Privacy Policy

ABOVEMAP keeps all personal data it collects for as long as necessary to provide the services made available to its customers and for legitimate and essential business purposes.

ABOVEMAP may collect data directly or through other channels such as customer relationship portals, order channels, sales, recruitment processes, social networks, business partners, and cookies.

ABOVEMAP may also obtain personal information about individuals from other publicly or commercially available sources it considers reliable.

• •Serve ABOVEMAP’s legitimate interest, including those inherent to employment agreements.
• •Respond to bids and requests for proposals that require personal data and employee certifications in order to demonstrate technical knowledge.
• •Prepare contracts, terms, and agreements.
• •Operationalize contracts, authorizations, terms, and agreements.
• •Provide services, products, or information described in executed contracts.
• •Comply with legal obligations.
• •Comply with ancillary obligations linked to contracts signed with Data Subjects.
• •Maintain relationships with the Data Subject.
• •Send messages by email, proprietary apps, or messaging applications.
• •Provide support for data subject requests.
• •Improve services offered to Data Subjects.
• •Set up and manage user accounts in assets, systems, portals, and applications.
• •Apply terms of use for systems, applications, and portals.
• •Provide assistance, support, and training to users of systems, portals, and applications.
• •Prevent and resolve technical or security issues.
• •Offer and suggest access to content, news, training, and workshops promoted by the ABOVEMAP GROUP.
• •Maintain compliance, internal controls, and internal and external audits.
• •Ensure the security of access to ABOVEMAP buildings and physical locations and its property when we collect visitor data.
• •Improve and personalize the user experience when using services.
• •Analyze service usage by system users.
• •Conduct management, statistical, and analytical evaluations, anonymizing data whenever applicable.
• •Conduct satisfaction and market research.
• •Improve the products and services offered.
• •Reach Data Subjects through marketing actions within legally permitted parameters.
• •Protect ABOVEMAP’s rights and property and exercise the right of defense in legislative, normative, or regulatory instances.
• •Prevent, detect, and contribute to the investigation of fraud, legal violations, and matters arising from notices by judicial authorities, police, regulators, and governmental institutions.
• •Provide, whenever requested by the data subject, information about the collection, processing, archiving, handling, and deletion of their data.
• •Provide, maintain, protect, improve, and develop new services.
• •Use information to send communications such as updates, alerts, and newsletters related to our services.

Your collected data may be shared with partners, third-party partners, suppliers, auditors, authorities, and regulatory bodies for different purposes whenever necessary. These sharing operations are covered by commercial agreements and contractual clauses on information security and data protection.

Whenever carried out, the sharing of personal data will occur within the limits and purposes of our business and in accordance with applicable law.

Your collected data will be retained for the duration of the contractual relationship and, after its end, within the limits permitted by applicable laws, for as long as necessary to fulfill the purposes set out in this Privacy Policy, protect ABOVEMAP from legal claims, and manage our business.

The personal data collected and processed is stored on servers and/or on-premises cloud infrastructure, colocation environments, or providers hired to deliver this type of service to ABOVEMAP, in secure environments and in accordance with market best practices.

Some or all of your personal data may be transferred abroad, for example when stored on cloud computing servers located outside Brazil. For this purpose, ABOVEMAP complies with all requirements established by current legislation and adopts best security and privacy practices.

ABOVEMAP, considering the nature of its Information Technology operations and aware of the importance of strengthening management and governance controls to ensure the integrity, protection, and confidentiality of information, maintains an Information Security Policy that defines guidelines to protect your information based on legal, contractual, and business requirements.

In addition to these measures, all employees are trained to adopt methods, procedures, and safeguards to protect the data we collect. We make reasonable efforts to protect Data Subjects’ data, but due to the nature of the internet and the existence of malicious actors, we cannot guarantee that improper access will never occur. If that happens, the procedures established by the General Data Protection Law will be followed, including notification to the National Data Protection Authority and to the Data Subject whenever the security incident may result in risks or damage.

ABOVEMAP also states in its Code of Conduct that, in case of non-compliance with this Privacy Policy, an investigation process will be initiated and, after verification and assessment, the applicable penalties will be imposed according to the severity of the act.

Websites and applications used by ABOVEMAP or third-party providers may use cookies to collect information about user activities in applications, websites, or other services, according to their function and purpose.

Occasionally, ABOVEMAP may unilaterally change the content of this Privacy Policy as required by purpose, necessity, or legal compliance with laws or regulations of equivalent legal force, and it is the data subject’s responsibility to review it whenever accessing the site.

Therefore, it is essential that every individual make sure to read any communication sent by ABOVEMAP carefully. Such communication occurs through the registered email address, which the data subject declares to be their own and valid for communication purposes.