privacy policy

1. What you need to know before reading Khomp's privacy policy

In this policy, we adopt the terms listed below with the respective meanings:

National Data Protection Authority (ANPD) - It is the body responsible for supervising and guiding the application of the LGPD, as well as for imposing administrative sanctions in case of violations of the law.

Legal Basis for Processing – The processing of Personal Data is permitted under the LGPD according to the legal bases provided, such as the consent of the Data Subject, compliance with legal and/or regulatory obligations by Khomp, the existence of a contract between Khomp and the Data Subject, credit protection analysis, as well as Khomp's or the Data Subject's legitimate interests.

Biometrics - A measurable physical characteristic or personal behavioral trait used to recognize or verify a person's identity. Facial images, fingerprints, and iris samples are examples of biometrics.

Privacy Committee - Refers to Khomp's committee composed of representatives from the Legal, Information Security, and Quality departments, responsible for representing Khomp before Data Subjects and the ANPD, as well as providing general guidance regarding the processing of Personal Data at Khomp.

Consent - It is the free, informed, and unequivocal expression by which the Data Subject agrees to the processing of their Personal Data for a specific purpose.

Personal Data - Any data related to an identified or identifiable natural person, such as IP, geolocation, name, ID, CPF, address, phone, bank account, vehicle data, among others.

Sensitive Personal Data - Personal Data that reveals racial or ethnic origin, religious beliefs, political opinions, union affiliation, data regarding health or sexual life, genetic or biometric data.

Purpose - The reason or motivation for processing Personal Data.

Legitimate Interest - Data processing carried out by the Controller due to its own interest, that of other companies, or society, without affecting the Data Subject's rights and freedoms.

General Data Protection Law (LGPD) - Law No. 13,709, dated August 14, 2018.

Opposition - The right of the Data Subject to refuse their data being processed. This right may be exercised in specific situations.

Security - The use of technical and administrative measures to protect Personal Data from unauthorized access and from accidental or illicit destruction, loss, alteration, communication, or dissemination.

Processing - Any operation performed with Personal Data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, evaluation, information control, communication, transfer, dissemination, or extraction.

Data Subject - The natural person to whom the Personal Data being processed refers.

Transparency - The guarantee to Data Subjects of clear, precise, and easily accessible information about the processing and respective data agents, observing commercial and industrial secrets.

Summary of Privacy Policy Rights
Data MinimizationWe only collect personal data necessary for product functionality
Data Subject RightsThe user has the right to access, correct, and delete the processed data
Retention PeriodThe personal data we process will be kept only as long as necessary for the processing purpose and/or under the appropriate legal basis
Third-Party Data CollectionThe third-party data collection tools are indicated in this Policy

2. How we use your data

We may process data regarding the use of our websites, products, cloud services, and applications through their usage ('Services'). Usage Data may include your IP address, geographic location, browser type and version, operating system, time of visit to our sites ('Usage Data'), number of times Services are used, visit date, among others. The source of Usage Data is Google Analytics. Usage Data may be processed to analyze the use of Khomp's Services, products, and services. The legal basis for processing such data is Khomp's legitimate interest to ensure full execution and functionality of the Services.

We may process your registration data in the Services ('Registration Data'). Registrations may include name, email address, address, CPF, phone, image, photo, audio, among others. Registration Data may be processed for the operation of Services, provision of products and services, ensuring security of our Services, products, and services, database backup maintenance, and customer communication, including access to all functionalities of the Services. The legal basis for processing such data is consent.

We may process data captured in the environment ('Environment Data'). This data may include facial images, recordings, audio, which may be classified as personal data protected by law. Responsibility for protecting third-party data captured by Khomp products lies with the User, who must ensure effective protection of such data, particularly using network and configuration products to guarantee minimum security standards. Khomp is not responsible for the illegal use of data collected through its products, as they are not accessible for its management.

We may process data from consumer inquiries ('Consumer Relation Data'). This may include details about your questions and issues with products/services and may be processed for offering new products/services, marketing, updating response processes, and improving customer service. The legal basis for processing such data is Khomp's and its clients' legitimate interest and compliance with legal obligations.

We may process data obtained from financial transactions using our Services, including product/service purchases ('Transaction Data'). Transaction Data may include address, CPF, financial/banking data, and credit card numbers, and is processed for providing products/services, maintaining records, and complying with fiscal obligations. The legal basis for processing such data is legal compliance, specifically fiscal legislation.

We may process your Personal Data for sending ads, registration for selection processes, advertising, and direct marketing according to the client's interests. The legal basis for processing such data is consent and the Controller's legitimate interest.

We may process your Personal Data through authorized remote access to your device, with service registration in our Call Center or After-Sales. Khomp uses tools like TeamViewer, which comply with legal data protection requirements (https://www.teamviewer.com/pt-br/). Accessed data is only for problem resolution; no unnecessary data is processed. The legal basis for data processing is consent and legal obligation compliance.

We may process your Personal Data, such as name, email, phone, from accessing our customer service channels via CHATBOT, through third-party platforms like WhatsApp (https://www.whatsapp.com/legal/). The legal basis for processing data is consent and legal obligation compliance.

In some cases, Khomp products may capture third-party data from the environment ('Third-Party Data'). This data may include facial images, recordings, and audio, classified as personal data. Responsibility for protecting third-party data captured by Khomp products is entirely with the User. Khomp is not responsible for illegal use of collected data, as it cannot manage them.

In some cases, we may use third-party platforms to manage consent of data subjects, such as WSO2 (https://wso2.com/privacy-policy). The legal basis for data processing via consent management tools is legal compliance under Law No. 13.709/2018.

3. With whom do we share your data?

We may share your personal data with any member of our group of companies (subsidiaries, parent companies, and all their controlled entities) as reasonably necessary for the purposes outlined and in accordance with applicable law, observing the legal bases for processing mentioned in this policy.

We may disclose your personal data to insurers and/or professional consultants as reasonably necessary for insurance coverage, risk management, professional advice, or legal proceedings. Additionally, we may disclose data to suppliers as reasonably necessary to provide our products/services and ensure security of the Services, including marketing, customer service, cloud service providers, and network providers.

Financial transactions related to our Services and product/service purchases are processed by our payment service providers, and data is shared only to process payments, refunds, and handle related inquiries.

In addition to specific disclosures mentioned, we may disclose personal data as required to comply with legal/regulatory obligations or to protect vital interests of the Data Subject or another individual.

Khomp and its group companies have offices abroad and use foreign service providers. We may transfer your data internationally for these purposes. Khomp ensures compliance with LGPD via contracts and protective measures. Data you provide may be accessible to operators worldwide.

4. How long do we retain and when do we delete your data?

Personal data is kept only as long as necessary for processing purposes and/or under the appropriate legal basis.

We take measures to ensure information, including personal data, is processed and retained while any of the following apply:

  • During the period the information is used to provide support or service;
  • As required by law, contract, or regulatory obligations;
  • While an account or subscription is active;
  • In products, to ensure functionality and performance, including warranty responsibilities;
  • To comply with applicable laws, including tax and audit purposes;
  • To enforce our rights, including litigation and collections;

5. When can we change the privacy policy?

Khomp may change this policy at any time. Updates are published on our website and Services and can be accessed at any time.

6. What are your rights regarding data protection?

Your main rights under data protection laws are:

  • Right of access;
  • Right to rectification;
  • Right to object to processing;
  • Right to data portability;
  • Right to file claims with competent authorities;
  • Right to withdraw consent.

You have the right to confirm whether we process your personal data and where, as well as to access such data along with additional information. This includes purposes of processing, categories of personal data, and recipients of data. We will provide a list of your personal data if third-party rights are not affected.

In some circumstances, you may request deletion of personal data without undue delay, such as: (i) data is no longer necessary for the purposes collected; (ii) withdrawal of consent; (iii) objection to processing; (iv) marketing purposes; (v) data processed illegally. Exclusions include freedom of expression, legal obligations, legal proceedings, or Khomp's legitimate interest.

The Data Subject can object to data processing, except when processing is necessary for public interest or legal authority, or legitimate interests of third parties. Khomp reserves the right to process data for its legitimate interest, legal defense, or administrative/legislative claims while safeguarding Data Subject rights.

You have the right to object to processing for direct marketing purposes. If you do so, we will stop processing your personal data for this purpose.

If you believe your data processing violates the law, you may request Khomp to immediately stop such processing.

When the legal basis is consent, you may revoke it at any time. Withdrawal does not affect the legality of prior processing.

According to your Services, you may audit Khomp's compliance with this Privacy Policy at your expense by sending a written request, including a detailed audit plan, at least six weeks before the proposed audit. Khomp and you will cooperate to finalize the audit plan.

Audit may be conducted once per 12 months, during business hours, without interfering with Khomp's activities. If using a third-party auditor, approval is required and confidentiality agreements must be in place. After the audit, you provide a copy of the report, classified as confidential under your contract with Khomp.

7. Cookies, identifiers, trackers, and third-party information

A cookie is a file containing an identifier (letters and numbers) sent from a web server to a browser and stored by the browser. The identifier is sent back to the server each time the browser requests a page from that server.

Cookies may be 'persistent' or 'session' cookies. Persistent cookies are stored until expiration or deletion. Session cookies expire at the end of the session when the browser is closed.

Cookies typically do not contain personally identifying information, but personal information we store may be linked to data obtained from cookies.

We use cookies for the following purposes:

  • Authentication - to identify you when using our Services;
  • Status - to determine if you are logged in;
  • Personalization - to store preferences and personalize Services;
  • Security - to protect accounts, prevent credential misuse, and protect Services;
  • Advertising - to display relevant ads;
  • Analytics - to analyze site and service performance;
  • Cookie consent - to store your general cookie preferences.

Our service providers use cookies, which may be stored on your computer when using Services.

We use Google Analytics to analyze website usage. Google Analytics collects information via cookies and generates reports. Privacy policy: https://policies.google.com/privacy.

We display interest-based ads via Google AdSense, customized to reflect your interests. Google tracks your behavior across our Services and other websites using cookies.

We use Google Tag Manager to create and update Google tags. Privacy policy: https://policies.google.com/privacy.

Most browsers allow you to refuse or delete cookies. Methods vary by browser and version.

Blocking all cookies may negatively impact usability. Some Services features may not function if cookies are blocked.

We also use mobile device identifiers to track device data and activities. They collect personal (access control) and non-personal data (usage and traffic).

We also use Web Beacons to manage site content effectiveness, track email responses, and improve behavioral advertising.

Some Services may include social media features, like Facebook 'Like' buttons or sharing widgets. Using them may result in personal data being shared with Khomp and third parties, covered by this Privacy Policy and third-party policies.

We may use third-party tools and social media to gather information about you (e.g., name, company) and enrich personal data using publicly available information.

8. Online Behavioral Advertising

Some ads ('Behavioral Advertising') use tracking tools to collect information on users' online activities over time on our Services and other non-affiliated sites. Ads are tailored to users' interests inferred from activity. Third parties may provide advertising, traffic measurement, and marketing analytics services to deliver effective advertising.

9. Support

Customer support is available to all Khomp users. Registration for Support, including CHATBOT use, identifies individuals to provide requested support. Collected information is processed under this Privacy Policy.

The USER commits not to send or share via CHAT content that:

  • Contains illegal, harmful, threatening, inappropriate, abusive, offensive, racist, or hateful content;
  • Violates fundamental rights, freedoms, or the law;
  • Contains false or misleading information;
  • Violates intellectual property or trade secrets without consent;
  • Contains viruses or harmful elements;
  • Uses offensive or abusive language;
  • Contains illegal activity or incitement;
  • Disrupts technical procedures or normal chat function;
  • Harasses, threatens, defames, or causes inconvenience to others;

Khomp does not control content transmitted via Support. Khomp reserves the right to review or block content violating these Terms of Use at its discretion.

To ensure compliance, Khomp may restrict or remove access to Support for misuse, pranks, abusive language, false identification, among others.

10. International data transfer

We may transfer personal data to other countries when using foreign partners or suppliers responsible for receiving and complying with laws.

Khomp reserves the right to restrict or remove Support access in cases of misuse, pranks, abusive language, false identification, among others.

International transfers are for the purpose communicated to the Data Subject and for the duration set by contract or law, compliant with applicable legislation, especially LGPD.

11. Privacy Committee

You may exercise your rights, request clarifications, and make inquiries about this Privacy Policy via email: dpo@khomp.com. Data Protection Officer: Emelina Moia Blanco

12. Incidents

Khomp promptly evaluates and responds to incidents that may compromise Personal Data.

If Khomp becomes aware of any incident involving Personal Data, it will notify you and competent authorities.

13. Our information

The Services are owned and operated by Khomp. Khomp is registered under CNPJ/MF 01.277.298/0001-44, headquartered at Rua Joe Collaço, 253, Santa Mônica, Florianópolis/SC, ZIP 88.037-010.