Cookie &
Privacy Policy

Cookie Policy

1. What are cookies

Cookies are small files that are downloaded to your computer or mobile device when you access a website. Cookies send feedback to the originating site each time you access the same site or another that recognizes these cookies. They are useful for the site to recognize the type of device used by the user (for example, PC, mobile phone, tablet, etc). Cookies also allow you to navigate between site pages efficiently, remembering your preferences and improving your user experience. They also allow the ads you see to be more relevant to your interests.

We inform that the collection of personal data is only carried out through the registration contained on our website. All other cookies used do not collect personal data and cannot identify the user.

By accepting cookies your privacy will be preserved, as well as all the rights provided by the General Data Protection Law (LGPD) are respected and fulfilled by RGB Marketing.

2. Information collected by RGB Marketing

We collect two types of information from site visitors: (a) personal identification information; (b) non-personal information.

personal identification information

These are information that personally identifies the user, being those collected in the website registration, such as name, email, phone/mobile, city, and state. We use this information to:

- return contact from those interested in our services who filled out the registration contained on our website;

- deliver services;

- complete a transaction or service requested by you;

- ensure that the site has relevant content for you;

- help us create and publish content more relevant to you;

- notify you of changes to this privacy policy;

- allow you unlimited access to our site content;

- contact you if you want to exercise your rights under the LGPD;

- also, we may send email marketing, always with an "opt-out" option, in case the user no longer wants to receive our marketing emails.

non-personal information

These are information that does not identify a person, but that is collected through the site, such as:

- Strictly necessary cookies, which allow login to a restricted and secure area of our site, as well as identify your IP address and the type of device you use for navigation and page display purposes. These cookies do not collect personal information about you (such as email and/or phone) that could be used for marketing.

3. Types of existing cookies

1- Own cookies: are cookies set by us at RGB Marketing, stored on our server.

2- Third-party cookies: are those cookies set by trusted third parties in our application, such as Google and Facebook.

3- Session or temporary cookies: are cookies that expire as soon as you close your browser, ending the session or page.

4- Persistent or permanent cookies: are cookies that remain on your device for a period or until you delete them (we show below how to delete cookies).

5- Necessary cookies: are those that enable more effective navigation and access to all pages of our site. Without them, navigation would be excessively slow, and there would be no access to all pages, videos, etc.

6- Performance cookies: are cookies that help us improve the performance of our site, through the anonymous collection of information about the pages accessed.

7- Functionality cookie: are cookies that remember your preferences and choices, however without any collection of username and password for navigation, everything is done anonymously, without user identification, except for filling out the registration contained on our website.

8- Advertising cookies: are those cookies that target ads based on user interests and limit the number of times the ad appears.

The cookies described above, and used on our website, can only identify the user's gender, age, and city, therefore, they do not collect personal data that identifies or can identify a natural person.

User identification only occurs when they fill out the registration contained on our website, otherwise, navigation remains anonymous.

4. Types of cookies collected on the RGB Marketing site

Necessary cookies

Cookie

Time

Property

Description

SIDCC

1 year

Third parties (google.com)

To protect data against unauthorized access

_Secure-HSID

6 months

Third parties (google.com and google.com.br)

Store signed and encrypted user account records, identify login, authenticate users, prevent fraudulent operations, protect against unauthorized access.

AID

1.5 years

Third parties (google.com)

Store user activities on Google on different devices, including for advertising ads.

DSID

15 days

Third parties (doubleclick.net)

Store user activities on Google on different devices, including for advertising ads.

NID

6 months

Third parties (google.com and google.com.br)

Remember your preferences and other information (preferred language, search results, activation of Google's SafeSearch filter.

Performance cookies

Cookie

Time

Property

Description

1P_JAR

1 month

Third parties (google.com and google.com.br)

Store access information and customize ads.

1P_JAR

1 month

Third parties (gstatic.com)

Store access information and customize ads.

OTZ

1 month

Third parties (google.com and google.com.br)

More traffic-related information for Google Analytics.

_fbp

3 months

Owner (rgb.marketing)

Facebook access measurement pixel.

_ga

2 years

Owner (rgb.marketing)

User storage cookies Google Analytics.

_gat_UA-12125132-1

15 minutes

Owner (rgb.marketing)

Used to control request rate.

_dc_gtm_

15 minutes

Owner (rgb.marketing)

To control the request rate when Google Analytics is implemented by the Google Tag Manager.

_gid

1 day

Owner (rgb.marketing)

Google user storage cookies.

_hjIncludelnSample

Until logout

Owner (rgb.marketing)

HotJar user storage cookies.

_hjid

1 year

Owner (rgb.marketing)

HotJar user storage cookies.

locale

2 days

Third-party (facebook.com)

Stores location data.

Advertising Cookies

Cookie

Duration

Ownership

Description

1P_JAR

1 month

Third-party (google.com and google.com.br)

Stores access information and customizes ads.

1P_JAR

1 month

Third-party (gstatic.com)

Stores access information and customizes ads.

ANID

2 years

Third-party (google.com and google.com.br)

Builds a user interest profile and displays relevant and personalized Google ads.

APISID

2 years

Third-party (google.com and google.com.br)

Used by Google to store user preferences.

DSID

15 days

Third-party (doubleclick.net)

Stores user activities on Google across different devices, including for advertising purposes.

DV

A few minutes

Third-party (google.com)

Builds a user interest profile and displays relevant and personalized Google ads.

HSID

2 years

Third-party (google.com and google.com.br)

Used by Google to store user preferences.

IDE

2 years

Third-party (doubleclick.net)

Used by Google DoubleClick to register, report and assess user actions with ads and present targeted ads.

NID

6 months

Third-party (google.com and google.com.br)

Remembers your preferences and other information (preferred language, search results, activation of Google's SafeSearch filter).

OGPC

1 month

Third-party (google.com)

Enables Google Maps functionalities.

SAPISID

2 years

Third-party (google.com and google.com.br)

Used by Google to store user preferences.

SEARCH_SAMESITE

6 months

Third-party (google.com and google.com.br)

Builds a profile of the user visitor's interests to display relevant and personalized Google ads.

SID

2 years

Third-party (google.com and google.com.br)

Used by Google to store user preferences.

SSID

2 years

Third-party (google.com and google.com.br)

Used by Google to store user preferences.

_SECURE-3PAPISID

2 years

Third-party (google.com and google.com.br)

Builds user interest profile and displays relevant and personalized Google ads.

_SECURE-3PSID

2 years

Third-party (google.com and google.com.br)

Builds user interest profile and displays relevant and personalized Google ads.

_SECURE-APISID

6 months

Third-party (google.com and google.com.br)

Builds user interest profile and displays relevant and personalized Google ads.

_Secure-HSID

6 months

Third-party (google.com and google.com.br)

Stores signed and encrypted records of the user's account, identifies login, authenticates users, prevents fraudulent operations, protects unauthorized access.

_fbp

3 months

Owner (rgb.marketing)

Facebook access measurement pixel.

_ga

2 years

Owner (rgb.marketing)

Google Analytics user storage cookies.

act

Until logout

Third-party (facebook.com)

User tracking by Facebook for advertising purposes.

c_user

1 year

Third-party (facebook.com)

User tracking by Facebook for advertising purposes.

datr

2 years

Third-party (facebook.com)

User tracking by Facebook for advertising purposes.

fr

3 months

Third-party (facebook.com)

User tracking by Facebook for advertising purposes.

locale

2 days

Third-party (facebook.com)

Stores location data.

presence

Until logout

Third-party (facebook.com)

User tracking by Facebook for advertising purposes.

sb

2 years

Third-party (facebook.com)

Facebook user tracking with cookies (fr) used for advertising purposes.

spin

1 day

Third-party (facebook.com)

User tracking by Facebook for advertising purposes.

wd

1 week

Third-party (facebook.com)

User tracking by Facebook for advertising purposes.

xs

1 year

Third-party (facebook.com)

Session Cookie.

 

 

5. How to Manage and Disable Cookies

Cookie installation is subject to the user's consent, even though most browsers are initially configured to accept cookies automatically.

Upon your first visit to our website, you will be required to consent to the installation of cookies.

If you wish to disable cookies, you can configure your browser to allow you to refuse all or some cookies. However, if you choose to disable all cookies, including strictly necessary cookies, you may not be able to access all parts of our site. Please note that disabling one cookie or a category of cookies will not delete them from your browser; you will need to disable them separately.

We will show you the steps to disable all or some cookies: in your browser, access the "Options" or "Preferences" or "Help" menu for more details.

If you want more information about your browser's cookie settings, please select the link for your browser below:

https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=pt

https://support.apple.com/pt-br/guide/safari/sfri11471/mac

https://blogs.opera.com/brazil/2016/05/como-deletar-o-historico-de-navegacao-em-celulares-e-computadores/

https://support.mozilla.org/pt-BR/kb/limpe-cookies-e-dados-de-sites-no-firefox

https://support.microsoft.com/pt-pt/help/278835/how-to-delete-cookie-files-in-internet-explorer

6. Final Provisions

For us at RGB, your privacy and trust are essential. Therefore, we always strive for the highest security standards.

Thus, we reserve the right to change the cookie policy in accordance with technological updates, always taking care to inform our users of the cookie policy here on our website.

If you have any questions about the cookie policy, please contact us through this page.

 

This cookie policy was last updated on 15/01/2020.

 

Privacy Policy

 

Privacy and Protection of Your Data

Your privacy is very important to our company, so we have developed this privacy and data protection policy to show you how we collect, use, store, share, process, and delete your personal data. This privacy policy describes the measures we take to ensure your privacy and the protection of your personal data.

This privacy policy applies to all personal data processing carried out by RGB, directly or indirectly, of individuals, including current and future employees or potential job candidates, collaborators, partners, customers, suppliers, consumers, contractors or subcontractors, or any third parties. "Personal data" is defined as all data that is identifiable or capable of identifying a natural person.

 

Culture and Principles of Data Protection and Privacy

RGB is committed to complying with all provisions of the General Data Protection Law (LGPD) and all international legislation related to privacy and data protection, such as the General Data Protection Regulation (GDPR), as well as creating a culture of data protection and privacy for our employees, partners, and suppliers, always respecting the principles of purpose, adequacy, necessity, free access, data quality, transparency, security, prevention, non-discrimination, responsibility, and accountability.

 

Personal Data, Purpose, and Legal Basis Collected in Our Form

For better transparency regarding the processing of personal data carried out by our company, we provide, in the table below, the data that is collected, its purpose, the legal basis, and the legal ground adopted by RGB in the "form" field on our website:

 

CATEGORY OF DATA

PURPOSE

LEGAL BASIS

LEGAL GROUND

Name of the data subject, email, phone number, city, state, and the name of the company where they work.

We collect your name, email, phone number, city, state, and the name of the company for contact purposes in order to provide information about our services.

The data may be used for:

- contacting interested parties in our services who have filled out the registration form on our website;

- helping us create and publish more relevant content for you;

- notifying you about changes to this privacy policy;

- allowing you unlimited access to the content of our website;

- contacting you if you wish to exercise your rights under RGB;

- we may also send email marketing, always with the option to "opt-out" if the user no longer wishes to receive our email marketing.

Legitimate Interest

Consent

The data collected and processed through the form provided on our website will be processed based on legitimate interest without infringing on the rights and freedoms of the data subjects.

I am aware that my data will be collected and processed internally for commercial purposes by RGB, and I agree to receive marketing emails and newsletters related to RGB.

 

Rights of Data Subjects

Being aware of the collection and processing of data required in the form on our website, the data subject may exercise all rights provided for in the General Data Protection Law (LGPD), such as:

  1. The right to confirmation of which data is known to RGB, the form, purpose, and legal basis adopted for processing;
  2. The right to access the data collected and processed by RGB;
  3. The right to correct and update the data collected and processed by RGB, the right to data portability;
  4. The right to information about any data sharing;
  5. The right to erasure of data, except in cases where processing is based on a legal basis that does not require the data subject's consent;
  6. The right to object in cases where data collection and processing are carried out based on consent;
  7. The right to withdraw consent in cases where data collection and processing are carried out based on consent;
  8. The right to data portability in the event of contract termination or with the express authorization of the data subjects.

 

The above-mentioned rights can be exercised through the email dpo@rgb.com.br addressed to Roberta Galvani Cassiano Teixeira.

 

Purpose, Legal Basis, and Personal Data of Our Customers Collected by RGB as the Controller

For users who are already our customers, as the Controller, RGB, based on the principle of transparency, collects, processes, and shares the data listed below, based on contract execution and/or legal obligation:

 

CATEGORY OF DATA

PURPOSE

LEGAL BASIS

LEGAL GROUND

Name of the data subject, CPF, RG, CNPJ, email, phone number, city, state, and the name of the company where they work.

We collect your name, CPF, RG, CNPJ, email, phone number, city, state, and the name of the company where you work for fiscal purposes, issuance of invoices and invoices, as well as for contact purposes to ensure the proper execution of contracts with our company.

The data may be used to send email marketing, always with the option to "opt-out" if the user no longer wishes to receive our email marketing.

Contract Execution and Legal Obligation.

The data collected for fiscal purposes, namely: name, CPF, RG, CNPJ, street, street number, city, and state, have a legal basis in the legal obligation for issuing invoices and bank invoices that will be sent by email. They will also be shared with RGB's accounting office, as well as with the competent government agencies.

The data collected with the legal basis of contract execution, such as name, CPF, RG, CNPJ, email, phone number, address, city, state, and the name of the company where you work, serve to ensure the effective provision of our services.

 

Data collected based on legal obligation will be collected and processed by our in-house team for fiscal purposes, such as the preparation and issuance of invoices and bank bills that will be sent by email to our customers. Such data will be shared with the accounting office contracted by our company, as well as with the competent government authorities.

Data collected based on contract execution will be processed exclusively by our team and may be disclosed on the websites of the respective data holders, enabling contact with their customers and potential customers.

 

Data Collection and Processing

As the Data Controller, RGB only collects data when it is strictly necessary and minimizes the amount of data collected from each data subject.

 

Collection and Processing of Sensitive Data and Data of Children and Adolescents, as the Data Controller

As the Data Controller, RGB does not collect or process sensitive data, except for its employees. Also, as the Data Controller, RGB does not collect or process data of children and adolescents.

 

International Data Transmission

RGB clarifies that it performs international data transmission, as its database (Data Center) is hosted in Canada, under an onerous contract and in compliance with all requirements of both the General Data Protection Law (LGPD) and the General Data Protection Regulation (GDPR).

It is clarified that data sharing with Canada is authorized by LGPD (General Data Protection Law) since that country has legal rules and regulations aimed at the effectiveness of data privacy and protection, in accordance with PIPEDA (Personal Information Protection and Electronic Documents Act).

 

Data Retention Period

RGB keeps stored personal data only for the time necessary for the purposes for which they were collected and processed, as well as for legal purposes arising from contracts and legal obligations stemming from the contracts signed and applicable legislation.

 

Subsequent Data Processing for Other Purposes

If necessary, RGB may categorize the personal data collected under another legal basis, always respecting the guiding principles of the General Data Protection Law and the rights of data subjects. Additionally, RGB may use collected data for statistical purposes through a process of anonymization or pseudonymization.

 

Security Measures Adopted

We inform that we have taken all appropriate technical and organizational measures to protect the personal data collected and processed by our company. We have implemented all necessary safeguards to protect the entire process of collecting and processing personal data. When necessary, we conduct privacy impact assessments to adopt appropriate safeguards and ensure the effectiveness of our personal data protection and privacy program. We use the antivirus called Bitdefender on our servers and all other computers used by the RGB team, as well as firewalls and access passwords, with our database containing encrypted files.

 

Data Collection and Processing as the Processor (Service Provider)

As the Processor, RGB processes data strictly in accordance with the contract signed with the Controller, always respecting the principles of purpose, adequacy, necessity, free access, data quality, transparency, security, prevention, non-discrimination, responsibility, and accountability, as well as the rights of confirmation, access, correction and updating, information about data sharing, deletion, objection, revocation of consent, and data portability of data subjects.

As the Processor, we ensure the Controller the quality and security of data processing and the certainty that the culture of data protection and privacy is already incorporated into our company, employees, partners, and suppliers.

As the Processor of data, RGB collects and processes data in strict compliance with contracts with Controllers, and the database provided by Controllers is protected through all tools acquired by RGB, including BitDefender antivirus, firewalls, passwords, and encrypted files.

Our company operates based on the three pillars of information security: the confidentiality of our team, the integrity of data provided by Controllers, and the availability for contract execution in strict accordance with the terms determined by Controllers.

Data obtained through Controllers follows all the principles of LGPD and respects all data subjects' rights.

As the Processor of data, RGB does not collect and/or process data from children and adolescents.

We are aware that, as Data Processors, we often have to process sensitive data, such as racial and ethnic origin, political opinions, religious or philosophical beliefs, union membership, genetic and biometric data, data related to health, and sexual life or sexual orientation of individuals. The processing of sensitive data is carried out strictly in accordance with the General Data Protection Law (LGPD) through the consent provided by the Controller.

For the execution of some contracted services, RGB may collect, store, and share information with Facebook, Google, LinkedIn, and other social networks, but always in strict compliance with the Controller's requirements in contracts signed with our company.

RGB keeps stored personal data only for the time necessary for the purposes for which they were collected and processed, as well as for legal purposes arising from contracts and legal obligations stemming from the contracts signed and applicable legislation.

 

This privacy policy was prepared on July 29, 2021.

Version 1.2