top of page

Appointment of the Data Protection Officer

DR SERVIÇOS DE INFORMAÇÃO DA INTERNET LTDA, known as “Controller”, appoints as Person in Charge of Personal Data Processing, pursuant to art. 41 of the General Law for the Protection of Personal Data (LGPD), lawyer ESTEVÃO SCHULTZ CAMPOS, registered with the Brazilian Bar Association – São Paulo Section under n. 343.619, located at Rua Pastor Hugo Gegembauer, 265 - Parque Ortolândia, Hortolândia - SP, telephone (11) 952240870, e-mail:estevao@drtransformacaodigital.com.br.

The appointment is retroactive to April 1, 2022, and will last for 12 months.

Attributions and tasks of the Person in Charge of Personal Data Processing

The Person in Charge of Personal Data Processing will perform the following tasks in accordance with art. 41 of the General Law on the Protection of Personal Data:

  • inform and advise the Controller and its collaborators who carry out data processing operations about their obligations under the General Law for the Protection of Personal Data (LGPD) and any applicable data protection law;

  • monitor compliance with the General Law for the Protection of Personal Data (LGPD) and any other provisions applicable to data protection;

  • monitor the Controller's strategies for the protection of personal data, including the allocation of responsibilities, awareness, and training of personnel involved in data processing operations and related checks;

  • upon request, advise the Controller in carrying out an impact assessment on data protection and its implementation, pursuant to the General Law for the Protection of Personal Data (LGPD);

  • cooperate with the National Data Protection Authority;

  • act as the point of contact for the National Data Protection Authority in matters related to the processing of personal data, including prior consultations on the impact assessment on data protection under the terms of the General Law for the Protection of Personal Data (LGPD), when appropriate, advising on all other matters;

  • act as a point of contact for the exercise of data subject rights under the General Law for the Protection of Personal Data (LGPD) and process your queries related to data processing activities;

  • perform the other attributions determined by the Controller in art. 41 of the General Data Protection Law or established in complementary rules;

  • participate in meetings of the Privacy Management Committee for joint decision-making.

 

Position of the Person in Charge of Data Processing

 

In the exercise of his duties, the Person in Charge of Personal Data Processing:

  • shall always report directly to the Controller's highest management level;

  • participate in meetings and activities of the Privacy Steering Committee and other relevant departments of dr serving as a conduit between departments and senior management;

  • shall act autonomously and independently in all its tasks;

  • will not have any power to represent the Controller;

  • will not carry out tasks as a Person in Charge of the Processing of Personal Data that characterize a conflict of interests.

 

In this sense, the Person in Charge of the Processing of Personal Data confirms, by signing this letter, that his appointment will not result in any conflict of interest.

The Person in Charge of Personal Data Processing also undertakes to notify the Controller immediately, in any case, without undue delay, in the event of a conflict of interest in the future.

Controller Duties

The Controller undertakes to:

  • provide the Person in Charge of the Processing of Personal Data with all the necessary means, financial resources, and personnel, in order to allow the proper performance of its tasks and functions;

  • promptly involve the Person in Charge of Personal Data Processing in all matters relating to the protection of personal data;

  • refrain from providing instructions on how the Person in Charge of Personal Data Processing must carry out its tasks;

  • refrain from removing or penalizing the Person in Charge of the Processing of Personal Data as a result of carrying out their tasks;

  • verify that the Person in Charge of Personal Data Processing performs their tasks autonomously and independently;

  • refrain from assigning tasks to the Person in Charge for the Processing of Personal Data that may lead to, or result in, a conflict of interests;

  • decide without delay on taking appropriate measures and measures to mitigate damages, addressing violations and incidents, communications to the public and authorities, and other executive decisions about privacy and data protection brought to senior management by the Data Controller of Personal Data;

  • decide without delay on taking appropriate measures, mitigating damages, and addressing risks, violations, incidents, and other issues related to information security, privacy, and data protection brought to the top management by the Person in Charge of Personal Data Processing;

  • approve releases, communications, and responses to authorities and the general public;

  • keep the contact details of the Person in Charge for the Protection of Personal Data available to the public.

 

The name and contact details of the Person in Charge of Personal Data Processing (corporate name, address, telephone, e-mail) will be shared by the Controller and, when necessary, officially communicated to the National Data Protection Authority and the public.

 

Finally, the e-mail address of the Person in Charge of Personal Data Processing is provided so that the Data Holders can exercise their rights:estevao@drtransformacaodigital.com.br.

 

DR COMÉRCIO E LICENCIANO DE SOFTWARE E SISTEMAS LTDA. – ME

P. Bruna Carrilho, managing partner

  

doctor ESTEVÃO SCHULTZ CAMPOS

Data Officer

bottom of page