Privacidade – EN

Privacy Notice

We at BANCO LUSO BRASILEIRO S.A. (“BANCO LUSO”, “BLB”, or “Company”), registered under CNPJ/MF no. 59.118.133/0001-00, and our affiliate, LUSOSEG ADMINISTRAÇÃO E CORRETAGEM DE SEGUROS LTDA (“LUSOSEG”), registered under CNPJ/MF no. 53.934.056/0001-80, both headquartered at Rua Pascoal Pais, n. 525, 14th floor, Vila Cordeiro, São Paulo/SP, ZIP code 04.581-060, aim to maintain a relationship of trust and transparency with all those we interact with, such as our clients, prospects, business partners, and candidates in our recruitment processes (“Data Subject” or “You”).

For this reason, we clarify that by using our service channels (remote or in-person), such as the website https://bancoluso.com.br/en, Internet Banking, other available applications, and agency(ies), your personal data will be protected, not only as long as the relationship lasts but throughout the period your data remains in our repositories, always in compliance with applicable legislation.

We have prepared this Privacy Notice (“Notice”) to help you understand, in a simple way, how we process your personal data and how you can exercise your rights as a data subject.

It is possible that, in our activities, personal data of adolescents (public aged between 12 and 18 years) may be processed, as such individuals might be consumers of our products and services or candidates in recruitment processes for minor apprentice positions. However, we emphasize that we will conduct this processing in accordance with the best interests of this group.

If you have any questions related to the protection of your personal data and/or this Notice, we provide a contact channel for your clarification: encarregado.dados@lusobank.com.br.

1. HERE’S A SUMMARY OF THE MOST RELEVANT INFORMATION

To facilitate understanding of this Notice, we provide a summary table of the information that will be presented in this document:

WHO WILL PROCESS YOUR PERSONAL DATA? MEET BLB AND LUSOSEG!We, at BLB and LUSOSEG, aim to offer tailored solutions to our clients and partners through transparent, honest, and committed service, with high specialization in the sectors where we provide our services. You can learn more about our products and services by visiting: https://bancoluso.com.br/en. As data controllers, we are responsible for processing your personal data and determining the purposes and means of processing.
HOW DO WE COLLECT YOUR PERSONAL DATA?The personal data we collect and store may have been provided directly by the Data Subject to BLB and/or LUSOSEG, from third parties, or automatically collected through our website and other channels, as detailed in Topic 2 of this Notice.
WHAT DATA WILL BE PROCESSED?Below is a summary of some personal data we process, which will be detailed in Topic 3: BLB: • personal data – Name, CPF, CNPJ, Email, Driver’s License, Signature, Nationality, Internal Registration Number, Unique Personal Identifier, Passport, RG, CTPS, Address, ZIP Code, City, Country, State, Phone, Mobile Phone, Education, Marital Status, Date of Birth, Age, Professional Email, Professional Address, Position, Salary, Remuneration, Profession, Employee Number/matriculation, Job, Hiring Date, Termination Date and Reason, Work Schedule, Superior Hierarchical, Filial, Dependents’ Kinship, Criminal Record, Social Media Profile, Vehicle Data, Username, Citizenship, Gender, Parents/Guardians’ Names, Academic/School History, Expected Salary, Work Experience, Languages, Consumption History, Investments and Assets, IRPF Declaration, Bank Data, Bank, Account Number, Account Information, Bank Statements, Credit History, Personal Property Registration, Credit Score, Benefits Data, Bonus Payments, Document Scans. • sensitive data – health data and political affiliation. LUSOSEG: • personal data – Name, CPF, RG, Driver’s License, Citizenship, Nationality, Marital Status, Full Address, Email, Profession, Company/Entity/Organization they belong to, Job, Employee Number/matriculation, Criminal Record, Social Media Profile, Financial Data (investments and assets; public property records); • sensitive data – health data.
WHY DO WE NEED YOUR PERSONAL DATA?Below is a summary of some purposes for which we process your personal data, which will be detailed in Topic 4: • compliance with our legal or regulatory obligations; • provision of our services and enabling of our products, based on the contract signed between the parties; • conducting activities to allow the exercise of our rights; • internal promotion and support of our activities; and • recruitment and selection.
WHEN MAY YOUR PERSONAL DATA BE SHARED?We may share your personal data with third parties to achieve the purposes for which they were collected. There may also be sharing when necessary to fulfill judicial authorities’ requests or to comply with legal or regulatory obligations, as described in Topic 6 of this Notice.
HOW LONG WILL YOUR DATA BE RETAINED?We store your personal data for the time necessary to achieve the purposes for which they were collected. When possible, we will maintain personal data in an anonymized form, respecting the highest level of care and market security, as outlined in Topic 7 of this Notice.
HOW TO EXERCISE YOUR RIGHTS AS A PERSONAL DATA SUBJECT?We are committed to fulfilling all your rights as a data subject. Therefore, we have a communication channel to address any questions or requests related to the processing of personal data. Contact our Data Protection Officer at: encarregado.dados@lusobank.com.br

2. HOW DO WE COLLECT YOUR PERSONAL DATA?

The information we process about you may have been provided directly by the Data Subject to BLB or LUSOSEG, from third parties, or automatically collected through our Platforms and other channels.

Let’s better understand each of these data collection situations?

  • Information provided directly by the respective Data Subject:

From the beginning of your interaction with us, the Data Subject voluntarily provides information about themselves, such as, but not limited to the following situations:

  1. when you contact us through our email, website (via the “SAC”, “Ouvidoria”, “Whistleblower Channel”, “Sign Up” and others), app, social media, or other platforms and/or service channels;
  2. when you (the data subject) enter into or attend as a representative a contract with us to acquire our products and services;
  3. when you send us your resume to participate in our recruitment process through “Careers” and/or other platforms.
  • Information obtained from third parties:

In specific cases, we may also receive some of your personal data through third parties. For example, information provided by our partners and representatives, legal representatives and attorneys, other banks, government bodies, credit bureaus, service providers, suppliers, and other partners who assist us in offering better products and services to our audience;

  • Information obtained automatically:

When the data subject accesses or uses our services on the App or website (browsing), including through cookies.

  • Publicly available information:

There is also the possibility of collecting your information that is publicly available and on social media (like Instagram, Facebook, LinkedIn) and in public databases from government bodies (like Courts of Justice and commercial registries), always in compliance with the criteria and principles defined in the applicable legislation.

3. WHICH PERSONAL DATA MAY WE PROCESS?

In order to respect your privacy, we understand that any processing of personal data should be limited to the minimum necessary, in a relevant and proportional manner, to achieve the intended purpose.

Thus, the personal data we collect may vary depending on the relationship the data subject has with us, such as being a client, website visitor, prospect, partner, job candidate, among others.

Below, grouped into categories, we present the main personal data that may be processed by us:

  1. Data that may be processed by BLB:
    • Registration and qualification data – name, CNPJ, RG, CPF, CNH, CTPS, passport, internal registration number, unique personal identifier, employee number, vehicle data, nationality, citizenship, username, signature, marital status, parentage, date of birth, gender, age, dependent relationship, parents/responsible names, criminal record;
    • Contact data – residential address (city, state, country, ZIP), professional address, personal email, professional email, phone, mobile, social media profile;
    • Financial and banking data – agency, bank, account number, statement, account information, score, credit history, income tax declaration, investments and assets, personal property registration, benefits data, bonus payments;
    • Professional and academic data – position, hiring date, company/entity/organization, termination date and reason, working hours, superior, function, profession, remuneration, salary, education, professional experience, salary expectations, academic history;
    • Behavioral data – consumption habits/history;
    • Sensitive personal data – health data, political organization membership.
  2. Data that may be processed by LUSOSEG:
    • Registration and qualification data – name, CNPJ, RG, CPF, CNH, employee number/registration, nationality, citizenship, marital status, criminal record;
    • Contact data – complete address, email, social media profile;
    • Financial and banking data – investments and assets, public property registration;
    • Professional data – profession, company/entity/organization the person belongs to, position, employee number/registration;
    • Sensitive personal data – health data.

4. WHAT DO WE USE YOUR INFORMATION FOR?

The personal data we collect may be used for the purposes described in the table below:

Category of personal dataPurposesData Subjects
Registration and qualification data; Contact data; Financial data; Professional and academic data; Sensitive Personal Data.Compliance with our legal or regulatory obligations Your personal data may be used to meet our legal obligations (e.g., judicial blocking/unblocking, tariff exemptions, provision of income statements, and others). Your data may also be processed to comply with regulations from government bodies (such as CVM and the Central Bank of Brazil – BCB for BLB, and SUSEP for LUSOSEG), and to respond to orders or requests from tax authorities, the Judiciary, and/or other competent authorities.Clients and legal/commercial representatives; Partners, suppliers, and service providers
Registration and qualification data; Contact data; Financial and banking data; Professional and academic data.Provision of our services and facilitation of our products, according to the respective contractual instruments entered into between the parties Your personal data will be processed within the contractual limits defined or based on our legitimate interest, such as: • fulfilling our contractual obligations, like making payments; • formalizing contractual proposals and contracts/policies; • providing products purchased by the data subject and facilitating their consumption; • issuing invoices and/or payment slips; • responding to your requests/interactions from our customers through SAC or our website.Clients and legal/commercial representatives; Partners, suppliers, and service providers
Registration and qualification data; Contact data; Professional and academic data; Sensitive Personal Data.Conducting activities to enable the regular exercise of rights Even after the termination of your relationship with us, we may process some of your personal data to exercise our rights guaranteed by law, including using your data as evidence in judicial, administrative, or arbitration proceedings.Plaintiff/defendant or legal/commercial representative in judicial, administrative, or arbitration proceedings
Registration and qualification data; Financial and banking data; Contact data; Behavioral data; Attributes associated with your electronic devices.Carrying out internal processes to promote and support our activities Based on our legitimate interest, we may also process your personal data in various support activities of BLB and/or LUSOSEG, including but not limited to: • simulate operations and perform calculations related to our clients’ financial operations; • hire suppliers and partners that the Data Subject represents; • include delinquent clients in Serasa; • register information in our systems; • send updates that impact your relationship with us in compliance with transparency, such as updates to this Notice; or • send communications about our activities, such as changes in service hours or location. We may also process the data of individuals who are not yet our clients but who have contacted us through our communication channels. Furthermore, when necessary, your personal data may be used to create target audience segmentations and better promote updated content from our marketing campaigns. In such cases, the option to unsubscribe from our database will always be available at the end of each communication we send, allowing you to choose whether or not to receive information such as offers and news about our latest trends. Please note that in the activities supporting our interests, we will always respect the limits of your expectations, safeguarding your rights and fundamental freedoms.Data subjects who have contacted us; Potential clients; Clients and their legal and/or commercial representatives; Partners, suppliers, and service providers
Registration and qualification data; Contact information; Professional and academic data.Recruitment and selection Individuals interested in working with us can submit their résumés through our website, under “Work With Us”. Thus, considering your expectations and our legitimate interest, we process your personal data to analyze your résumé, assess your skills, academic and professional background, as well as to evaluate whether your profile meets the specific requirements of the position for which you applied. Your data may also be processed if it is necessary to contact you (by phone or email) and to enable all stages of our selection process, such as scheduling interviews and requesting information and documents.Job applicants, including interns and young apprentices

5. WHAT ARE COOKIES AND HOW DO WE USE THEM?

Cookies are text files that may be stored on your electronic devices when you visit our Platforms. We use this tool for different purposes, such as generating access statistics or enhancing your experience on our website.

Below we list the types of cookies used and their purposes:

Type of CookieWhat do they do?
Necessary/EssentialThese are essential cookies to enable the proper functioning of our Platform, as well as to allow you to use all the available features.
Performance/AnalyticsThese cookies help us understand how visitors interact with our Platform by providing information about the areas visited, the time spent on the Platform, and any problems encountered.
FunctionalThese cookies allow us to remember your previous choices, such as your preferred browsing language. They are responsible for providing a personalized experience.
MarketingThese cookies are used to deliver more relevant and specific content for your interests. They can also be used to present targeted advertising or to limit the number of ads displayed. Additionally, they allow the measurement of the effectiveness of a launched campaign.
UncategorizedUncategorized cookies are those that are being analyzed and have not yet been classified into a specific category.

We emphasize that necessary cookies are essential for the proper functioning of our website. This means that if you object to the use of this tool, it may result in an impaired experience or the suspension of your access.

However, you do not need to worry, as cookies do not damage your equipment and/or electronic device and can be easily disabled by configuring your browser to refuse cookies. In such cases, the website may not operate properly or may take too long to load content.

For more information on how to manage cookies in your browser, we provide the links below:

icon browser Internet Explorer Internet Explorer
icon browser Mozilla Firefox Mozilla Firefox
icon browser Google Chrome Google Chrome
icon browser Safari Safari
icon browser Microsoft Edge Microsoft Edge
icon browser Opera Opera Help

You may also choose to block the use of Google Analytics cookies at the following link: https://tools.google.com/dlpage/gaoptout

6. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

It is possible that BLB and LUSOSEG may share your personal data, in which case it will be limited to the minimum adequate and necessary to fulfill a specific purpose previously informed to you in this Notice.

Thus, we may share your data with the following third parties:

  • with other shareholders and companies of the Group – to enable the provision of our services more efficiently.
  • with business partners, service providers, and consultancies – to enable audits, collection services, financial/legal/regulatory support, and provision of other structures necessary for the operation of our services (e.g., operation calculations, archiving services, notary services, credit bureaus for listing defaulting clients, and other activities);
  • with administrative and judicial authorities and courts – when necessary to comply with a legal obligation or to assist in the investigation of suspicious or illegal activities; and
  • with law firms, advisory services, and other legal representatives – when necessary to defend the interests of BLB or LUSOSEG in administrative, arbitration, or judicial proceedings.

We may also share your data due to a corporate transaction, such as a merger, acquisition, spin-off, or incorporation.

In the above situations, we use contractual instruments to ensure that any third party receiving your personal data provides adequate protection in accordance with our instructions, including regarding storage, retention period, and any further sharing, provided it is previously authorized.

In addition, it is possible that BLB and LUSOSEG may share your data with third parties located outside Brazil. In these cases, besides ensuring the security and protection of personal data through contracts, we will rely on one of the legal bases for authorized international transfer provided by law. Thus, we may carry out international transfers of Personal Data in the following situations:

  • with the Board of Directors, Executive Board, and Shareholders located in Portugal for internal audits, monitoring of expenses and credit operations, and the collection and tracking of credit analysis reports. [In this case, the international transfer will take place as long as we have a purpose for storing your data or a legal basis for its retention, such as a legal, regulatory, contractual obligation or one imposed by a competent authority to retain personal data;

In any case, when conducting international transfers of Personal Data, we use methods to ensure your data remains secure. We use specific and secure systems to enable the transfer, with encryption measures in place.

7. HOW LONG DO WE STORE YOUR PERSONAL DATA AND HOW DO WE PROTECT IT?

We will not retain your personal data for longer than necessary for the purposes stated above, nor will we use your data for other purposes, except as authorized by law.

When it is necessary to retain personal data after the purpose for which it was collected has been fulfilled, the criteria for determining the retention period will be as follows:

  • whether we have a legal, regulatory, contractual obligation or one imposed by a competent authority to retain personal data; and
  • whether the data is needed to maintain accurate historical, business, and financial records or to comply with internal determinations of our Company.

All storage follows high security standards and is carried out in a structured manner to facilitate the fulfillment of your rights under the law. For this reason, we have internal procedures that dictate how personal data must be handled.

These guidelines are aimed at ensuring the proper and lawful processing of the personal data we hold.

In addition to these organizational and governance measures, we have also adopted several technical measures to ensure even greater security for your personal data, such as:

  • strict control of personal data processing, including limited access and password-protected access;
  • the existence of an information security program;
  • segregation of access to personal data;
  • password protection guidelines; and
  • access to services exclusively through secure networks.

9. WHAT ARE YOUR RIGHTS AND HOW CAN YOU (THE PERSONAL DATA SUBJECT) EXERCISE THEM?

Regardless of your relationship with BLB or LUSOSEG, you are guaranteed all rights regarding your personal data as provided by law, including:

  • to know whether we process any of your personal data;
  • to know which of your personal data we process;
  • to correct incomplete, inaccurate, or outdated data;
  • to request the anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed data;
  • to request data portability to another service or product provider;
  • to request the deletion of data processed with your consent;
  • to obtain information about the public or private entities with which we have shared your data;
  • when the processing activity requires your consent, you, the data subject, may refuse to give consent. In this case, we will inform you of the consequences of not carrying out such an activity. If you do give consent, you may revoke it at any time.

You may exercise your rights at any time and free of charge. To do so, simply contact our Data Protection Officer at encarregado.dados@lusobank.com.br. We ask that you identify yourself and indicate which right you wish to exercise.

We may request additional information and/or documents in order to confirm your identity or verify the accuracy of the information you provide.

Requests involving personal data and/or documents of other data subjects will not be fulfilled, except when authorized through a power of attorney, parental authority, or other legal basis that allows you to exercise another data subject’s rights on their behalf.

It is important to note that, in specific circumstances, your request may not be fulfilled. In such cases, we will explain the reasons that justify the denial.

10. QUESTIONS AND UPDATES

If you have any questions, you can contact our Data Protection Officer, Bruno Ferreira dos Santos Peixoto, via email: encarregado.dados@lusobank.com.br.

We reserve the right to make changes and/or updates to this Notice, in which case the new version will be made available through the appropriate channels.

Last updated: August 30, 2024

FOR YOUR RIGHT TO UNDERSTAND: HOW ABOUT WE CLARIFY SOME TECHNICAL TERMS FOR YOU?

Term/ExpressionMeaning
National Data Protection Authority (or ANPD)This is the federal public administration body responsible for overseeing, implementing, and ensuring compliance with the LGPD throughout the national territory.
ClientsIndividuals or legal entities who consume products from BLB or LUSOSEG. When we use terms such as “you”, “your”, or “yours”, we are referring to you (Client of BLB/LUSOSEG).
ControllerIndividual or legal entity, public or private, responsible for decisions regarding the processing of personal data.
Personal dataInformation related to an identified or identifiable natural person.
Sensitive personal dataAny personal data related to racial or ethnic origin, religious belief, political opinion, trade union or religious, philosophical, or political organization membership, data concerning health or sex life, genetic or biometric data.
Data Protection OfficerThe person responsible for ensuring that BLB and LUSOSEG comply with privacy laws and regulations, ensuring the protection of personal data, and serving as the communication channel with the ANPD and with data subjects.
LGPDGeneral Personal Data Protection Law (Federal Law No. 13.709/2018)
PlatformBLB and LUSOSEG websites and apps.
Third partiesAny and all individuals or legal entities with whom BLB and LUSOSEG have or may have a relationship. This includes: service providers, suppliers, consultants, partners, third-party contractors or subcontractors, tenants, space assignees, whether formally contracted or not, including those who use the Company’s name, supply materials, interact with public officials, government, or other third parties on behalf of BLB or LUSOSEG.
Data subjectAny identified or identifiable natural person to whom the processed personal data refers (e.g., client, prospects/leads, job applicants, suppliers, partners, etc.).
ProcessingAny operation performed on personal data, whether automated or not. That is, collection, production, receipt, classification, use, access, reproduction, transmission, distribution, processing, storage, archiving, deletion, evaluation or control of information, modification, communication, transfer, dissemination, or extraction.
Made with by