Privacy policy - GDPR

This Policy and its respective updates shall prevail over all policies, proposals, contracts, previous understandings and agreements, whether in oral or written form, that may exist between the parties dealing, directly or indirectly, on the subject of privacy.

The solutions contained on the website https://www.shipsupply.com.br/ (or simply “Platform”) are made available by ShipSupply & Crew (ShipSupply), a private limited company, registered with the CNPJ/MF (Coporate Taxpayer ID) under no. 34.639. 910/0001-30, with headquarters at Rua Cascais, 106 – Penha Circular, Rio de Janeiro – RJ, Brazil.

A. Introduction

The privacy of our website visitors is very important to us, so we are committed to taking all the steps in order to preserve it. This policy explains what we will do with your personal data. By consenting to the use of cookies according to the terms of this policy, when you access our website for the first time, you will allow us to use cookies every time you access our website.

B. Personal data collection

∙ information on your computer, including your IP address, geographical location, browser type and version and operating system;
∙ information about your visits and use of this website, including reference source, page visit duration and views, as well as navigation paths on the site;
∙ information such as the email address you type as you register to our site;
∙ information you type as you create a profile on our site – for example, your name, profile photos, gender, date of birth, relationship status, interests and hobbies, educational and employment information;
∙ information such as your name and email address you type as you configure subscriptions of our emails and/or newsletters;
∙ information you type as you use the services on our site;
∙ information generated as you use our website, including when, how often and under what circumstances you use it;
∙ information regarding everything you buy, services you use or transactions you make through our site, including name, address, telephone number, email address and credit card details;
∙ information you post on our site with a view to posting it on the internet, including your username, profile pictures and the content of your publications;
∙ information contained in any communications you send to us by email or through our site, including the content and metadata of such communication;
∙ any other personal data you send us.

Before disclosing personal data from third parties to us, you must obtain consent from such third party to the disclosure and processing of such personal data, in accordance with this policy.

C. Use of your personal data

The personal data sent to us through our site will be used for the purposes specified in this policy or on the relevant pages of the site. We may use your personal data for the following purposes:

∙ to manage our site and our businesses;
∙ to customize our site for you;
∙ to enable the use of the services available on our site;
∙ to send products purchased through our site;
∙ to provide services purchased through our site;
∙ to send statements, invoices and payment reminders, as well as to collect your payments;
∙ to send marketing communications;
∙ to send email notifications specifically requested by you;
∙ to send our newsletter by email, in case you have requested it (if you no longer wish to receive the newsletter, you may inform us at any time);
∙ to send marketing communications regarding our business or carefully selected third-party business we believe will be of your interest, by mail or, where you specifically agreed to do so, by email or similar technology (if you no longer wish to receive marketing communications, you may inform us at any time);
∙ to provide statistical data about our users to third parties (but such third parties will not be able to identify any individual users from such data);
∙ to deal with questions and complaints made by or about you regarding our site;
∙ to keep our site safe and to prevent fraudulent actions;
∙ to verify the compliance with the terms and conditions that govern the use of our site (including monitoring private messages sent through our private messaging service);
∙ and other uses.

If you send personal data for publication on our site, we will publish them and use such data in accordance with the consent you have granted us.

Your privacy settings may be used to limit the publication of your data on our site and adjusted through by using the privacy controls on the site. Without your express consent, we will not provide your personal data to third parties for direct marketing purposes by them or by third parties.

D. Disclosure of personal data

We may disclose your personal data to any of our employees, executives, insurance companies, professional consultants, agents, suppliers or subcontractors as reasonably necessary for the purposes set out in this policy.

We may disclose your personal data to any member of our group of companies (that means our subsidiaries, our holding company and all of its subsidiaries) as reasonably necessary for the purposes set out in this policy.

We may disclose your personal data:

∙ to the extent we are required to do so by law;
∙ in relation to any ongoing or potential lawsuit;
∙ to establish, exercise or defend our legal rights (including to provide data to third parties in order to prevent from fraudulent action and to reduce credit risk);
∙ to the buyer (or potential buyer) of any business or asset that we may be selling (or considering the possibility of selling);
∙ and to any person that we have reasons to believe may request a court or other relevant authority to disclose such personal data when, in our reasonable opinion, it is likely that such court or authority will order the disclosure of such personal data.

Except as per this policy, we will not provide your data to third parties.

E. Cross-border data transfer

The data we collect may be stored, processed and transferred to any of the countries in which we operate, in order to allow us to use such data according to this policy.

The data we collect may be transferred to the following countries that do not have data protection laws equivalent to those in force in the European Economic Area: The United States of America, Russia, Japan, China and India.

The personal data you post on our site or send for publication on our site may be available worldwide, via the Internet. We are not able to prevent the use or misuse of such data by third parties.

You expressly agree to the transfers of personal data as described in this section E.

F. Retention of personal data

This section F establishes our data retention policies and procedures, designed to help ensure that we are in compliance with our legal obligations as regards the retention and deletion of personal data.

The personal data we process for any purpose or purposes shall not be kept any longer than the necessary for such purpose or purposes.

Without prejudice to article F-2, we will generally delete personal data that belong to the categories as established below on the date/time as follows:

∙ type of personal data will be deleted;

Notwithstanding the other provisions of this section F, we will retain documents (including digital documents) that contain personal data:

∙ to the extent we are required to do so by law;
∙ in case we believe the documents may be relevant to any ongoing or potential lawsuit;
∙ and to establish, exercise or defend our legal rights (including to provide data to third parties in order to prevent from fraudulent action and to reduce credit risk);

G. Safety of your personal data

We will take the due technical and organizational precautions to prevent the loss, misuse or alteration of your personal data. We will store all of your personal data provided on our secure servers (password and firewall protected).

All electronic financial transactions carried out through our website will be protected by encryption technology.

You acknowledge that data transmission over the Internet is inherently insecure and we cannot guarantee the security of data sent over the Internet.

You are responsible for keeping the password used to access our site confidential; we will not ask for your password (except when you log in to our site).

H. Amendments

We may update this policy from time to time, by posting a new version on our site. You should occasionally check this page to make sure you understand any changes to this policy. We may notify you of amendments to this policy by email or through the private messaging system on our site.

I. Your rights

You may instruct us to provide any personal data we hold about you and the provision of such data will be subject to the following:

∙ provision of proper evidence of your identity (for such purpose, we will generally accept a certified copy of your passport, in addition to an original copy of a service invoice that shows your current address).

We may retain the data information requested to the extent permitted by law.

You can instruct us, at any time, not to process your personal data for marketing purposes.

Actually, in general you will expressly agree in advance with the use of your personal data for marketing purposes, or we will offer you the opportunity to not allow the use of your personal data for marketing purposes.

J. Third-party sites

Our site includes links to details of third-party sites. We have no control over, nor are we responsible for the privacy policies and practices of third parties.

K. Update of data

Please let us know whether the personal data we hold about you needs to be corrected or updated.

L. Cookies

Our site uses cookies. A cookie is a small text file containing an identifier (a sequence of letters and numbers) that is sent by a web server to a browser and stored by the browser. The identifier is then sent back to the server every time the browser requests a page from the server.

Cookies can be persistent or session cookies:

∙ a persistent cookie will be stored by a browser and will remain valid until the expiration date set, unless it is deleted by the user before the expiration date;
∙ a session cookie, on the other hand, will expire at the end of the user’s session, as soon as the browser is closed.

In general, cookies do not contain any data that personally identifies a user, but the personal data we store about you may be linked to data stored and obtained from cookies. We use the following on our site:

∙ session cookies;
∙ persistent cookies;
∙ persistent and session cookies;
You will find the names of the cookies we use on our site and the purposes for which they are used below:

∙ we use Google Analytics and Adwords on our site to recognize a computer when a user accesses the site;
∙ track users as they browse the site;
∙ allow the use of a shopping cart on the site;
∙ improve the usability of the site;
∙ analyze the site usage;
∙ manage the site;
∙ prevent fraudulent action and improve the security of the site;
∙ customize the site for every user;
∙ target ads that may be of particular interest to specific users;
∙ with a view to providing the best navigability and experience possible.

Most browsers allow you to refuse to accept cookies. For example:

∙ with the Internet Explorer (version 10), you can block cookies by using the cookie cancellation settings available by clicking on “Tools”, “Internet Options” “Privacy” and “Advanced”;
∙ with the Firefox (version 24), you can block all cookies by clicking in “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu and unchecking the “Accept cookies from websites” box;
∙ and with Chrome (version 29), you can block all cookies by accessing the “Customize and control” menu and clicking “Settings”, “Advanced” and “Site settings” and then selecting “Block third-party cookies” in the “Cookies and site data” section.

Blocking all cookies will result in a negative impact on the usability of many sites. If you block cookies, you will not be able to use all of our site’s features.

You can delete cookies that are already stored on your computer. For example:

∙ with the Internet Explorer (version 10), you must delete the cookie files manually (see instructions on how to do so at http://support.microsoft.com/kb/278835);
∙ with the Firefox (version 24), you can delete cookies by clicking in “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” and selecting “Show cookies” and then “Remove all cookies”;
∙ and with Chrome (version 29), you can delete all cookies by accessing the “Customize and control” menu and clicking “Settings”, “Advanced”, “Clear browsing data” and then selecting “Delete cookies and other sites and plugin data” before clicking “Clear browsing data”.

Deleting cookies will result in a negative impact on the usability of many sites.

M. DATA OF CHILDREN UNDER 13

Processing children’s personal data: We do not collect or knowingly request personal data from children under the age of 13. If we become aware that we have collected personal data from children under the age of 13, we will cancel the relevant accounts created and delete their personal data, and we can only keep personal data that are intended to prevent another attempt to register.

N. RIGHTS REGARDING YOUR PERSONAL DATA Rights and Guarantees: the User has rights and guarantees as regards their personal data. We provide mechanisms, as detailed below, so that Users have clarity and transparency when exercising of their rights. Whenever necessary, our team will be ready to analyze possible requests.

Rights Provided for in the LGPD (GDPR): pursuant to the General Data Protection Law (no. 13.709/2018) (“GDPR”), you have the right to:

∙ confirm that we have processed your personal data; access your personal data;
∙ request the correction of incomplete, inaccurate or out-of-date data;
∙ request the anonymization, blocking or deletion of unnecessary, excessive or processed personal data in noncompliance with the provisions of the GDPR;
∙ request the portability of your personal data to other service provider or product supplier, subject to our commercial and industrial secrets, pursuant to the regulation by the Brazilian Data Protection Authority;
∙ request the deletion of the personal data processed with your consent, except in the cases of conservation of personal data provided for in the GDPR;
∙ request information about who we share your personal data with;
∙ request information about the possibility of denying your consent and the consequences of such denial; revoke your consent for the processing of your personal data, where there is processing based on your consent;
∙ express objection to any treatment that violates the GDPR.

Additional Data: before we respond to a request to exercise the rights mentioned above, we may ask you to provide us with some data to confirm your identity.

O. SPAM PRACTICES

Our position: We are against any and all practices that promote SPAM of any kind and we are committed to ensuring that messages sent by the Platform are always of interest or importance to the relevant recipients. Moreover, at any time you can choose to stop receiving emails by adjusting your emails preferences or canceling your account.

Particular guidelines: Likewise, we strongly request that our Users do not practice SPAM, to make sure that the messages sent are always of interest to the recipient, being hereby aware that failure to observe the best Internet use practices may result in the cancellation of the User’s account of the offender, as defined in the Terms of Use, as well as the disclosure of personal Registration data, pursuant to this Privacy Policy.

P. INFORMATION AND QUESTIONS

Questions on the Policy or on Your Personal Data: If, after reading this Policy, you have any questions or want to submit a request regarding your personal data, you may contact our privacy team or our Supervisor through: contato@shipsupply.com.br / (+55 21) 3593-4554.