Privacy Policy

Corporate Integrity

Codigo de Conduta e Ética

This privacy and personal data protection policy aims to assist data subjects in understanding how we collect, store, and protect the personal data provided, supporting the data subject’s decision-making while navigating the Bram Offshore website and regarding data processing activities carried out by the company. This policy applies to Bram and must be known and observed by all its directors and employees in their relations with clients, third parties, and public authorities.

Personal Data: information related to an identified or identifiable natural person.

Sensitive Personal Data: personal data about racial or ethnic origin, religious beliefs, political opinions, membership in a union or organization of a religious, philosophical, or political nature, data relating to health or sexual life, genetic or biometric data when linked to a natural person.

Anonymization: the use of reasonable and available technical means at the time of processing, by which data loses the possibility of direct or indirect association with an individual; under these circumstances, anonymity must be irreversible.

Anonymized Data: data related to the data subject that cannot be identified, directly or indirectly, considering the use of reasonable and available technical means at the time of its processing.

Pseudonymization: a process by which personal data no longer directly relate to an identifiable person, but do not become completely anonymous, as it is possible to identify the individual if additional information about them—kept separately—is analyzed.

Processing: any operation performed on personal data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination, or extraction.

Data Subject (“Subject”): the natural person to whom the personal data being processed refers.

Data Controller: a legal entity that determines the purposes and means of processing personal data.

Data Processor: a legal entity that processes personal data on behalf of the Data Controller.

Data Protection Officer (DPO): a person appointed by the data controller and processor to act as a communication channel between the controller, data subjects, and the National Data Protection Authority (ANPD).

General Data Protection Law (LGPD): Law No. 13,709 of August 14, 2018, part of the Brazilian legal system, in effect since September 18, 2020.

Valid Consent: a free, informed, and unequivocal expression by which the data subject agrees to the processing of their personal data for a specific purpose.

Terms and definitions

National Data Protection Authority - ANPD: public administration body responsible for overseeing, implementing and monitoring compliance with the general data protection law throughout the Brazilian national territory;