At Fontana S.A., privacy and security are priorities, and we are committed to transparency in processing our user’s/clients’ personal data. Therefore, this Privacy Policy establishes how information collection, use, and transfer from customers or other people who access or use our website is done.

By using our services, you understand that we will collect and use your personal information in the ways described in this Policy, under the Data Protection rules (LGPD, Federal Law 13.709/2018), the consumerist provisions of Federal Law 8078/1990 and other rules of the applicable Brazilian legal system.

In this way, Fontana S.A, hereinafter simply referred to as Fontana, registered with the CNPJ/MF under No. 89.305.197/0001-80 in the role of Data Controller, is bound by the provisions of this Privacy Policy.

1. What data do we collect about you, and for what purpose?

Our website collects and uses some of your personal data in order to enable the provision of services and improve the user experience.

1.1. Personal data provided by the holder.

• Full Name: Field to be used to identify the user.
• Date of birth: Data to be used to identify the candidate (job vacancy).
• Phone(s) for contact: Used to contact the candidate.
• Contact email: Used to contact the candidate.
• Professional Qualification Courses: Field used to identify the extra qualification courses that the candidate has. Some functions, in accordance with current legislation, require, in addition to training, professional qualification courses:
• Position/Function or desired area: The field intended to identify which area or position the candidate desires.
• Professional experience: optional field; if the candidate does not want to fill in this field, it will not cause any harm to the candidate.

1.2. Personal data collected automatically.

• Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be disabled in our systems. Typically, they are only set in response to actions taken by you in connection with a request for services, such as setting your privacy preferences, logging in, or filling in forms. For more information about our cookies policy “Click here” (directs to the Cookies policy page)

2. How do we collect your data?

In this sense, the collection of your personal data occurs as follows:

• Cookies: Files sent by the Portal’s server to the visitor’s computer, with the purpose of identifying the computer and obtaining access data.
• Work with us: By completing the job application form.
• Service by email: Through messages sent to the company through this channel

2.1. Consent

It is with your consent that we process your personal data. Consent is the free, informed, and unequivocal statement by which you authorize Fontana to process your data.

Thus, in line with the General Data Protection Law, your data will only be collected, processed, and stored with prior and express consent.

Your consent will be obtained specifically for each purpose described above, evidencing Fontana’s commitment to transparency and good faith towards its users/customers, following the relevant legislative regulations.

By using Fontana’s services and providing your personal data, you are aware of and consent to the provisions of this Privacy Policy, in addition to knowing your rights and how to exercise them.

At any time and at no cost, you may withdraw your consent.

It is important to highlight that the revocation of consent for the processing of data may imply the impossibility of the proper performance of some functionality of the website that depends on the operation. Such consequences will be informed of in advance.

3. What are your rights?

Fontana assures its users/customers of their rights, as provided in Article 18 of the General Data Protection Law. This way, you can, free of charge and at any time:

• Confirm the existence of data processing in a simplified way or in a clear and complete format.
• Access your data, being able to request it in a readable copy in printed form or electronically, safe, and reputable.
• Correct your data when requesting its edition, correction, or update.
• Limit your data when unnecessary, excessive, or treated in violation of the legislation through anonymization, blocking, or deletion.
• Request the portability of your data through a registration data report that Fontana processes about you.
• Eliminate your processed data based on your consent, except in cases provided for by law.
• Revoke your consent, disallowing the processing of your data.
• Find out about the possibility of not giving your consent and about the consequences of the refusal.

4. How can you exercise your titleholder rights?

Fontana S.A. informs that the DPO appointed by the company is Evandro Luís Pazini.

To exercise your titleholder rights, you must contact Fontana through the following available means:

• E-mail: dpo@fontana.ind.br
• Phone: (51) 3751 9050

In order to guarantee your correct identification as the holder of the personal data object of the request, it is possible that we request documents or other evidence that can prove your identity. In this case, you will be informed in advance.

5. How and for how long will your data be stored?

Your personal data collected by Fontana S.A. will be used and stored for the time necessary to provide the service or to achieve the purposes listed in this Privacy Policy, considering the rights of data subjects and controllers.

Your data will generally be kept as long as the contractual relationship between you and Fontana lasts. At the end of the period of storage of personal data, these will be deleted from our databases or anonymized, except for the hypotheses legally provided for in Article 16 of general data protection law, namely:

I – Compliance with a legal or regulatory obligation by the controlling shareholder;

II – Study by research body, ensuring, whenever possible, the anonymization of personal data;

III – Transfer to a third party, provided that the data processing requirements set forth in this Law are respected; or

IV – Exclusive use by the controller and access by a third party is prohibited, provided that the data is anonymized.

That is, personal information about you that is essential for fulfilling legal, judicial, and administrative determinations and/or exercising the right of defense in judicial and administrative proceedings will be maintained, despite excluding other data.

The storage of data collected by Fontana reflects our commitment to the security and privacy of your data. We employ technical protection measures and solutions to guarantee your data’s confidentiality, integrity, and inviolability. In addition, we also have security measures appropriate to the risks and control access to stored information.

6. What do we do to keep your data safe?

To keep your personal information safe, we use physical, electronic, and managerial tools aimed at protecting your privacy.

We apply these tools considering the nature of the personal data collected, the context and purpose of the treatment, and the risks that possible violations would generate for the rights and freedoms of the holder of the data collected and processed.

Among the measures we adopt, we highlight the following:

• Only authorized persons have access to your personal data
• Access to your personal data is only done after the commitment to confidentiality
• Your personal data is stored in a safe and suitable environment.

Fontana is committed to adopting the best postures to avoid security incidents. However, it is necessary to point out that no virtual page is entirely safe and risk-free. It is possible that, despite all our security protocols, problems that are solely the fault of third parties may occur, such as cyber-attacks by hackers or also as a result of negligence or imprudence by the user/customer.

In case of security incidents that could generate risk or relevant damage for you or any of our users/customers, we will inform those affected and the National Data Protection Authority about what happened, in line with the provisions of the General Data Protection Law.

7. With whom may your data be shared?

In order to preserve your privacy, Fontana will not share your personal data with any unauthorized third party.

In addition, there are also other hypotheses in which your data may be shared, which are:

I – Legal determination, application, requisition, or court order, with competent judicial, administrative, or governmental authorities.

II – Case of corporate movements, such as merger, acquisition, and incorporation, automatically.

III – Protection of Fontana’s rights in any type of conflict, including legal ones.

8. Cookies or browsing data

Fontana uses Cookies, which are text files sent by the platform to your computer and stored there, which contain information related to website navigation. In short, Cookies are used to improve the user experience.

By accessing our website and consenting to the use of Cookies, you acknowledge and accept the use of a navigation data collection system with the use of Cookies on your device.

For more information about our Cookie Policy “click here” (direct to Cookie Policy page)

9. Amendment to this Privacy Policy

The current version of the Privacy Policy was formulated and last updated on: May 5, 2023.

We reserve the right to modify this Privacy Policy at any time, mainly in terms of adaptation to any changes made to our website or in the legislative field. We recommend that you review it frequently.

Any changes will come into effect as of their publication on our website, and we will always notify you of any changes that have occurred.

By using our services and providing your personal data after such changes, you consent to them.

10. Liability

Fontana provides for the responsibility of agents who act in data processing processes in accordance with articles 42 to 45 of the General Data Protection Law.

We are committed to keeping this Privacy Policy up to date, observing its provisions, and ensuring compliance.

In addition, we are also committed to seeking technical and organizational conditions that are safely able to protect the entire data processing process.

If the National Data Protection Authority requires the adoption of measures regarding the processing of data carried out by Fontana, we undertake to follow them.

10.1 Disclaimer

As mentioned in Topic 6, although we adopt high-security standards to prevent incidents, no virtual page is entirely risk-free. In this sense, Fontana is not responsible for the following:

I – Any consequences arising from the negligence, imprudence, or malpractice of users in relation to their individual data. We guarantee and are only responsible for the security of the data processing processes and the fulfillment of the purposes described in this instrument.

We emphasize that the user is responsible for the confidentiality of access data.

II – Malicious actions by third parties, such as hacker attacks, unless proven culpable or deliberate conduct by Fontana.

We emphasize that in case of security incidents that may generate risk or relevant damage for you or any of our users/customers, we will inform those affected and the National Data Protection Authority about what happened, and we will comply with the necessary measures.

III – Inaccuracy of the information entered by the user/customer in the records necessary for the use of Fontana’s services; any consequences arising from false information or information entered in bad faith are entirely the responsibility of the user/client.

11. Data Protection Officer

If you have questions about this Privacy Policy or about the personal data we process, you can contact our Personal Data Protection Officer through the following channels:

Evandro Luis Pazini

E-mail: dpo@fontana.ind.br

Phone: + 55 51 3751 9050.