• According with the Brazilian’s General Data Protection Law (LGPD), this policy was established by UNIVERSAL Armazéns Gerais e Alfandegados and provides guiding principles for members of Universal’s data privacy governance structure, involving those responsible for controlling organization, directors, managers, employees, etc. The principles aim to guide actions of good practice regarding the acceptable use and treatment of personal data in the context of Universal’s business processes and the protection of fundamental rights of freedom and privacy. In addition to the free development of the personality of the natural person, taking into account the protection of personal data, the following grounds:

  • Respect for privacy;

  • Informative self-determination;

  • Freedom of expression, information, communication and opinion;

  • The inviolability of intimacy, honor and image;

  • Economic and technological development and innovation;

  • Free initiative, free competition and consumer protection; It is

  • Human rights, the free development of personality, dignity and the exercise of citizenship by natural persons.

  This policy applies to the processing of personal data collected by Universal, directly or indirectly, from all individuals,including, but not limited to, current, future or potential job applicants, employees, customers, suppliers, contractors/subcontractors, business partners, shareholders or any third party, with “Personal Data” defined as any data that relates to an identified or identifiable individual or a person who can be identified by means reasonably likely to be used.

  All of Universal’s data processing operations are in line with the hypotheses provided for in the LGPD, the so-called legal bases for the processing of personal data.

  These hypotheses are:* Upon the provision of consent by the holder; * To comply with a legal or regulatory obligation by Universal; * When necessary for the performance of a contract or preliminary procedures related to a contract towhich the data subject is a party, at the request of the data subject;* For the regular exercise of rights in judicial, administrative or arbitration proceedings, the latter pursuant to Law No. 9,307, of September 23, 1996 (Arbitration Law);* For the protection of the life or physical safety of the holder or a third party;* When necessary to meet the legitimate interests of Universal or a third party, except in the event that the holder’s fundamental rights and freedoms prevail that require the protection of personal data;For credit protection, including the provisions of the relevant legislation.

   

  1. Processing of Personal DataThe treatment of personal data by Universal will consider the treatment hypotheses described above, as well as observe good faith and the other principles established in the legal system:Purpose: processing for legitimate, specific, explicit and informed purposes, without the possibility of further treatment in a way that is incompatible with those purposes. Further processing will only be possible if it is compatible with these purposes and purposes. In the case of the organization, the purpose is related to the execution of its daily activities linked to its core activity, duly established by law, and with the fulfillment of a legal or regulatory obligation;Adequacy: compatibility of the treatment with the purposes informed to the holder, according to the context of the treatment;Necessity: limitation of treatment to the minimum necessary for the fulfillment of its purposes, with the scope of relevant data, proportional and not excessive in relation to the purposes of data processing;Free access: guarantee, to holders, of facilitated and free consultation on the form and duration of treatment, as well as on the completeness of their personal data;Data quality: guarantee, to the holders, of accuracy, clarity, relevance and updating of the data, according to the need and for the fulfillment of the purpose of its treatment;Transparency: guarantee, to holders, of clear, precise and easily accessible information about the processing and the respective treatment agents, observing commercial and industrial secrets;Security: use of technical and administrative measures able to protect personal data from unauthorized access and accidental or illegal situations of destruction, loss, alteration, communication or dissemination;Prevention: adoption of measures to prevent the occurrence of damage due to the processing of personal data;Non-discrimination: impossibility of processing for illicit or abusive discriminatory purposes;Responsibility and accountability: demonstration, by the agent, of the adoption of effective measures capable of proving compliance validity and compliance with personal data protection rules, including the effectiveness of these measures.

   

• 2. CollectionCollection is one of the processing operations that can be carried out with the personal data of the holders. Considering that data processing can be represented by a life cycle, this operation represents the initial step responsible for obtaining the personal data of the citizen (data subject).Bearing in mind that the collection is the initial operation for the processing of personal data, the performance of such an operation by the institution should only be carried out by meeting the treatment hypotheses, security measures, principles, rights of the holder and other rules provided by the Brazilian’s LGPD.

  3. Holder’s RightsUniversal will respond to requests from holders of personal data, who may obtain, through a request:-Confirmation of the existence of processing of personal data by Universal;Access to the holder’s personal data;-The correction of incomplete, inaccurate or outdated data;-The anonymization, blocking or deletion of unnecessary, excessive or processed data in violation of the applicable legislation;-The portability of data to another service or product provider, upon express request, in accordance with current legislation, observing commercial and industrial secrets. -This portability does not include data that has already been subject to anonymization;-The deletion of personal data processed with the consent of the holder, except when necessary to comply with a legal/regulatory obligation of Universal;-Information from public and private entities with which Universal shared data use;-Information about the possibility of not providing consent and the consequences of the refusal;-The revocation of consent when all treatments previously carried out will be considered normally;-The review of decisions taken solelyon the basis of automated processing of personal data, which consequently affect the interests of data subjects, with regard to decisions aimed at defining their professional, consumption, credit profile, or aspects of your personality;The opposition tothe treatment carried out based on one of the hypotheses of waiver of consent.

  4. Policy UpdateUniversal may update this policy from time to time as business changes or legal requirements change. Significant changes to this policy will be posted on Universal’s website when they become effective.

   

• 5. CookiesAs with many companies, some of our websites may use “cookies”. Cookies are pieces of text that are placed on your computer’s hard drive when visiting certain websites. Universal may use cookiesto inform, for example, if the internet user has visited the site before. Cookies can enhance your online user experience by saving your preferences while visiting the site.Universal has a cookie policy that tells you how we use cookies and how to disable them. Where required by law, you may visit the website and refuse the use of cookies at any time on your computer.

  6. Information SecurityUniversal adopts appropriate technical and organizational measures to protect the personal data of holders against accidental or illegal alteration or loss, or from unauthorized use, disclosure or access. It is Universal’s commitment to satisfy applicable data safeguard requirements that are based on privacy by design and privacy by default.Universal conducts a privacy impact assessment to adopt adequate safeguards to ensure the protection of personal data. It develops a Personal Data Protection Impact Report (RIPD) which represents a fundamental document in order to demonstrate the personal data that is collected, processed, used, shared and what measures are adopted to mitigate the risks that may affect civil liberties and fundamental rights of the data subjects.

  7. Exercise of the Holder’s RightsAny doubts regarding any personal data processing operation carried out by Universal, in addition to any complaints, communications and requests for clarification may be forwarded to our data controller José Claudio Rodrigues Junior dpo@uaga.com.br.Cookie Use PolicyUNIVERSAL ARMAZÉNS GERAIS E ALFANDEGADOS is committed to the privacy and security of its customers and business partners throughout the website navigation process. The registration data eventually collected are not sold, exchanged or disclosed to third parties.UNIVERSAL uses cookies and information from your navigation (browser session) in order to draw a profile of the public that visits the website. Throughout this process, keep your information in absolute secrecy. Changes to our cookies privacy policy will be duly informed in this space.

   

   

• ABOUT THE USE OF COOKIES. WHAT DO YOU NEED TO KNOW:

  With the advancement of technology, mechanisms are constantly created for you to make the best use of your web browsing. Thus, when you access a website, small files are downloaded to your computer, making your actions and preferences memorized and the next accesses to be more personalized according to your habits. We will explain below what information is collected, how we use cookies, how important it is to keep them enabled and the commands that must beadopted if you choose to change or disable them on your computer.

  WHAT INFORMATION IS STORED AND HOW DO WE USE COOKIES?

  When accessing our website, to use some options offered by the page, for example, contact us by sending emails or registering, personal data or that of your user are collected by the “cookies” tool in order to ensure that the next accesses are customized according to your choices.These cookies are usually deleted when you leave the website, but in some cases they may remain to remember your preferences when you log out. In this way, whenever you are logged in, such data will be remembered, preventing the need to log in again or enter specific registration information or notifications, valid only for registered or non-registered users, already mentioned in some previous access.

  WHAT ARE THE CONSEQUENCES OF DISABILING COOKIES?

  In most cases, unfortunately, there is no way to disable cookies without completely compromising the aforementioned functionality and features that they add to the site. We recommend that you keep all cookies if you are unsure whether or not you need them to provide a service you use.

  I WANT TO CHANGE OR DELETE THE COOKIES, WHAT SHOULD I DO?

  You can change the established defaults by adjusting the settings. To do this, just consult the “Help” menu of your browser. It is also allowed to delete all cookies already installed on your computer or mobile device, and even activate an option available in most browser programs that prevents their installation. However, we advise you to reflect on whether this is really what you want, since, by changing the configuration, you may compromise or disable certain services and functionalities of this website or of many others that you visit and, consequently, you will have to manually configure some preferences whenever you access a page on the internet.Therefore, we recommend that you do not disable this option.

  MORE INFORMATION

  We hope that your main doubts about cookies have been clarified. However, if you are still looking for more information, please contact José Claudio Rodrigues Júnior at dpo@uaga.com.br.

   

We emphasize again that, in the event that you are still not sure of the best thing to do and, with cookies being linked to the resources you use on the website, keepthem enabled, as this is the safest measure.