Política de Privacidade e Proteção de Dados

Home / Política de Privacidade e Proteção de Dados

1. Introduction

This Privacy Policy aims to demonstrate Blanchet Advogados’ commitment to protecting personal data, in accordance with the General Data Protection Law (Law No. 13.709/2018 – LGPD), as well as to transparently inform how data is collected, used, shared, and stored.  

2. Definitions

  • Website User: Natural person who accesses and/or registers on Blanchet Advogados’ website.
  • Third Party: Natural or legal person who visits the website and/or Blanchet Advogados’ physical premises, as well as those who register for events promoted or disclosed through the website.
  • Data Subject: Natural person to whom the personal data being processed refers, such as registered users of the website, visitors, clients, representatives of legal entities, service providers, and registrants of events promoted by Blanchet Advogados.
  • Personal Data: Information related to an identified or identifiable natural person, directly or indirectly.
  • Sensitive Personal Data: Special category of personal data, referring to racial or ethnic origin, religious belief, political opinion, union membership or affiliation with a religious, philosophical, or political organization, data concerning health or sex life, genetic or biometric data, when linked to a natural person.
  • Processing: Any operation carried out with personal data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, evaluation, information control, modification, communication, transfer, dissemination, or extraction.
  • Controller: Natural or legal person, public or private, responsible for decisions regarding the processing of personal data.
  • Processor: Natural or legal person, public or private, who processes personal data on behalf of the Controller.
  • Data Protection Officer (DPO): Person appointed by the Controller to act as a communication channel between the Controller, data subjects, and the National Data Protection Authority (ANPD).
  • Website: Refers to the electronic address https://www.blanchetlaw.com.br/ and its subdomains.
  • Cookie: Small data files stored in your browser, device, or accessed page. Some are deleted once the browser is closed, while others remain saved to identify the user in future visits to the website.
 

3. Scope of this Policy

This Policy applies to all natural persons whose personal data is processed by Blanchet, including but not limited to clients, employees, suppliers, partners, job applicants, website visitors, and other data subjects.  

4. Personal Data Collected

We collect the following personal data, depending on the relationship with the data subject:
  • Identification data: name, ID, CPF, date of birth, nationality, marital status, driver’s license, passport, voter registration, PIS, work card, signature, registration number, photos and images (including CCTV).
  • Contact data: personal and/or corporate email, phone number, residential and/or business address.
  • Professional data: position, company, department, profession, professional registration (e.g., OAB, CRC), cost center, activity and project history, admission and termination data, performance evaluation, and résumé.
  • Financial data: salary, bank details, FGTS, payroll loan, credit card (when applicable to partners).
  • Sensitive data: racial origin, union membership, health data and medical certificates, disability, digital biometrics, or when strictly necessary and with appropriate legal basis.
  • Browsing data: IP address, cookies, geolocation, pages accessed, access origin, browser type, area of interest, participation in events, videos, and publications.
 

5. How Data is Collected

Data may be collected in the following ways:
  • Directly from the data subject, through forms or communications.
  • Through browsing our website.
  • During the provision of legal services.
  • At events, meetings, or recruitment processes.
 

6. Purposes of Processing

Personal data is processed for the following purposes:
  • Provision of legal services.
  • Compliance with legal and regulatory obligations.
  • Contract management and relationship with clients and partners.
  • Institutional communication and distribution of relevant content.
  • Analysis and improvement of our services and website.
  • Recruitment and selection of candidates.
 

7. Sharing of Personal Data

Your data may be shared with:
  • Partner law firms, including abroad, and legal correspondents.
  • Suppliers and service providers, such as technology providers, consultancies, event agencies, security, corporate education, communication, and document storage.
  • Clients and financial institutions, as necessary for contract execution or accreditation processes.
  • Public authorities, government entities, or regulatory bodies, under legal or regulatory obligation.
  • Research companies and legal directories, respecting professional confidentiality.
Whenever possible, data will be anonymized or processed based on instructions and under the responsibility of the Controller.  

8. Data Transfer

  • Use of cloud platforms: We use cloud systems and platforms for data storage and processing, currently on servers located in Brazil, the backup country of our service provider. In such cases, we ensure that transfers occur with appropriate security and compliance measures, such as specific contractual clauses, standard clauses, and other safeguards required by applicable law, ensuring the protection of transferred personal data.
  • Relationship with foreign clients or provision of services abroad: International transfer may occur when the data subject is foreign or when legal services are provided to clients located outside Brazil. In such cases, data will be shared strictly for contract execution and in accordance with legitimate purposes previously established. We will also adopt appropriate technical and legal measures to ensure that personal data is adequately protected in the destination country.
 

9. Data Retention Period

Personal data is stored for as long as necessary to fulfill the purposes for which it was collected, observing legal, contractual, and regulatory deadlines. After fulfilling these purposes or upon request by the data subject, data will be securely deleted, unless there is a legal basis for its retention.  

10. Rights of Data Subjects

As a data subject, you have the following rights:
  • Confirmation of the existence of processing.
  • Access to data.
  • Correction of incomplete, inaccurate, or outdated data.
  • Anonymization, blocking, or deletion of unnecessary data or data processed in non-compliance.
  • Data portability.
  • Withdrawal of consent.
  • Information about data sharing.
  • Objection to processing in case of LGPD violation.
To exercise your rights, contact us through the channel indicated in item 13.  

11. Use of Cookies

We use cookies on our website and authorize certain third parties to use them in order to enable platform functionality, understand how users interact with the website, and improve their browsing experience. This information helps us provide a more personalized service and enhance our products and features. The cookies we use can be classified as:
  • Operational cookies: essential for proper website functioning, allowing, for example, access to restricted areas. They are temporary and automatically deleted when the browser is closed.
  • Performance cookies: help us identify the number of visits and how visitors navigate the website, contributing to continuous improvements in structure and content. They are also temporary and end when the browser is closed.
  • Consent pop-up cookie: we use a specific cookie to check whether you have already viewed and responded to our cookie notice.
  • Tracking cookies: may be set on our website by business partners. These companies use them to build a profile based on your interests and display personalized ads on other websites. They do not directly collect personal data but operate based on the unique identification of your browser and internet access device.
 

12. Information Security

We adopt appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, and destruction, such as:
  • Restricted access control to authorized persons, according to role necessity.
  • Secure storage on own or contracted servers.
  • Periodic training and governance and compliance mechanisms.
Although we adopt best practices, no platform is completely secure. If you identify any risk or suspected violation, contact us immediately.  

13. Communication Channel

For questions, requests, or to exercise your rights as a data subject, contact our Data Protection Officer (DPO):
  • DPO: Thiago da Silva Moura
  • Email: dpo@blanchetlaw.com.br
  • Phone: +55 11 4561-1422 +55 11 3251-1422
 

14. Policy Updates

This Policy may be updated periodically to reflect changes in legislation or our internal processes. The most recent version will always be available on our website.   Last update: June 2025.