly, partially or completely affecting website navigation.

    In any case, if you do not consent to collection, you can deactivate Google Analytics through the browser add-on, available at the link <https://tools.google.com/dlpage/gaoptout?hl=pt- BR>. More details about Google Analytics privacy information under “How Google uses data when you use our partners' sites or apps” can be found at <google.com/intl/pt-BR/policies/privacy/partners/ >.”

    By changing your Google Analytics cookie options, you can choose to receive a message whenever a cookie is stored on your computer and/or that your browser does not accept cookies from the Portal.

    contact of the person in charge


    If you have any questions about this Privacy Policy, the contact information for the Adiq Data Protection Officer is available on the Owner Portal.

    The provisions established here are in accordance with the best international practices for the protection of personal data.

    Important: Requests and the exercise of rights by holders of personal data will be handled exclusively by the Holder Channel: Holder Portal

    Email of the Person in Charge for ANPD contact:dpo@adiq.com.br.


    validity


    This Policy will be periodically reviewed by ADIQ to adapt it to the provision of Services, by deleting, modifying and/or inserting new clauses and conditions.


    Special note for under 18s:

    Adiq does not allow minors under 18 to register through our website.


    revisions history


    Version: 1.0 | Review date: 24/10/2021 | Historic: Initial elaboration

    Version: 2.0 | Review date: 24/10/2022 | Historic: Periodic review

    Version: 3.0 | Review date: 24/10/2023 | Historic: Periodic review