Privacy Policy

Ferragens Negrão recognizes the importance of personal data privacy and the General Data Protection Law – LGPD.

This document aims to establish guidelines regarding the rights, obligations and responsibilities regarding the protection, use and privacy of personal data adopted by FN and other partner or affiliated companies (including those with which it has a relationship), businesses or brands. Here you will be able to understand which of your data is collected, whether provided voluntarily by you or automatically, and how it may be used, as well as your rights, in accordance with the General Personal Data Protection Law (Law No. 13,709/2018).

Ferragens Negrão Comercial Ltda, a legal entity registered with CNPJ (Brazilian Corporate Taxpayer Registry) under number 76.639.285/0001-77, with headquarters located at Rua Professor Algacyr Munhoz Mader, 2800 Sala A, Cidade Industrial neighborhood, Curitiba, PR, CEP: 81310-020, is the data controller and establishes below its Privacy Policy adopted by all partner or affiliated companies, businesses or brands of FN.

What types of data can be collected?

The data collected may be: Name, CPF, ID, address, date of birth, email, telephone number, profession and line of business, marital status, signature, resume, family data, payment, banking and credit data, images from security cameras and your personal preferences. In addition to this data, information about purchases made by you and their respective warranties, as well as browsing data on our platforms, may be collected.

How can data be collected?

Data may be collected through: registration on institutional websites and e-commerce platforms; contact with employees or sales representatives; filling out online or physical forms; contracts; contact by email, social media, telephone, among other means; registrations of visits to stores, distribution centers or administrative centers; and access to FN facilities.

Data that you provide through other interactions that you carry out, such as experiences and interactions with products, businesses or brands, participation in promotions and use of platforms, are also collected.

Data is collected when you actively contact us through customer service, whether by telephone, email, chat or in person and automatically, through Cookies, such as data related to your browsing and the device you use to access the platforms.

For what purposes can your data be used?

Personal data is collected for the following purposes:
I. To provide, improve and personalize the products and services offered;
II. To ensure the security of products, businesses and experiences;
III. Compliance with legal or regulatory obligations, court orders or to exercise and defend against legal claims;
IV. Properly supply the products sold;
V. Provision of technical assistance services, exchange or return of products and participation of the holder in loyalty programs;
VI. Manage purchases and orders (process and track your order, including delivery of the product to the address you indicated);
VII. Send purchased product or make products available for collection;
VIII. Prevent fraudulent registrations and ensure your security on platforms and establishments;
IX. Promote the legitimate interests of data holders, FN and partners, including through third parties, as long as the rights provided for by law are not exceeded;
X. Enable candidates to participate in selection processes for hiring employees or sales representatives;
XI. Register representatives, employees or customers, comply with the obligations of each relationship, in addition to safeguarding the rights between the parties;
XII. Assess credit and verify the possibility of providing certain products, businesses or experiences;
XIII. For relationship management, marketing and sales, including participation in promotions or promotional campaigns;
XIV. Display personalized advertising in the digital environment;
XV. Show online advertisements for products that may be of interest to you, based on data relating to your browsing;
XVI. Keep a record of access to platforms;
XVII. Analyze transactions to identify possible fraud or atypical movements;
XVIII. Ensure your security, preventing fraud and protecting credit;
XIX. Personal and property security through cameras, monitoring systems and access control through registration;

By providing your personal data, you accept the terms and conditions of this Privacy Policy, and you may assert your rights at any time by contacting the Data Protection Officer (DPO). This data will be kept by FN for a retention period of five years after the last contact/interaction made by the parties. Occasionally, in order to comply with legal obligations, security, combat fraud, or ensure compliance with contracts, this data may be held for longer than described above.

With whom may your data be shared?

The personal data provided by you to any partner or affiliated companies, businesses, or brands that have a commercial relationship with SP may be shared between:
I. Business partners and suppliers, if necessary, and when directly involved in monitoring, managing, planning, or operating activities;
II. Between partner or affiliated companies, businesses, or brands that have a relationship with FN;
III. Public authorities, if necessary, to comply with judicial or administrative obligations;
IV. Employees who need to access this information to perform their work;
V. Service providers;
VI. And suppliers of technological, financial or operational solutions.

When your personal data is shared with third parties with whom there is a contractual relationship, sharing is limited to the personal data necessary for the performance of their duties and it is contractually ensured that said data is used only to the extent necessary to provide services on behalf of FN and in compliance with legal requirements.

How is your data stored?

Your data is stored securely and systems, procedures and technologies are used that effectively help protect data. In any case of personal data being stored in countries other than Brazil, the measures required by Brazilian law will be adopted to ensure that they continue to be protected.

The best efforts are made to adopt the best technical, administrative and operational practices to protect personal data from unauthorized access, destruction, loss, alteration, communication or any form of inappropriate or unlawful processing. In addition, FN is constantly developing and updating protocols, communication, policies and testing tools to protect your data.

However, some individual recommendations are also necessary, to be adopted by the data subjects themselves, to ensure the protection of their personal data, such as:

I. Do not share your login and password with third parties;
II. When accessing or contacting us through public computers, make sure to close the session immediately after finishing;
III. Do not provide personal information without making sure that the recipient is, in fact, the company and/or brand with which you are making the purchase or other contact.

At the same time, no platform is completely secure. If you have any concerns or suspicions that your personal data is at risk, for example, if someone has accessed your password, please contact apoio.lgpd@mensur.ind.br immediately.

What are your rights?

The data subjects have the right, upon request to the controller, to:
I. Confirmation of the existence of personal data processing;
II. Access to your personal data;
III. Correction of incomplete, inaccurate or outdated data;
IV. Anonymization, blocking or deletion of unnecessary, excessive data or data processed in non-compliance with the provisions of the General Personal Data Protection Law (Law No. 13,709/2018);
V. Portability of data to another service or product provider, upon express request, in accordance with ANPD regulations;
VI. Revocation of consent and consequent deletion of personal data processed, except in the cases provided for in art. 16 of the LGPD;
VII. Information on public and private entities with which the controller shared data;
VIII. Information on the possibility of not providing consent and on the consequences of refusal;

The LGPD establishes several situations in which the processing of personal data is permitted regardless of the consent of the data subject. These are the so-called “legal bases for data processing”. This means that if you choose to use the platform, participate in promotional campaigns, submit a statement about the products, purchase them or use the services, in some cases FN may collect and process your data regardless of your prior consent (if there is a “legal basis” provided for in the LGPD that allows it to do so). In other cases (when necessary) your express consent will be requested for the use of your personal data.

Once you have given consent for the use of your data, you can always withdraw your consent. Withdrawal of consent does not have retroactive effect and will only be done if you have provided your personal data.

How to contact?

If you have any questions about the content of this policy, how your data is used, or if you wish to exercise any of your rights mentioned above, you can contact our Data Protection Officer (DPO) by email at apoio.lgpd@mensur.ind.br.

Changes to the privacy policy

FN is constantly seeking to improve and adapt its systems, processes, and technologies. In addition, the LGPD, which guided this policy, may also undergo changes. Due to these facts, this policy may be modified at any time, without prior notice. To stay up to date, we recommend that you visit this page regularly.

When using websites, social networks, and other digital channels, the user authorizes and accepts the terms of the Policy in force on the date of use, and it is their responsibility to previously check the current policy.

Important concepts

Personal data – Any information that identifies or that, combined with other data, can identify a person, such as name, email, CPF, ID, cell phone number, address, biometric data, etc.

Sensitive personal data – Information involving racial or ethnic origin, religious belief, political opinion, membership in a union or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person;

Personal data processing – Any operation performed with personal data, such as, for example, collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction;

Data subject – Natural person to whom the personal data refer;

Controller – Natural or legal person, who is responsible for taking care of and defining the processing of personal data when made available to them;

Operator – Individual or legal entity that processes personal data as determined by the controller;

Data Protection Officer or DPO – The person who will act as a communication channel between the controller, the data subject and the National Data Protection Authority (ANPD);

Legal bases – These are the ten hypotheses, provided for in art. 7 of the LGPD, that authorize data processing.