Privacy Policy
CSIFLEX ("CSIFLEX", "we") respects your privacy and processes personal data responsibly.
This Policy explains how we collect, use, share, and protect information when you visit our websites, use our products and services, attend events, or otherwise interact with us.
This Policy explains how we collect, use, share, and protect information when you visit our websites, use our products and services, attend events, or otherwise interact with us.
This Policy is designed to reflect common practices for digital platforms and services focused on industrial operations, data analytics, system integrations, technical support, and related services. It should be read together with the terms applicable to the product/service you use or contract.
1. Scope
This Policy applies to:
2. Personal data we collect
We may collect personal data directly from you, through your use of our services, or from authorized third parties.
2.1. Information you provide
2.2. Information collected automatically
2.3. Data related to customer operations and environments
Depending on the product/service contracted, CSIFLEX may process data related to a customer’s operational processes, systems, and equipment (for example, production, quality, maintenance, telemetry, and integration data). As a general rule, such data belongs to the customer and is processed under the applicable contract and the customer’s instructions.
3. How we use data
We use personal data for purposes such as:
4. Legal bases (LGPD)
Where applicable, we process personal data based on one or more legal bases under Brazil’s General Data Protection Law (LGPD, Law No. 13,709/2018), including: performance of a contract, compliance with legal/regulatory obligations, legitimate interests, consent (when required), and the regular exercise of rights.
5. Data sharing
We may share personal data in the following situations:
We do not sell personal data. When we share data, we aim to limit it to what is necessary for the relevant purpose and require appropriate security and confidentiality measures.
6. International transfers
We may store or process data on servers located outside Brazil, for example when using global cloud and infrastructure providers. In such cases, we adopt contractual and technical measures consistent with the LGPD to protect the data.
7. Cookies and similar technologies
We use cookies and similar technologies for website operation, security, preferences, and analytics. You can manage cookies through your browser settings. Disabling cookies may affect certain features.
8. Information security
We maintain technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or destruction, including access controls, segregation, encryption where appropriate, monitoring, and incident response processes. No system is completely secure, but we continuously work to reduce risk.
9. Retention and disposal
We retain personal data for as long as necessary to fulfill the purposes described in this Policy, comply with legal, regulatory, and contractual requirements, and protect our rights. After that period, data is deleted or anonymized where feasible.
10. Your rights
Under the LGPD, you may request:
In corporate environments, some requests may require additional verification (for example, when an account is administered by your employer/customer).
11. Communications and marketing
We may send communications about products, updates, events, and content. Where applicable, you can opt out of promotional communications using the unsubscribe link or by contacting us.
1. Scope
This Policy applies to:
- CSIFLEX websites and pages;
- Applications, dashboards, and environments managed by CSIFLEX;
- Sales communications, demos, support, trainings, and events;
- Interactions with customers, prospects, partners, and visitors.
2. Personal data we collect
We may collect personal data directly from you, through your use of our services, or from authorized third parties.
2.1. Information you provide
- Contact and identification data: name, email, phone, company, job title, and department.
- Account and access data: username, credentials (or authentication identifiers), and preferences.
- Submitted content: messages, support requests, files, forms, and feedback.
- Commercial data: information needed for quotes, contracts, invoicing, and customer relationship management.
2.2. Information collected automatically
- Browsing and device data: IP address, browser, operating system, pages visited, timestamps, and identifiers.
- Service usage data: access logs, features used, performance metrics, and logs for audit and security purposes.
- Cookies and similar technologies: to remember preferences, measure usage, and improve your experience.
2.3. Data related to customer operations and environments
Depending on the product/service contracted, CSIFLEX may process data related to a customer’s operational processes, systems, and equipment (for example, production, quality, maintenance, telemetry, and integration data). As a general rule, such data belongs to the customer and is processed under the applicable contract and the customer’s instructions.
3. How we use data
We use personal data for purposes such as:
- Providing, operating, and maintaining our services, including authentication, setup, and account administration.
- Delivering technical support, customer service, incident management, and communications about changes and updates.
- Improving products, features, and performance, including through aggregated analytics.
- Conducting commercial activities: demos, proposals, relationship management, marketing, and events (where permitted).
- Protecting our users, customers, and CSIFLEX against fraud, abuse, and security incidents.
- Complying with legal, regulatory, and contractual obligations, and exercising rights in administrative or judicial proceedings.
4. Legal bases (LGPD)
Where applicable, we process personal data based on one or more legal bases under Brazil’s General Data Protection Law (LGPD, Law No. 13,709/2018), including: performance of a contract, compliance with legal/regulatory obligations, legitimate interests, consent (when required), and the regular exercise of rights.
5. Data sharing
We may share personal data in the following situations:
- Vendors and subprocessors: hosting, storage, email, support, monitoring, and security services.
- Partners: when needed to deliver integrations, projects, or joint initiatives, subject to contract.
- Legal obligation: to comply with court orders, competent authorities, or regulatory requirements.
- Corporate transactions: in the event of a reorganization, merger, acquisition, or sale of assets (with appropriate safeguards).
We do not sell personal data. When we share data, we aim to limit it to what is necessary for the relevant purpose and require appropriate security and confidentiality measures.
6. International transfers
We may store or process data on servers located outside Brazil, for example when using global cloud and infrastructure providers. In such cases, we adopt contractual and technical measures consistent with the LGPD to protect the data.
7. Cookies and similar technologies
We use cookies and similar technologies for website operation, security, preferences, and analytics. You can manage cookies through your browser settings. Disabling cookies may affect certain features.
8. Information security
We maintain technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or destruction, including access controls, segregation, encryption where appropriate, monitoring, and incident response processes. No system is completely secure, but we continuously work to reduce risk.
9. Retention and disposal
We retain personal data for as long as necessary to fulfill the purposes described in this Policy, comply with legal, regulatory, and contractual requirements, and protect our rights. After that period, data is deleted or anonymized where feasible.
10. Your rights
Under the LGPD, you may request:
- Confirmation of processing and access to your data;
- Correction of incomplete, inaccurate, or outdated data;
- Anonymization, blocking, or deletion (when applicable);
- Data portability, as regulated;
- Information about sharing;
- Withdrawal of consent (when processing is based on consent).
In corporate environments, some requests may require additional verification (for example, when an account is administered by your employer/customer).
11. Communications and marketing
We may send communications about products, updates, events, and content. Where applicable, you can opt out of promotional communications using the unsubscribe link or by contacting us.
