This Privacy Policy outlines the personal data we collect, how it is used, stored, and shared, and your rights regarding this data. The Privacy Policy has been created to demonstrate our commitment to always handling your personal data with security, privacy, and transparency.
This website is maintained and operated by BOXWARE DISTRIBUIDORA DE INFORMATICA LTDA, referred to in this policy as "BOXWARE."
We collect and use certain personal data from those who use our website. In doing so, we act as the data controller and are subject to the provisions of Federal Law No. 13.709/2018 (General Data Protection Law – LGPD).
We take care to protect your personal data, and therefore we provide this privacy policy, which contains important information about:
- The data we collect and what we do with it;
- Your rights regarding your personal data; and
- How to contact us.
1. Information Collected
The collection of user data will be carried out in accordance with this Privacy Policy and will depend on the user’s consent, which is not required only in the cases provided for in Article 11, Item II, of the Personal Data Protection Law. Our website collects and uses some personal data from our users as outlined in this section.
2. Personal Data Provided Explicitly by the User
We collect the following personal data that our users explicitly provide when using our website:
- Full Name
- Phone
- ID (RG)
- CPF
- Address
The collection of these data occurs at the following moments:
- When the user uses the contact form.
- When the user registers on the website.
- When the user makes a purchase.
The data provided by our users are collected for the following purposes:
- For registration of proposal requests and registration on the e-commerce platform to purchase products.
3. Sensitive Data
We will not collect sensitive data from our users, as defined in Articles 11 and subsequent articles of the Personal Data Protection Law. Therefore, no data will be collected regarding racial or ethnic origin, religious belief, political opinion, union or religious, philosophical, or political organization membership, health or sexual life data, genetic or biometric data linked to a natural person.
4. Cookies
Cookies are small text files automatically downloaded to your device when you access and navigate a website. They serve primarily to identify devices, activities, and user preferences.
Cookies do not allow any file or information to be extracted from the user’s hard drive, and it is not possible to access personal information that did not come from the user or from how they use the site’s features.
- Site Cookies:
Site cookies are those sent to the user's computer or device and administrator exclusively by the site.
The information collected through these cookies is used to improve and personalize the user experience. Some cookies, for example, can be used to remember the user’s preferences and choices, as well as to offer personalized content.
- Third-Party Cookies:
Some of our partners may set cookies on the devices of users accessing our website.
These cookies are generally aimed at allowing our partners to offer their content and services to users who access our site in a personalized manner, through the collection of browsing data extracted from interactions with the website.
The user may obtain more information about third-party cookies and how the data obtained from them is processed, as well as access the description of the cookies used and their features, by accessing the following link:
– Google Analytcs:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
Entities responsible for collecting cookies may share the obtained information with third parties.
- Cookies Management:
The user can object to the registration of cookies by the site by disabling this option in their browser. More information on how to do this in the most commonly used browsers can be accessed via the following links:
However, disabling cookies may affect the availability of certain tools and features of the site, compromising its proper and expected functioning. Another possible consequence is the removal of saved user preferences, harming their experience.
The user may object to the use of cookies by the site by disabling them when they start using the service, following these instructions:
The user, upon accessing the page, has the option to accept or reject the cookies.
However, disabling all cookies is not possible, as some are essential for the site to function correctly.
Furthermore, disabling cookies that can be disabled may negatively impact the user experience, as the information used to personalize it will no longer be available.
5. Collection of Unforeseen Data
Occasionally, other types of data not expressly provided for in this Privacy Policy may be collected, provided that they are supplied with the user’s consent or if the collection is allowed based on another legal basis provided for by law.
In any case, the collection of data and the activities derived from its processing will be communicated to the website users.
6. Sharing Personal Data with Third Parties
We do not share your personal data with third parties. However, we may do so to comply with a legal or regulatory determination or to comply with an order issued by a public authority.
7. Retention of Your Personal Data
The personal data we collect will be stored and used for the following periods:
The collected personal data is stored as long as you are a customer or prospect of BOXWARE, during your use of our products and services, and for the entire period that we retain your personal data, it will be kept in a secure and controlled environment, in accordance with each process developed and its purpose to comply with legal obligations.
The periods informed are not longer than strictly necessary, meeting the purposes and legal justifications for data processing.
In accordance with applicable legislation, BOXWARE uses your personal data for as long as necessary to fulfill the purposes for which they were collected. We may store your personal data for auditing purposes, compliance with legal or regulatory obligations, for the regular exercise of BOXWARE’s rights, or for the period necessary according to the legal basis justifying data retention.
When the processing of your data is complete, it will be deleted within the scope and technical limits of activities, unless retention is authorized in cases provided by current legislation.
8. Legal Basis for Personal Data Processing
Each personal data processing operation must have a legal basis, i.e., a legal justification that authorizes it, as provided in the General Data Protection Law.
All our personal data processing activities have a legal basis that supports them, among those allowed by the legislation. More information on the legal bases we use for specific personal data processing operations can be obtained from our contact channels, provided at the end of this Policy.
9. User Rights
The user of the site has the following rights, as provided by the Personal Data Protection Law:
- Confirmation of the existence of processing;
- Access to the data;
- Correction of incomplete, inaccurate, or outdated data;
- Anonymization, blocking, or deletion of unnecessary, excessive data or data processed in non-compliance with the law;
- Data portability to another service or product provider, upon express request, in accordance with the national authority's regulations, observing commercial and industrial secrecy;
- Deletion of personal data processed with the consent of the data subject, except in cases provided by law;
- Information about public and private entities with which the controller has shared data;
- Information about the possibility of not providing consent and the consequences of refusal;
- Revocation of consent.
It is important to highlight that, under the LGPD, there is no right to delete data processed based on legal bases other than consent unless the data is unnecessary, excessive, or processed in non-compliance with the law.
- How the Data Subject Can Exercise Their Rights:
Data subjects whose personal data is processed by us may exercise their rights by sending a message to our Data Protection Officer, either by email or by correspondence. The necessary information to do so is in the "How to Contact Us" section of this Privacy Policy.
To ensure that the user wishing to exercise their rights is indeed the data subject of the request, we may request documents or other information that may assist in their proper identification, in order to safeguard our rights and the rights of third parties. This will only be done if absolutely necessary, and the requester will receive all related information.
10. Security Measures in Personal Data Processing
We employ technical and organizational measures to protect personal data from unauthorized access and from situations of destruction, loss, theft, or alteration of these data.
The measures we use consider the nature of the data, the context and purpose of the processing, the risks that a potential breach could generate for the rights and freedoms of the user, and the standards currently used in the market by companies similar to ours.
Among the security measures adopted by us, we highlight the following:
BOXWARE declares that it does not perform international data transfers. All collected data is stored and processed exclusively on servers located within the national territory, in compliance with the applicable legislation, including the General Data Protection Law (LGPD – Law No. 13.709/2018).
In the future, should there be a need for an international data transfer, the data subjects will be duly informed, and the operation will be carried out according to the applicable legal requirements.
BOXWARE uses advanced security technologies to ensure the protection of the collected personal data, website, and related data. The data collected and the connections with the website are encrypted, prioritizing security and the user experience.
While we take all necessary steps to avoid security incidents, it is possible that issues could occur due to third parties (such as hacker or cracker attacks) or due to the user’s exclusive fault (for example, when they provide their data to third parties). Therefore, although we are generally responsible for the personal data we process, we are not liable for exceptional situations beyond our control.
In any case, should any security incident occur that could generate significant risk or harm to any of our users, we will notify the affected users and the National Data Protection Authority about the incident, in compliance with the provisions of the General Data Protection Law.
11. Complaint to a Regulatory Authority
Without prejudice to any other administrative or judicial remedy, data subjects who feel aggrieved in any way may file a complaint with the National Data Protection Authority.
12. Changes to This Policy
This version of this Privacy Policy was last updated on: 03/05/2025.
We reserve the right to modify these rules at any time, especially to adapt them to possible changes made to our website, whether through the addition of new features or the removal or modification of existing ones.
Whenever there is a modification, our users will be notified of the change. We recommend that you frequently access it or whenever you have questions, to check for any updates or changes to our Privacy Policy.
13. How to Contact Us
For any questions about this Privacy Policy or about the personal data we process, please contact our Data Protection Officer:
Carlos Alberto Scatolini Godinho (DPO)
+55 11 3662-1110
Boxware
Av. Paulista 2064 – 7º. Andar – Ala B, Bela Vista
CEP: 01310-928 São Paulo/ SP
