Hi service Car
Política de privacidade

This site is maintained and operated by Hi Service Car Locadora de Veículos Ltda. 

We collect and use certain personal data belonging to those who use our website. In doing so, we act as the controller of this data and are subject to the provisions of Federal Law 13.709/2018 (General Personal Data Protection Act – LGPD). 

We ensure protection of your personal data and, therefore, we provide this privacy policy, which contains important information concerning: 

– Who should use our website

– What data we collect and what we do with it; 

– Your rights relative to your personal data; and 

– How to contact us. 

1. Data we collect and reasons for that collection
   Our website collects and uses certain personal data from our users, in accordance with the provisions of this section.
   1. Personal data expressly provided by the user |
      We collect the following personal data that our users expressly provide to us when using our website:

Name, Company, CPF or CNPJ [Individual or Corporate Taxpayer’s ID], email, telephone, City/State 

The collection of this data takes place at the following times: 

When the user uses the contact forms. 

The data provided by our users is collected for the following purposes: 

For sending quotes and responses to user requests, and eventually analysis of the registration. 

2. Sensitive data 

Sensitive data will not be collected from our users, i.e., data defined in Articles 11 et. seq. of the Personal Data Protection Act. Therefore, there will be no collection of data on racial or ethnic origin, religious convictions,

1/6 

political opinions, membership with a union or organization of a religious, philosophical or political nature, data relating to health or sex life, genetic or biometric data, when relative to an individual. 

3. Cookies 

Cookies are small text files that are automatically downloaded to your device when you access and browse a website. They basically serve to identify devices, activities and user preferences. 

Cookies do not allow any file or information to be extracted from the user’s hard drive, and it is also not possible, through them, to have access to personal information that has not come from the user or the way in which they use the resources of the website.

1. Website cookies 

Website cookies are those sent to the user and administrator’s computer or device exclusively by the website. 

The information collected through these cookies is used to improve and personalize the user experience, and some cookies may, for example, be used to remember user preferences and choices, as well as to offer personalized content. 

1. Cookie management 

The user may oppose the registration of cookies by the website, simply by deactivating this option in their own browser. More information on how to do this in some of the main browsers used today can be accessed from the following links: 

The deactivation of cookies, however, may affect the availability of some tools and functionalities of the website, compromising their correct and expected functioning. Another possible consequence is the removal of user preferences that may have been saved, negatively impacting your experience.

4. Collection of data not expressly addressed 

Eventually, other types of data not expressly provided for in this Privacy Policy may be collected, provided that they are provided with the user’s consent, or even that the collection is allowed on the basis of other legal grounds provided by law. 

In any case, the data collection and the resulting processing activities will be informed to the users of the website. 

2. Sharing of personal data with third parties 

We share some of the personal data mentioned in this section with third parties. 

Shared data is as follows: 

Full name, company, CPF or CNPJ [Individual or Corporate Taxpayer’s ID], telephone and email, if necessary, will be shared with credit bureaus and protection agencies.

This data is shared for the following reasons and purposes: 

Sharing is done to meet legitimate interests, to ensure fraud prevention and for the security of the data owner. 

In addition to the situations specified herein, it is possible that we share data with third parties to comply with any legal or regulatory determination, or even to comply with an order issued by a public authority. 

In any case, the sharing of personal data will observe all applicable laws and rules, always seeking to guarantee the security of our users’ data, observing the technical standards used in the market. 

3. How long will your personal data be stored

The personal data collected by the website is stored and used for a period of time that corresponds to what is necessary to achieve the purposes listed in this document and that considers the rights of the data owners, the rights of the website controller and the applicable legal or regulatory provisions. 

Once the storage periods for personal data have expired, they are removed from our databases or anonymized, except in cases where there is a possibility or need for storage due to legal or regulatory provisions. 

4. Legal grounds for processing personal data 

Each personal data processing operation must have a legal basis, that is, a legal basis, which is nothing more than a justification that authorizes it, set forth in the General Personal Data Protection Act. 

All of our personal data processing activities have a legal basis on which they are based, among those permitted by legislation. More information about the legal bases we use for specific personal data processing operations can be obtained from our contact channels, informed at the end of this Policy. 

5. User rights 

The website user has the following rights, granted by the Personal Data Protection Act: 

– Confirmation of the existence of treatment; 

– Access to data; 

– Correction of incomplete, inaccurate or outdated data; 

– Anonymization, blocking or elimination of unnecessary, excessive or processed data in violation of the provisions of the law; 

– Data portability to another service or product provider, upon express request, in accordance with the regulation of the national authority, observing trade and industry secrets; 

– Deletion of personal data processed with the consent of the data owner, except in situations specified by law; 

– Information on the public and private entities with which the controller shared data use; 

– Information on the possibility of not providing consent and on the consequences of denial; 

– Withdrawal of consent.

4/6 

It is important to note that, under the LGPD, there is no right to delete data processed on the basis of legal bases other than consent, unless the data is unnecessary, excessive or treated in violation of the law. 

1. How the data owners can exercise their rights 

In order to ensure that the user who intends to exercise their rights is, in fact, the owner of the personal data addressed by the request, we may request documents or other information that can assist in their correct identification, in order to protect our rights and the rights of third parties. This will only be done, however, if absolutely necessary, and the requester will receive all related information. 

   6. Security measures for processing personal data 

We employ technical and organizational measures capable of protecting personal data from unauthorized access and from situations of destruction, loss, misplacement or alteration of said data. 

The measures we use take into account the nature of the data, the context and purpose of the treatment, the risks that a possible violation would generate for the rights and freedoms of the user, and the standards currently used in the market by companies similar to ours. 

Among the security measures adopted by us, we highlight the following: 

– The data of our users is stored in a secure environment; – We limit access to our users’ data so that unauthorized third parties cannot access them; 

– We use the SSL (Secure Socket Layer) certificate, so that data transmission between users’ devices and our servers happens with encryption; 

– We keep records of all those who have, in some way, contact with our data. 

Despite adopting every measure possible to avoid security incidents, it is possible that a problem occurs exclusively motivated by a third party – such as in the case of attacks by hackers or crackers, or, moreover, exclusively by user fault, who occurs, for example, when users themselves transfer their data to a third party. Consequently, although we are, in general, responsible for the personal data we process, we are exempt from liability in the event of an exceptional situation such as these, over which we have no control.

5/6 

In any event, should any sort of security incident occur that may pose a relevant risk or cause damage to any of our users, we will report it to the affected parties and the National Data Protection Authority, in accordance with the provisions of the General Personal Data Protection Act. 

   7. Complaint to a control authority 

Notwithstanding any other administrative or judicial remedy, owners of personal data who feel, in any way, injured, may file a complaint with the National Data Protection Authority. 

   8. Changes to this policy 

This version of this Privacy Policy was last updated on: 4/6/2022. 

We reserve the right to amend these rules at any time, especially for adjusting them to any changes made to our website, either by making new functionalities available, or by deleting or modifying existing ones. 

Whenever there such a change is made, our users will be notified thereof. 

   9. How to contact us 

To clarify any doubts regarding this Privacy Policy or relative the personal data we process, please contact our Personal Data Protection Officer, through any of the channels detailed below: