%
Back

Terms of use and
Privacy Policy

PRIVACY AND PERSONAL DATA PROTECTION POLICY
09/29/2025 2:56 PM

I. Purpose of this Policy

This document establishes the Privacy and Personal Data Protection Policy (“Privacy Policy”) of Manesco Advogados (“Manesco”), in compliance with the guidelines of Brazilian legislation on privacy and personal data protection, particularly Law No. 13,709/2018 – the General Data Protection Law (“LGPD”).

The purpose of this Policy is to inform data subjects (“Data Subject”) about the personal data processing activities carried out within Manesco’s operations and about their related rights.

Manesco undertakes, in any process involving data processing—whether in physical or digital form—to observe the principles of purpose, adequacy, necessity, free access, data quality, transparency, security, prevention, non-discrimination, accountability, and transparency. Personal data shall be processed in accordance with Brazilian law and market best practices in the field of privacy and personal data protection, with the objective of safeguarding the privacy of Data Subjects.

Manesco also commits to limiting the processing of personal data to what is strictly necessary and to the circumstances expressly provided for in this Policy.

II. Important Definitions

Below are some important definitions regarding the protection of your personal data, in accordance with the LGPD:

  1. Data Processing Agents: the controller (Manesco) and the processor (third parties that process data on behalf of Manesco);
  2. National Data Protection Authority (ANPD): the public body responsible for overseeing, implementing, and supervising compliance with the LGPD;
  3. Legal Basis: any lawful ground defined by the LGPD that authorises the processing of personal data;
  4. Controller: the natural or legal person responsible for making decisions regarding the processing of personal data, particularly as to the purposes and means of processing;
  5. Anonymised Data: data relating to a Data Subject who cannot be identified, considering the use of reasonable and available technical means at the time of processing;
  6. Personal Data: any information relating to an identified or identifiable natural person, such as name, CPF (Individual Taxpayer Registry), ID number, residential or business address, fixed or mobile telephone number, e-mail address, geolocation data, among others;
  7. Sensitive Personal Data: personal data concerning racial or ethnic origin, religious belief, political opinion, membership of a trade union or organisation of a religious, philosophical, or political nature, data concerning health or sex life, genetic or biometric data, when linked to a natural person;
  8. Data Protection Officer (DPO): the person appointed to act as a communication channel between the controller, the Data Subjects, and the ANPD;
  9. Processor: the party that processes personal data in accordance with the Controller’s instructions;
  10. Data Subject: the natural person to whom the personal data being processed refers;
  11. Processing: any operation or set of operations performed on personal data or on sets of personal data, whether automated or not, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

III. Scope: To Whom Does This Policy Apply?

This Policy applies to all natural persons whose personal data are processed by Manesco, including clients, employees, associates, job applicants, suppliers, service providers, brokers, correspondent partners, and visitors to Manesco’s website, regardless of their position or role.

IV. Cookie Policy

Cookies are small text files that are automatically downloaded onto your device when you access and browse a website. They essentially enable the identification of devices, user activities, and preferences.

Manesco uses cookies on its website to analyse user interaction with visited pages and engagement with content, as well as to personalise the user experience.

The cookies used by Manesco are as follows:

Cookie 

Type

_ga 

This cookie is used to calculate visitor, session, and campaign data and to monitor website usage for analytics reporting purposes. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.

 

ajs_anonymous_id

This cookie is used to assign a unique and random ID to a website visitor who is not logged in or otherwise identified. This ID allows websites and applications to track visitor activity, even without knowing their identity, and helps associate anonymous behaviour with subsequently identified users.

 

Users may disable the collection of performance and advertising cookies through their browser settings. However, it is important to note that disabling cookies may impair the user experience, as certain information used to personalise it will no longer be available.

V. Fundamental Principles

Manesco ensures that the processing of personal data is carried out in full compliance with the principles set forth in the LGPD, as follows:

  1. Purpose – Processing shall be carried out for legitimate, specific, and informed purposes, with no possibility of subsequent processing in a manner incompatible with those purposes.
  2. Adequacy – Processing must be compatible with the purposes previously informed to the data subject.
  3. Necessity – Processing shall be limited to the minimum necessary to achieve its intended purposes, encompassing only data that are relevant, proportionate, and not excessive.
  4. Free Access – Data subjects shall be guaranteed facilitated and free access to information regarding the form and duration of processing, as well as to the entirety of their personal data.
  5. Data Quality – Data shall be clear, accurate, and kept up to date, in accordance with necessity and the purpose of processing.
  6. Transparency – Data subjects shall receive clear, precise, and easily accessible information regarding the processing of their personal data.
  7. Security – Technical and administrative measures shall be adopted to protect personal data from unauthorised access and from accidental or unlawful situations.
  8. Prevention – Measures shall be implemented to prevent the occurrence of harm resulting from the processing of personal data.
  9. Non-Discrimination – Processing shall not be carried out for unlawful or abusive purposes.
  10. Accountability and Demonstration – Processing agents shall be able to demonstrate the adoption of effective measures capable of proving compliance with and observance of personal data protection standards.

VI. Rights of the Data Subject

The Data Subject has the right, at any time and upon request to Manesco’s Data Protection Officer (DPO), to obtain the following information:

  1. Confirmation of the existence of personal data processing;
  2. Access to the personal data processed by Manesco;
  3. Correction of incomplete, inaccurate, or outdated data;
  4. Anonymisation, blocking, or deletion of data that are unnecessary, excessive, or processed in non-compliance with the LGPD;
  5. Data portability to another service or product provider, in accordance with the rules issued by the ANPD;
  6. Deletion of personal data processed on the basis of the data subject’s consent;
  7. Information about public and private entities with which the controller has shared data;
  8. Information regarding the possibility of withholding consent and the consequences of such refusal;
  9. Withdrawal of consent at any time.

Manesco reserves the right not to comply with requests in the following circumstances:

  1. When compliance with a legal or regulatory obligation requires the continued use or retention of personal data, or when laws determine minimum retention periods;
  2. When the withdrawal of consent would prevent the execution of contracts or the fulfilment of legal, regulatory, or contractual obligations;
  3. When the processing is necessary for the regular exercise of rights in judicial, administrative, or arbitral proceedings.

To ensure that the individual making the request is indeed the data subject to whom the personal data refer, Manesco may request supporting documents or additional information that assist in proper identification, in line with its privacy and data protection policies and procedures.

VII. Types of Data and Purposes

The personal data processed by Manesco shall correspond to the nature of the relationship between Manesco and the data subject.

VII.a Data of Clients and Prospective Clients

For clients and individuals who express interest in Manesco’s activities, the firm collects and may store personal data for the following purposes:

  1. To prepare quotations and submit service proposals;
  2. To enable the scope of the agreement entered into between the client and Manesco;
  3. To verify the legitimacy of powers for the execution of the fee agreement;
  4. To perform the contracted activities;
  5. To facilitate communications related to the contract;
  6. To carry out Manesco’s institutional communications;
  7. To enable access control to the firm’s physical premises; and/or
  8. To collect legal fees.

Manesco informs that, for the purpose of fulfilling the agreement entered into with the client, it may be necessary to transfer data to administrative or judicial authorities. Manesco shall not be held liable for any data processing activities carried out by such authorities.

VII.b Data of Job Applicants

For job applicants, Manesco collects certain personal data for the purpose of carrying out the stages of the recruitment and selection process. After collection, such data may be retained for a period of up to six (6) months, regardless of the duration of the selection process.

VII.c Data of Employees

For employees, Manesco collects personal data for the following purposes:

  1. To carry out internal human resources processes;
  2. To maintain the employment contract entered into with the employee;
  3. To comply with labour, tax, and social security obligations;
  4. To carry out Manesco’s institutional communications; and/or
  5. To make payments.

VII.d Data of Service Providers and Suppliers

For those providing services to Manesco, personal data may be collected for the following purposes:

  1. To assess and analyse proposals;
  2. To enable the scope of the contract entered into between the supplier/service provider and Manesco;
  3. To maintain communication between the parties throughout the duration of the agreement;
  4. To control access to Manesco’s physical premises;
  5. In cases where the service provider is a legal entity, to verify the powers of the natural persons signing the contracts; and/or
  6. To process payments.

VIII. Processing of Minors’ Data

Manesco may collect, store, and occasionally share personal data of minors, provided that consent has been granted clearly and explicitly by the legal guardian, as required by the LGPD, in the following situations:

  1. When necessary for the performance of contracts entered into with Manesco’s clients; or
  2. When the minors in question are dependants or beneficiaries of Manesco’s employees and enjoy benefits extended to them, including but not limited to situations in which they are listed as dependants under the employee’s health plan and/or receive childcare assistance.

In cases where data are collected for the purpose of executing client contracts, such collection shall take place upon the specific consent of the legal guardian at the time the agreement is formalised. In such cases, Manesco informs that, for the purpose of fulfilling the contract entered into with the client, it may be necessary to transfer data to administrative and judicial authorities. Manesco shall not be held liable for any data processing carried out by such authorities.

It may also be necessary to share information concerning minors with third-party service providers, particularly in cases involving providers responsible for managing benefits that may be extended to employees’ dependent minors — such as insurance brokers and health plan operators, providers related to the granting of childcare assistance, and those responsible for financial and accounting services. In such cases, the processing of personal data shall be subject to the privacy policies of the respective providers, and Manesco shall bear no liability whatsoever for the processing of personal data carried out by them, except for the obligation to contractually require their commitment to comply with the LGPD and this Policy.

Manesco undertakes to enter into agreements with third parties, particularly suppliers and service providers, always in a manner that ensures the security of the personal data processed, through the inclusion of express contractual responsibilities regarding the privacy and protection of the Data Subjects’ personal data.

IX. Transfer of Data to Third Parties and International Data Transfers

Personal data may be shared with third parties related to Manesco for the limited and specific purposes described in this Policy, particularly with service providers necessary for the development and digital storage of contracted products, including text editors, communication tools, and other document management and digital archiving systems, such as servers and cloud storage services, including iManage, Legal One, Legal Manager, Microsoft Outlook, Microsoft Office, Microsoft Teams, and OneDrive.

When requested by the data subject, information may also be shared through instant messaging applications such as WhatsApp. Personal data may further be shared with financial institutions, accounting firms, CRM tools, payment control software and services, technical support providers, equipment rental services, and other similar partners. In the above situations, the relevant servers may be located outside the national territory.

On occasion, it may also be necessary for data to be accessed by customs brokers, partner law firms, or correspondent offices. Such circumstances shall always be properly agreed upon with the data subjects.

In all such cases, the processing of personal data shall be subject to the privacy policies of the respective providers, and Manesco shall bear no liability whatsoever for the processing of personal data carried out by them, except for the obligation to contractually require their commitment to comply with the LGPD and with this Policy.

Manesco undertakes to enter into agreements with third parties, particularly suppliers and service providers, always in a manner that ensures the security of the personal data processed, through the inclusion of express contractual responsibilities regarding the privacy and protection of the data subjects’ personal data.

X. Duration of Processing

The personal data collected by Manesco shall be stored for as long as necessary to achieve the purposes described in this Policy and in compliance with the provisions of the LGPD, except in cases where longer retention is required or permitted by law or regulation.

Data may also be retained for the purpose of the regular exercise of rights in judicial, administrative, or arbitral proceedings, for the applicable periods.

XI. Information Security

Manesco reaffirms its commitment to implementing appropriate technical and organisational measures in all operations involving the processing of personal data, making every effort to protect such data from unauthorised access, loss, destruction, unauthorised sharing, and other potential incidents.

The measures adopted include, but are not limited to:

  1. Data Mapping – Maintaining an inventory of personal data processing activities to identify and mitigate risks.
  2. Record of Processing Activities – Keeping records of processing operations for accountability and auditing purposes.
  3. Access Control – Implementing mechanisms to control access to data and systems.
  4. Use of Security Technologies – Employing encryption, firewalls, and protection software to ensure the integrity and confidentiality of data.
  5. Employee Training – Conducting regular training sessions with employees on good security practices, including the use of strong passwords, two-factor authentication, and identification of phishing e-mails.

In the event of a security incident that may result in significant risk or harm to data subjects, Manesco has an Incident Response Plan in place and undertakes to notify the National Data Protection Authority (ANPD) and the affected data subjects in a clear and timely manner, in accordance with applicable legislation.

Manesco does not make automated decisions based solely on personal data. This means that significant decisions impacting data subjects — such as the hiring of employees, the definition of professional fees, or the granting of benefits — are always made by individuals based on careful and contextual analysis, and not exclusively by automated systems.

XII. Amendments to this Policy

The present version of this Privacy Policy was last updated in August 2025.

Manesco reserves the right to amend this Policy at any time, particularly to adapt it to any changes made to its website, whether by introducing new features or by removing or modifying existing ones.

In such cases, the updated version of this Policy shall be made available on Manesco’s official website.

XIII. Data Controller Information

The controller of personal data responsible for this Policy is Manesco Advogados, headquartered at Avenida Paulista, 1287, 7th floor, Bela Vista, São Paulo/SP, Brazil, Post code 01311-000.

Data subjects may exercise their rights guaranteed under the LGPD by submitting a request to Manesco’s Data Protection Officer (DPO). The communication channel with the DPO is available in accordance with item 4.1 of this Policy.

Data Protection Officer (DPO) Contact Information:

Name: Luís Gustavo Yazigi Conte

Telephone: +55 (11) 3068-4700

E-mail: dpo@manesco.com.br

We value your privacy

This website uses cookies to provide necessary website functionality, improve your experience and analyze our traffic.

Privacy policy
Fechar

Subscribe to the Littera

Manesco’s publication on public-private business.