Privacy Policy

Date of update: July 15, 2021.

This Privacy Policy demonstrates Neogrid's strong commitment to your privacy and the protection of personal data collected from all visitors and users of services provided by Neogrid, establishing the rules on processing collected data, within the scope of services with transparency and clarity with users and the market in general.

To access and use the features offered in Neogrid's environments, the user declares that they have read this Policy completely and carefully and are fully aware, thus granting their free and explicit agreement with the terms stipulated herein to process the data mentioned herein under the conditions specified below.

ABOUT US

Neogrid, as a service provider, is the operator/data processor for customers and partners, and controller for suppliers/providers that are contracted to perform various services and supplies

a. Neogrid Informática, registered in Brazil, Avenida Santos Dumont, 935, CEP 89223-002, Joinville, Santa Catarina.

b. Neogrid North America LLC, registered in the United States of America under number 52-2242825, with headquarters at 601 Brickell Key Drive, Ste 901, Miami, FL, 33131, EUA.

c. Neogrid Netherlands B.V., registered in the Netherlands under number 34106678, with headquarters at Keizer Karelplein 8 C, 6211TC Maastricht;

1. Data collection and activity registration

Neogrid collects personal data from the Platform, when entered or voluntarily submitted by our user, which includes, but is not limited to access, creation of an access account, navigation, contracting and use of services. In addition, the Platform will be able to record all activities carried out by the user through logs.
We also collect data through our Website and Landing Page, when entered or voluntarily submitted by the user when filling out forms present on the pages. In addition, the website and landing pages may record visitor activity through cookies. We may receive data through third parties, including data intelligence bureaus and business partners, where the data subject has authorized sharing the data or if there is a legitimate interest in using it.

1.1. Collecting data from children and adolescents

Neogrid does not collect personal data from children or adolescents under the age of 18. Although we prohibit it, parents must supervise their underage children's online activities.

If Neogrid becomes aware of the existence of data being collected from children or adolescents, it will take reasonable steps to eliminate it

Please do not register with Neogrid Environments if you are under the age of 18.

1.2. Personal data we collect through:

Access to the Platform:

a) Name and last name;

b) Email address;

c) Address;

d) Telephone;

Websites, phone calls and Landing Pages:

a) Name and last name;

b) Business email address;

c) Business telephone;

1.3. The user is solely responsible for the accuracy, veracity or lack thereof in relation to the Data they provide or for its outdatedness. Likewise, it is the user's responsibility to ensure accuracy or to keep them up to date.

1.4. Likewise, Neogrid is not obligated to process or handle any of your Data if there are reasons to believe that such processing may impute to you any violation of any applicable law, or if the user is using the Platform for any illegal, unlawful purposes or contrary to morality.

1.5. Data collection on the Platform may include:

a) IP address, logical port of origin of users and geolocation;

b) Actions performed by users on the Platform;

c) Screens accessed by users;

d) Dates and times of each activity performed, as well as user access to the Platform;

e) Data about the device used by the user, in particular: version of the operating system, browser, geolocation and other installed applications, if necessary;

f) Session ID of users, when available;

g) History of operations performed; and,

h) Behaviors identified in interactions with the Platform.

1.6. The Platform and Websites may also make use of technologies such as:

a) Cookies, used to improve the functionality of Neogrid systems, according to the information that is available in the Cookies Policy. The user or visitor can block the use of Cookies through their browser settings, in which case, some Platform features may be limited;

b) Web Beacons to collect user behavior data when accessing pages, where installation of files on the equipment may not be necessary;

c) Beacons that emit signals, using Bluetooth Low Energy (BLE) technology, which can be captured by technological resources that allow the interaction between the user and a technological resource;

d) Other technologies for obtaining browsing data by the user (API analytics).

1.7. All technologies used will comply with the terms of this Policy.

1.8. IIt is important to highlight that, once on the Platform or Websites, the user may be led, through a link, content or services, to other portals or platforms that are not owned by Neogrid and which may collect information and have their own Privacy Policy.

1.8.1. It is up to the user to read the Privacy Policy of such platforms outside Neogrid's environment and it is the user's responsibility to accept or reject it. Neogrid is not responsible for the Privacy Policy or content of any websites, content or services located outside Neogrid´s Websites and Platform.

2. Use of Data

2.1. Data collected from Neogrid users and activity records can be used for the following purposes:

a) Identify and authenticate them properly, in addition to processing transactions in the Access Account;

b) Have buyers contact suppliers to request quotes and other information (delivery time, available quantity, quality information, among others) about the products they intend to buy;

c) So that the supplier receives notifications by e-mail and can respond to buyers through the Neogrid system;

d) Manage system functions, provide services and fulfill obligations arising from the use of Neogrid services;

e) Provide user support, including answers to questions about the platform;

f) Optimize and improve the user experience;

g) Conduct statistics, studies, surveys relevant to the activities of the users' behavior while using the platform;

h) Promote Neogrid's services and products, as well as the following Neogrid companies: Neogrid Netherlands BV (Amsterdam - Netherlands), Neogrid North America LLC (Fort Lauerdale Office - Delaware LLC - USA), and its commercial and technological partners;

i) Inform about news, features, content and other events relevant to maintaining a relationship with our users;

j) Carry out communications³ with Neogrid's customers and prospects, as well as other third parties, regarding: (i) marketing and advertising campaigns for Neogrid's products and services; (iii) content promotion; (iv) invitations to virtual and in-person events; (v) contacting potential customers and partners, among others.

k) To safeguard Neogrid's rights and obligations related to the use of the platform; and

l) To enrich Neogrid´s database and prevent fraud from occurring.

2.1.1. It should be noted that all marketing e-mails sent by Neogrid have a link to unsubscribe if the recipient does not wish to receive any more messages of this type.

2.2. User consent to use of the data:

2.2.1. Consent for data use purposes will be collected individually, and the user is not obliged to grant consent to any of them.

2.2.1.1. If the user does not grant their consent for purposes directly linked to services provided by Neogrid, the services will not be made available to them, and access may be blocked/excluded from the Platform, when applicable.

2.2.1.2. If the user does not grant their consent for optional purposes, services provided by Neogrid will continue to be carried out regularly.

2.2.2. The Platform user may change their consent grants by opening a ticket with Neogrid´s support, and may grant new permissions or withdraw their consent for current permissions and will be warned of the consequences that the withdrawal of consent may cause.

2.3. Data collected and activities recorded may also be shared:

2.3.1. With competent judicial, administrative or governmental authorities, whenever there is a solicitation, requisition or court order;

2.3.2. Automatically in case of corporate transactions, such as mergers, acquisitions and incorporations, observing the principle of transparency with the user.

2.3.3. Automatically with companies that provide services to Neogrid necessary for the activities it carries out, processing personal data in accordance with Neogrid's instructions and for the respective purposes, among which the following stand out:

a) Hosting Service Providers - Data Center services for colocation and/or hosting services;

b) Software as a Service - used for processing data for internal management;

c) Software and Hardware Maintenance Providers - for replacement and maintenance of defective parts, as well as for software updates;

d) Telecommunications Services - data link and Internet connectivity;

e) Consulting (information technology, legal, administrative, accounting, human resources) - for operational management and internal procedures;

f) Advertising agencies - to send Neogrid newsletters and advertisements;

g) Telephone and cell phone services - for communication with customers and prospects;

h) Postal services and carriers - to send Neogrid newsletters and advertisements;

i) Financial and insurance services (banks, brokers) - to process payments and implement insurance;

j) Travel agencies - to organize trips to meet customers and prospects;

k) Event management - organizers to communicate with customers and prospects;

l) Marketing platforms - to communicate with customers and prospects;

m) Business Partners – to provide services and data processing.

2.3.4. If these external companies have access to personal data, Neogrid warrants that the respective parties have previously signed data handling and confidentiality agreements with Neogrid to comply with applicable data protection legislation.

2.3.5. These service providers may be located in the European Union, Brazil, Asia and the United States, and international data transfers must be made in accordance with section 6 (International Data Transfers).

2.4. Neogrid is solely responsible for the database formed by the data collected by its platform.

2.5. The use, access and sharing of data from Neogrid's database will only be done within the limits and business purposes described in this Policy.

2.5.1. However, considering that no security system is infallible, Neogrid is exempt from any liability for any damages and/or losses arising from failures, viruses or invasions of Neogrid's database, except in cases where there is intent or guilt.

2.6. Neogrid may also share data from its database with authorities when legally required.

2.7. The user is responsible for the confidentiality of their personal data. Sharing passwords and login details violates this privacy policy and the terms and conditions for using our platform.

2.8. It is very important for the user to protect their Data and know that Neogrid will never send electronic messages requesting confirmation of data or with attachments that can be executed (extensions: .exe, .com, among others)

2.9. Internally, access to user data is restricted only to authorized Neogrid employees, respecting the principles of proportionality, necessity and relevance to our business objectives, in addition to the commitment to confidentiality and preservation of user privacy under the terms of this Policy.

2.10. To optimize and improve communication, when Neogrid sends an e-mail to the user, we may receive a notification when they are opened, provided this possibility is available. It is important for the user to be aware, as the e-mails are only sent by the domains: neogrid.com.

3. Data Storage

3.1. User data collected by Neogrid will be stored for the duration of the relationship with the user and there is no request for exclusion or revocation of consent, pursuant to article 9, item II, of the General Personal Data Protection Regulation. Neogrid may keep the history of user data for a longer period in cases where the applicable law or regulation establishes, for example, the period of 6 (six) months for digital identification data, pursuant to article 15 of the Civil Rights Framework for the Internet, and 03 (three) years for other data, based on article 206, paragraph 3, item V, of the Civil Code. This period may differ according to specific customer requirements.

3.1.1. Anonymized data is not subject to the storage terms described above, pursuant to article 12 of the LGPD

3.2. Data collected from users will be stored in SaaS data centers or on-premises infrastructure. Datacenters can be third-party infrastructure, cloud (Cloud Computing) located in the United States or any other location where Neogrid and/or the Customer has operations.

4. What the User Rights Are and How to Exercise Them

4.1. The data subject can request to see or change personal information through their accounts or support tools made available by Neogrid or by contacting our Data Protection Officer/DPO through the form available here, and may also request

(i) Limiting the use of their Personal Data;

(ii) Manifest opposition and/or revoke their consent to use their Personal Data; or

(iii) Request that their Personal Data that has been collected by Neogrid be deleted.

4.2. Once the contract between the user and Neogrid ends, all accounts are canceled and access is revoked.

4.3. If the user withdraws their consent for purposes that are essential to the proper functioning of the Platform, the platform features and services may be unavailable to the user.

4.4. After the maintenance and legal requirement period, the personal data will be deleted using safe disposal methods, or used anonymously for statistical purposes.

4.5. Questions or requests regarding privacy can be directed to the current Neogrid Data Protection Officer, Leandro Fabricio Dix, by e-mail dpo@neogrid.com or by the address below:

GDPR - General Data Protection Regulation (2016/679)
Neogrid Netherlands B.V.S
Keizer Karelplein 8 C, 6211TC Maastricht.

LGPD - General Personal Data Protection Law (13.709/2018)
Neogrid Informática Ltda
Av. Santos Dumont, 935, 4° Andar, CEP 89223-002, Joinville, Santa Catarina, Brazil.

4.6. If the user considers that his rights to the protection of personal data have been violated, he can file a complaint with the competent Data Processing Authority.

5. Data Recipients

5.1. Your personal data will be processed by Neogrid professionals in the respective departments that need access to personal data:

a) Contact details: any departments that may be involved in processing your request;

b) Comment data: marketing or the respective product departments responsible for operating the blogs or discussion forums;

c) Employment application data: HR and the departments responsible for the position you applied for;

d) Direct marketing data: responsible marketing and sales departments for your region;

e) Usage data and browser data: marketing and IT departments responsible for operation of the respective websites

5.2. Neogrid is a corporation with global operations. To ensure that your request is processed, it may be necessary to forward your data to local subsidiaries or local distribution partners whose registered office may also be located in other countries (see section 6). However, these data transfers only take place within the Neogrid group companies, and the legality of the data export will be based on the positions of the competent data protection authorities.

5.3. Furthermore, we do not forward your data to third parties unless we are required to do so by contractual obligations, EU statutory provisions or order of any judicial authority or other national or EU public authorities or if you have explicitly requested data portability or have given your consent for that purpose. Your personal data will not be sold, rented or exchanged.

6. International Data Transfers

6.1. The recipients of your personal data may be located outside Brazil, the European Union or the European Economic Area, where data protection laws may not be equivalent to the EU data protection law, Brazilian law or European Union law. In such cases, the recipient will be asked to take steps to protect their data.

6.2. We will take all necessary steps to ensure that transfers to such organizations are adequately protected in accordance with applicable data protection legislation, for example, signing an agreement with the standard contractual clauses stipulated by Agência Nacional de Proteção de Dados [Brazilian National Data Protection Agency] ("ANPD") OR EU Commission with data recipients. You can request a copy of these pertinent guarantees by contacting our Data Protection Officer/DPO at: dpo@neogrid.com

6.3. If data transfer to official authorities in countries outside Brazil or the European Union or European Economic Area (so-called third countries) from other countries is required, and if not required by law, by consenting to this Privacy Policy, you gave us your explicit consent for the international data transfer to take place.

7. General Provisions

7.1. The Platform does not use any type of solely automated decision, based on personal data, that impacts the user.

7.2. Neogrid may change the content of this Privacy Policy at any time, according to the purpose or need, such as for the adequacy and legal compliance of a provision of law or rule that has equivalent legal force, and our user is responsible for checking it whenever they access the Neogrid Platform.

7.2.1. If there are significant updates to this document that require new consent collection, Neogrid will notify the user through the tools available on the platform and/or support tools available or by the contact e-mail informed by the user.

7.3. If you have any questions about this policy, please contact Neogrid through the service channel https://neogrid.com/en/contact/privacy.

7.4. If outsourced companies process any data collected by Neogrid, they must respect the conditions stipulated herein and Neogrid's Information Security rules.

7.5. If any provision of this Privacy Policy is considered unenforceable by data or judicial authorities, the other conditions will remain in full force and effect.

7.6. The user acknowledges that all communication carried out by e-mail (to the addresses provided in their registration), SMS, instant communication apps or any other virtual and digital form, are also valid, effective and sufficient for the dissemination of any matter that refers to the services provided by Neogrid, as well as to the conditions of their provision or any other matter addressed therein, with the exception of the explicitly diverse provisions set forth in this Privacy Policy.

8. Glossary

8.1. For the purposes of this document, the following definitions and descriptions should be considered for your better understanding:

Anonymization: Use of reasonable technical means available during the Processing, whereby data loses the possibility of association, directly or indirectly, with an individual.

Beacons: These are small devices that use Bluetooth Low Energy (BLE) technology, which emit signals that can be captured by technological resources, enabling interaction between the user and the technological resource. Web Beacons are programs whose purpose is to monitor a user's navigation on a page on the Internet.

Cloud Computing: This is a service virtualization technology built using the interconnection of more than one server through a common information network (e.g. the Internet), in order to reduce costs and increase availability of sustained services.

Cookies: Files sent by the Platform's server to the users' computers, in order to identify the computer and obtain access data, such as browsed pages or accessed links, thus allowing the users' navigation on the Platform to be customized according to their profile.

User Account: Credentials of a user that may be required to use or access a restricted area and exclusive features of the Platform offered by Neogrid.

Data: Any information entered, processed or transmitted through Neogrid Environments.

Personal Data: Data relating to an identified or identifiable individual.

Uniquely automated decisions: These are decisions that affect a user that have been programmed to work automatically, without the need for human operation, based on automated personal data processing.

Officer (Data Protection Officer -DPO): Person appointed by Us to act as a communication channel between the controller, data subjects and data protection authorities.

IP: Abbreviation for Internet Protocol. It is the alphanumeric set that identifies users' devices on the Internet.

Landing Pages: Web pages containing forms that the visitor can fill out to access the content of materials such as e-books and special offers.

Logs: Records of user activities carried out on the Platform.

Platform: Neogrid's virtual environment for connection between buyers (legal entities) and suppliers (legal entities).

Session ID: Identification of the user's session in the process of purchasing services or when accessing the restricted area.

Users: People who access or interact with the activities offered by the Platform and websites of Neogrid.

Processing: Any operation performed with Personal Data, such as those related to the collection, production, receiving, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, deletion, assessment or control of the information, modification, communication, transfer, dissemination or extraction.

9. Applicable Law & Court

9.1. To settle any litigation or controversy involving this agreement, will be elected the Jurisdiction where Neogrid provides the services as indicated below will be chosen, except specific exception of personal competence, territorial or functional competence by the applicable legislation:

a) Neogrid Informática Ltda. – The Courts of Joinville, State of Santa Catarina, Brazil;

b) Neogrid North America LLC – The Courts of Fort Lauderdale, State of Florida, United States of America; and

c) Neogrid Netherlands B.V – The Courts of Amsterdam, Netherlands.

9.2. In any event, we are at your disposal to meet the requests for rights or to deal with any inconvenience, irregularity or doubt related to the way we process personal data, making our direct channel available to the Data Protection Officer dpo@neogrid.com or through our channel service available at https://www.neogrid.com/en/contact/privacy

Thank you for your attention, and welcome to Neogrid!