Privacy Policy
Hello and welcome!
Genyo is committed to the security of the data and information you entrust to us so that we can provide our services.
Accordingly, the Privacy and Personal Data Protection Policy described below seeks to strengthen our commitment to the privacy of the users of our Platform, with the goal of complying with the law and prioritizing transparency in our relationship.
Through this document, Genyo undertakes to disclose and clarify how the personal data of its Users is processed, what information we collect, how we use it, where we store it, when it is discarded, and when it is shared with third parties. All of this is in compliance with Law No. 13.709/2018 — the Brazilian General Data Protection Law (LGPD).
When you use our services, you provide certain information so that we may meet your expectations, including those related to the quality of our service, and so that we may carry out the communications necessary to conduct our current and future relationship.
We understand that you are also entrusting us with the protection of your information, and this is a great responsibility for us.
Please read this document carefully, as it will help you better manage all of your rights.
1. Important Definitions
a) “Genyo”:
GENYO TECNOLOGIA DA INFORMAÇÃO LTDA, a private legal entity registered under CNPJ No. 29.359.555/0001-06, with its principal place of business in Belo Horizonte/MG, email address: [email protected], and, for the purposes of this Policy and of the LGPD, “Processor.”
b) “Platform”:
The product made available by Genyo to its Users.
c) “User”:
A natural person or legal entity that uses the Platform.
d) “Privacy Policy”:
The document by which Genyo explains, in detail, the processing of its Users’ personal data, in compliance with the legislation in force, particularly the provisions of the Brazilian General Data Protection Law (LGPD).
e) “General Data Protection Law and/or LGPD”:
The Brazilian General Data Protection Law, Law No. 13.709/2018 (http://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/L13709compilado.htm).
f) “Personal Data”:
Any information related to a natural person that identifies them, or that, when used in combination with other processed information, identifies an individual. Also, any information through which the identification or contact information of a natural person is possible.
g) “Data Subject”:
The natural person to whom the personal data being processed refers.
h) “Processing of Personal Data”:
The processing of personal data is any operation involving the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation, or control of information; modification, communication, transfer, dissemination, or extraction of data of natural persons.
i) “Processor”:
A natural person or legal entity, whether of public or private law, that processes personal data on behalf of the controller.
j) “Controller”:
A natural person or legal entity, whether of public or private law, who is responsible for decisions concerning the processing of personal data.
k) “Access Logs”:
The set of information referring to the date and time of use of a particular internet application from a given IP (Internet Protocol) address.
l) “Purpose”:
What Genyo intends to achieve through the processing of personal data on the Platform.
m) “Necessity”:
The reason that justifies the processing of personal data by Genyo in order to achieve the intended purpose. The processing of personal data is, however, limited to the minimum data necessary to reach the desired purpose; that is, it must be relevant, proportional, and not excessive.
n) “Consent”:
A free, informed, and unequivocal manifestation (authorization), without leaving any doubt, by which the User agrees to the processing of their personal data by Genyo for a specific purpose. After granting consent, the User may withdraw it at any time; however, it should be noted that the withdrawal of consent does not invalidate the processing of data carried out prior to such withdrawal.
2. To Whom This Privacy Policy Applies
This Privacy Policy applies to all those who use Genyo’s Platform. It also applies to those whose personal data is, in any way, processed by Genyo. The User’s use of the Site constitutes express acceptance of this Privacy Policy.
3. Personal Data Collected and Used by Genyo to Provide Its Services
Information Provided by the User
Genyo collects and stores the information that the User provides in order to test the Platform. For this purpose, the following information is collected:
(i) company name;
(ii) corporate email;
(iii) corporate telephone;
(iv) number of employees;
(v) password.
Genyo collects and stores the information that the User provides in order to receive newsletters, discounts, benefits, and marketing campaigns from our Platform. For this purpose, we collect the following information:
(i) personal or corporate email;
(ii) full name.
Genyo collects and stores the information that the User provides in order to request the exercise of personal data subjects’ rights. For this purpose, we collect the following information:
(i) email;
(ii) personal or corporate name;
(iii) identification document.
Information the User Registers on the Platform
Genyo collects and stores the information that the User provides in order to contract the Platform. For this purpose, we collect the following information:
(i) email;
(ii) name;
(iii) access number;
(iv) time-record proof;
(v) hour bank;
(vi) full name;
(vii) CPF;
(viii) RG;
(ix) ZIP code (CEP);
(x) street address;
(xi) number;
(xii) complement;
(xiii) neighborhood;
(xiv) state;
(xv) city.
Genyo collects and stores the information that the User provides in order to use the Platform. For this purpose, we collect the following information:
(i) full name;
(ii) job title;
(iii) department;
(iv) employee ID;
(v) email;
(vi) extension number;
(vii) hire date;
(viii) termination date;
(ix) CPF;
(x) RG;
(xi) date of birth;
(xii) PIS/PASEP;
(xiii) CTPS (Work and Social Security Card);
(xiv) series;
(xv) vacation;
(xvi) photograph;
(xvii) geolocation;
(xviii) electronic signature;
(xix) hour bank.
Genyo collects and stores the information that the User provides in order to contact our Support Team. For this purpose, the following information is collected:
(i) name;
(ii) personal or corporate email;
(iii) CPF.
Genyo collects and stores the information that the User provides in order to invoice the services rendered on our Platform. For this purpose, the following information is collected:
(i) name;
(ii) personal or corporate email;
(iii) CPF.
In addition, when necessary, we may also collect certain technical information from your device, such as the IP address and Source Logical Port, the date and time records of each action you perform on the Platform, screens accessed, Session ID, and Cookies, in order to confirm your access credentials to the Platform and to register “your” electronic time record, as well as to comply with legal and security obligations.
4. Purposes of the Processing of Personal Data by Genyo
| Purpose | Legal Basis |
|---|---|
| To provide the services offered through our Platform, providing you with the appropriate functionalities. | Article 7, V of the Brazilian General Data Protection Law — performance of the contract between Genyo and the User. |
| To respond to requests from Personal Data Subjects, fulfill their requests, and provide technical support. | Article 7, II of the Brazilian General Data Protection Law — compliance with a legal civil obligation. |
| To support both the Controller and the Personal Data Subject in exercising rights in existing and/or future judicial, administrative, or arbitral proceedings. | Article 7, VI of the Brazilian General Data Protection Law — for the regular exercise of rights in judicial, administrative, or arbitral proceedings. |
| To comply with legal obligations related to proceedings and/or requests from public or governmental authorities. | Article 7, II of the Brazilian General Data Protection Law — compliance with a legal or regulatory obligation. |
| To protect the rights, privacy, security, property, and operations of Genyo, to enforce its terms and conditions, to enable access to available resources, or to limit the damages caused to Genyo. | Article 7, IX of the Brazilian General Data Protection Law — Genyo’s legitimate interest. |
| To announce new features, discounts, promotions, and benefits; to send newsletters; and to conduct marketing campaigns and the promotion of our Platform and the services rendered through the Genyo Platform. | Article 7, I of the Brazilian General Data Protection Law — consent of the Personal Data Subject. |
| To respond to User Support and Customer Service requests. | Article 7, II of the Brazilian General Data Protection Law — compliance with a legal obligation. |
5. Sharing of Data with Third Parties
Genyo shares Users’ personal data only when sharing is necessary for compliance with the law or in the case of requests from public and/or governmental authorities.
The Platform may include links to third-party websites, plug-ins, and/or applications. Clicking on these links or enabling such connections may allow third parties to collect and/or share Users’ data. Genyo is not responsible for the Privacy Policies of third-party websites; therefore, when leaving the Genyo Platform, the User should be sure to read the specific Privacy Policy of each website accessed and/or visited.
6. Retention Period for Personal Data
The personal data collected and/or processed by the Genyo Platform is stored, on the basis of its legitimate interest and for the time necessary to exercise its rights and those of the controller in judicial proceedings, pursuant to Article 7, VI of the LGPD. The User has the option to withdraw, at any time, their consent regarding the processing of their data, pursuant to Article 18, IX of the LGPD.
Once the User exercises the right to withdraw consent to the processing, the personal data processed by Genyo will be blocked, except in cases where the processing of the data is still necessary on the basis of other lawful grounds for processing personal data set forth in Article 7 of the LGPD.
7. Rights of Personal Data Subjects
The User has the right to request information from Genyo regarding the processing of their Personal Data.
The request must be made via the email of the Data Protection Officer, which is provided at the end of this Privacy Policy and in the Platform’s navigation menu.
Confirmation of the Existence of Processing:
If there is any doubt about the existence of the processing of their personal data, data subjects may confirm the existence of such processing by Genyo.
The requests will be answered:
– in simplified form, immediately;
– by means of a clear and complete statement indicating the origin of the data, the absence of records, the criteria used, and the purpose of the processing;
– by electronic, secure, and suitable means for this purpose, or in printed form.
Access to Processed Personal Data:
Personal data subjects have the right to request access to the data held and processed by Genyo.
The requests will be answered:
– in simplified form, immediately;
– by means of a clear and complete statement indicating the origin of the data, the absence of records, the criteria used, and the purpose of the processing;
– by electronic, secure, and suitable means for this purpose, or in printed form.
Correction of Incomplete, Inaccurate, or Outdated Data:
Personal data subjects may request that Genyo, at any time, modify their personal data when such data is incorrect, inaccurate, or outdated.
Examples: updating your name, changing your email address. It is important that personal data be accurate and current; therefore, it is the User’s sole responsibility to keep Genyo informed in the event that their personal data needs to be corrected.
Anonymization, Blocking, or Deletion of Unnecessary or Excessive Data, or Data Processed in a Manner That Does Not Comply with the LGPD:
The data subject may request the blocking and deletion of their data from the Platform. This request will only be denied by Genyo in cases where it cannot be fulfilled or where storage is required and/or permitted, pursuant to Article 7 of the LGPD and other applicable legislation. As for anonymized data — that which does not allow for the unequivocal identification of the data subject, considering the technical means that are reasonable and available at the time of processing — because anonymization prevents the unequivocal identification of personal data subjects, anonymized data is no longer considered personal and is therefore outside the scope of the LGPD, provided that the anonymization process cannot be reversed. Such data may continue to be processed by Genyo.
Data Portability to Another Service or Product Provider:
Genyo is exempt from the obligation to provide data portability to another service or product provider, pursuant to §1 of Article 6 of the Draft Resolution of the ANPD that regulates the LGPD for small-sized processing agents.
Deletion of Personal Data Processed with the Data Subject’s Consent:
The data subjects’ personal data processed by Genyo will be deleted and/or blocked after the purpose has been fulfilled, except in the following cases:
– compliance with a legal or regulatory obligation by Genyo;
– exclusive use by Genyo, with access by third parties prohibited and provided that the data is anonymized.
Information about the Public and Private Entities with Which the Controller Has Engaged in Shared Use of Data:
The data subject has the right to request access to personal data that has been forwarded to public or private entities, except in situations not provided for by law.
Information about the Possibility of Not Providing Consent and the Consequences of Refusal:
Genyo is available to address and assist, in a transparent manner, any questions or requests for clarification from data subjects regarding the processing of their personal data. We are willing and available to inform you, among other things, of the possible impacts should the data subject withdraw their consent for the use of personal data, in cases where the legal basis for processing the data is the data subject’s consent.
Withdrawal of Consent:
The consent provided by personal data subjects may be withdrawn at any time by means of a formal request to Genyo.
8. Modifications to This Privacy Policy
Genyo may modify, alter, and/or replace the Platform’s Privacy Policy at any time. In the event of any change, Genyo will make the new policy available on its Platform before the change takes effect. If the User does not agree with the proposed changes, they may withdraw their consent in accordance with the law.
9. Applicable Law and Jurisdiction
This Privacy Policy shall be governed, interpreted, and applied in accordance with the laws of the Federative Republic of Brazil, with the courts of the District of the Capital of Minas Gerais being competent to resolve any disputes arising from this document.
10. Cookie Policy
Genyo uses cookies on its Platform. Please note that we use only essential cookies, which are necessary for the Platform to function in the simplest and most efficient manner, allowing for network management and a more secure environment. If the User wishes, they may disable them. This can typically be done in the “options” or “preferences” menu of your browser. However, disabling Cookies may impair the browsing performance of the Platform.
11. International Users
Genyo is a Brazilian company providing services primarily under Brazilian law (LGPD — Law No. 13.709/2018). While we do not actively target customers outside Brazil, we accept registrations from customers globally.
If you are accessing our Platform from outside Brazil, you acknowledge that your personal data will be processed in Brazil, which may have data protection standards different from those of your country of residence. The Genyo Platform is designed primarily to comply with Brazilian labor and tax regulations and may not satisfy the legal requirements of other jurisdictions.
Depending on your location, you may have additional rights under your local law, such as the General Data Protection Regulation (GDPR) for residents of the European Union or the United Kingdom, the California Consumer Privacy Act (CCPA/CPRA) for California residents, or the Personal Information Protection and Electronic Documents Act (PIPEDA) for Canadian residents.
To exercise any data protection right, regardless of your jurisdiction, please contact our Data Protection Officer at [email protected]. We commit to responding to all requests within thirty (30) days. If you have unresolved concerns, you may also contact the data protection authority of your country of residence.
12. Contacts and Data Protection Officer
GENYO TECNOLOGIA DA INFORMAÇÃO LTDA, registered under CNPJ No. 29.359.555/0001-06, with its principal place of business in Belo Horizonte/MG, email address: [email protected].
Help 
