Privacy Policy
Last updated: November 2024
1. Introduction
1.1 This "Privacy Policy" applies to Deepdive Ltda. or "Deepdive" is a company incorporated under CNPJ 51.382.479/0001-09, which operates in the field of training and data intelligence services ("Services"), offered through a proprietary platform that contains conversational practice tools for conducting training programs using Artificial Intelligence ("Platform").
1.2 Here, you will find information about how and what personal data we collect, how it is used, shared and stored, and your rights in relation to this data. We recommend that you read this Policy carefully!
1.3 This Policy is part of Deepdive's "Terms of Use", which must be read carefully and accepted by you as a requirement for using the Services.
1.4 Therefore, for you to access the Platform and/or use the Services, it is mandatory that you are aware of this Privacy Policy and accept the Terms of Use, both available on Deepdive's website.
1.5 This Policy and the Terms of Use must be interpreted together with the service provision and software licensing agreement signed with Deepdive ("Agreement"), regarding the regulation of personal data processing within the scope of the Services. In case of any divergence or conflict between their provisions, the conditions provided for in the Agreement shall prevail.
2. Personal data collected
2.1 According to applicable legislation, personal data consists of all information that identifies you or allows your identification through it, whether provided by you to DeepDive or collected through the use of the Services.
2.2 Deepdive may collect the following personal data:
(i) Registration data: name, address, email, telephone, date of birth, nationality, filiation, marital status, address, profession, CPF, RG, gender, among others requested in the Services that require registration or subsequently, by virtue of the services actually provided.
(ii) Sensitive Data: information related to biometrics (e.g., selfies), as collected at the time of your registration, or subsequently, during the use of the Services. This sensitive data will only be collected to the extent strictly necessary and for the purposes expressly provided for in this Policy, and always within the limits of applicable legislation. If it is necessary to process sensitive personal data for purposes beyond those described in this Policy, you will be notified and, where necessary, Deepdive will request your consent before processing such sensitive data.
(iii) Data related to the use of the Services: information or content created and/or shared by you, as well as information about the use of the Services, which includes interactions with the Platform's conversation functionalities, as well as with Deepdive's team members in your service; data about your geolocation, as well as your IP address, network connection type, browser, operating system and the like; data generated from any interaction between you and other people or entities through which the Services are made available, such as interaction data with health professionals inserted by you into the Platform.
(iv) Other data: additional information to those mentioned above, provided that in the form and within the limits of the consent you have given (in cases where consent is necessary), in accordance with the provisions of this Privacy Policy and the Terms of Use, and to the extent permitted by law.
3. Forms of personal data collection
3.1 Deepdive collects your personal data in the following ways:
(i) Data you share with Deepdive: at the time of registration, or even when you choose to communicate with DeepDive using its social media or communication channels for questions, requests or complaints.
(ii) When you access the Platform: information collected while you use the Services, for example through the use of cookies and other similar technologies, including data related to the use of the Services.
(iii) Sending data by third parties: data related to you and obtained through third parties contracted by Deepdive to enable the Services, within the scope of the products and services offered and within the limits permitted by applicable legislation.
(iv) Access to public data: data related to you whose access is public, or that have been made public by you. The processing of this data will take into account the purpose, good faith and public interest that justified its availability, within the limits permitted by applicable legislation.
4. Purposes of personal data processing
4.1 Your personal data may be used for the following purposes:
(i) Allow Deepdive to enable the offering of the Services to you in the most appropriate way possible, which includes activities such as your registration and identification for correct service, as well as use and improvement of such Services and development of new functionalities in relation to them.
(ii) Personalize the Services offered to you, by systematizing the ways of using the Platform and the content available therein, including to develop new functionalities, technologies and improvements for the Services, through statistical techniques, data cross-referencing and machine learning.
(iii) Perform data analysis for routing recommendation and sales strategy based on Service usage data, through statistical techniques, data cross-referencing and machine learning.
(iv) Analyze and solve technical problems and those related to fraud and security of the Platform, perform risk analyses and enable fraud prevention and maintenance of the integrity of the Services.
(v) Comply with legal, regulatory and contractual obligations, including the obligations provided for in the Terms of Use, in order to enable the provision of the Services according to the conditions agreed with you and in accordance with applicable legislation.
(vi) Allow legal audit for purposes of corporate operations, such as merger, acquisition or sale of assets.
(vii) Enable Deepdive's defense and respond to requests from judicial, administrative or arbitration authorities.
4.2 You also express your free, informed and express consent, strictly in relation to the following purposes of personal data processing by Deepdive, including sensitive personal data:
(viii) Sharing of personal data within the scope of partnerships and services related to the Services, allowing the correct and complete provision of the Services to you.
(ix) Other purposes, in the form and within the limits of the corresponding consent given by you (when necessary), and within the limits of applicable legislation.
5. Sharing of collected personal data
5.1 Deepdive may share your personal data with third parties for the following purposes:
(i) Provide certain personal data to third parties to enable Deepdive to offer or operate the Services (e.g., companies that provide cloud services, always within contractual and legal limits).
(ii) For any of the purposes described above, within contractual and legal limits. To this end, Deepdive undertakes to ensure the protection of your personal data by entering into confidentiality agreements and requiring that such recipients have privacy standards compatible with those of this Policy.
6. Cookies and similar technologies
6.1 Technologies such as cookies, pixel tags, device identifiers or others and their local storage may be used during your navigation on Deepdive's website, to allow Deepdive to present the most relevant content and offers to you, as well as to improve the Services and help keep these Services secure.
6.2 You may manage Cookies preferences and other similar technologies from your browser settings, refusing or deleting some of them (opt out).
7. Storage and security of personal data
7.1 Deepdive, when processing your data, will strive to protect your personal data against unauthorized access, accidental or unlawful situations of destruction, loss, alteration, communication or any form of improper or unlawful processing. To this end, Deepdive undertakes to continuously implement physical, technical and administrative information security measures in the processing of your personal data, guided by applicable legislation, market best practices and Deepdive's internal policies.
7.2 In general, Deepdive allows your personal data to be accessed by its employees. However, access to certain types of personal data, according to their nature and sensitivity, will be limited to people who necessarily need to know this data, according to the purposes indicated in this Policy.
7.3 In order to protect your personal data against unauthorized access, it is recommended that you maintain strong passwords for accessing the Services, do not share your passwords and access credentials to the Services with third parties, even if you trust them, and protect yourself against unauthorized use of your access devices.
8. International transfer of personal data
8.1 Deepdive, as a company aligned with the most current practices and technologies, may carry out international transfers of your personal data, in order to enable the development of some of the activities indicated throughout this Policy (e.g., data storage in cloud services with servers located abroad).
8.2 Deepdive will carry out international transfers of your data only based on mechanisms permitted by applicable legislation. In such cases, Deepdive undertakes to ensure the protection of your personal data through practices such as entering into appropriate contractual agreements.
9. Your rights as a personal data subject
9.1 Deepdive will adopt technical and organizational measures to comply with its obligations regarding your rights as a personal data subject. In this regard, Deepdive commits to facilitate, in the best possible way, the exercise of your rights as provided for in Law No. 13,709/2018 ("LGPD"), which are:
(i) Confirmation: right to be informed about the existence of processing of your personal data by Deepdive;
(ii) Access: right to request access to your personal data processed by Deepdive;
(iii) Correction: right to request the alteration or update of personal data processed by Deepdive whenever they are incomplete, inaccurate, or outdated;
(iv) Restriction: right to object to the processing or to request the anonymization, blocking, or elimination of unnecessary, excessive data or data processed by Deepdive in non-compliance with personal data protection legislation;
(v) Portability: right to request the transmission of your personal data processed by Deepdive to another service provider;
(vi) Elimination: right to request the elimination of personal data processed by Deepdive based on your consent;
(vii) Information: right to be informed about public and private entities with which Deepdive has shared data, about the possibility of not providing consent and about the consequences of this refusal;
(viii) Revocation of consent: right to revoke consent at any time, through express manifestation, by a free and facilitated procedure; and
(ix) Review of automated decisions: possibility of reviewing decisions made by Deepdive solely based on automated processing of personal data that affect your interests.
9.2 If you are interested in exercising any of the rights listed above, you should contact Deepdive through the email indicated in the "Contact" section below.
9.3 Deepdive retains your personal data whenever necessary for the purposes described in this Policy, and provided there is a legal basis for keeping them, including to allow the exercise of Deepdive's contractual and legal obligations and rights.
9.4 Thus, upon an express request for the elimination of your personal data, Deepdive will comply with the request for definitive exclusion, subject to legitimate retention hypotheses, under the terms of this Policy and applicable legislation.
10. Changes to the Privacy Policy
10.1 Deepdive may change this Privacy Policy at any time. The current version of the Privacy Policy will always be the most recent. To identify the date of the current version, you should check the "Last updated" section at the top of this document.
10.2 Any modification to this Policy that impacts consent previously provided by you (when necessary) or implies a financial burden for you will be duly communicated in advance. However, any changes made for legal reasons or due to new functionalities of a Service will take effect immediately.
10.3 If you do not agree with any changes to this Policy, you must stop using the Services. Otherwise, subsequent use of the Services will imply your acceptance of the new version of the Policy.
11. Contact
11.1 If you wish to exercise any of the rights provided in this Privacy Policy or in applicable law, or have questions about this document and the practices described therein, you should contact the person in charge at Deepdive for communication with personal data subjects, via the email privacidade@deepful.ai.
12. Knowledge and agreement
12.1 AFTER CAREFULLY READING THIS POLICY, YOU DECLARE TO BE AWARE OF AND AGREE TO ALL ITS PROVISIONS REGARDING THE COLLECTION, USE AND SHARING OF YOUR PERSONAL DATA, AND THAT DEEPDIVE HAS DULY COMPLIED WITH THE DUTY TO INFORM.