This document aims to provide transparency regarding the data processing carried out by NUTRIRE INDUSTRIA DE ALIMENTOS LTDA, located at Rodovia Rota do Sol, RSC No. 453, Km 88.6, city of Garibaldi/RS, ZIP Code: 95.720-000, registered under CNPJ No. 04.693.895/0001-48.
We dedicate this Privacy Notice to explain, in a simple and summarized manner, how and when the personal data of individuals who are not part of this organization are used.
Your personal data may be processed by our organization in various situations or for various purposes, as described below. In all cases, the rules established by applicable legislation are followed.
It is important to note that our personal data processing practices may be changed, always aiming to improve the experience of our customers or suppliers, as well as data security. For this reason, it is important to review this notice regularly to be aware of any changes to this document.
1. PERSONAL DATA PROCESSING
First, we clarify that this Privacy Notice understands "personal data" as all information capable of identifying a natural person, either directly or indirectly, following four pillars regarding personal data processing: respect, balance, responsibility, and transparency.
Personal data will be collected mainly from the company's customers and employees, by phone, e-mail, instant messaging applications, or in person.
That said, it is important to mention that depending on the purpose of the respective processing, different data will be required for the organization to access, collect, or process in general, and the data that may be processed by NUTRIRE in the course of its activities will be detailed in the next item.
2. PURPOSE OF PERSONAL DATA USE
The processing of your personal data is essentially necessary to ensure customer service and the supply of our products.
Only the data necessary for the purposes for which it was collected will be processed. That is, no excess data will be collected, maintaining only the processing of data essential to achieving the respective purpose. Therefore, we highlight that the following data is used to achieve the respective purposes:
SUPPLIER REGISTRATION Legal Representative ➜ Data: Name, CPF No., RG No., address, e-mail, phone number, bank account number.
EMPLOYEE DOSSIER - NUTRIRE Employees ➜ Data: Full name, RG No., CPF No., position, address, filiation, date of birth, admission date, voter registration number (zone and section), CTPS No. (series, issue date), driver's license No. (category), military document No., gender, education level, banking details, vacation accrual period, marital status, phone number, place of birth, e-mail, signature. ➜ Documentation: Résumé, work permit, proof of address, identification document. ➜ Sensitive Data/Documents: Salary, race/color, health-related information, medical certificates, ICD No.
CUSTOMER SERVICE Customers ➜ Data: Full name, CPF No., workplace, phone number, e-mail, address.
CONTACT US (QUESTIONS, COMPLAINTS, COMPLIMENTS, ETC.) General public ➜ Data: Name, e-mail, phone number.
If there is any doubt about why any of your personal data was requested or processed by NUTRIRE, or what the legal basis for such processing is, please contact our DPO through the channels indicated at the end of this document, requesting the clarifications you deem appropriate.
The company will be ready to provide you with all the information necessary to exercise your rights guaranteed by the General Data Protection Law.
3. PRINCIPLES FOR PERSONAL DATA PROCESSING
It is important to clarify that all your data eventually processed by this institution is only processed to achieve a purpose grounded in the General Data Protection Law (Law No. 13.709/2018).
The legal bases that support NUTRIRE's personal data processing are:
➜ Upon prior obtaining of consent from the personal data subject, when applicable; ➜ To comply with legal or regulatory obligations that require personal data processing; ➜ When essential for the negotiation or execution of contracts established between NUTRIRE's customers, suppliers, and partners; ➜ For the regular exercise of rights, including in judicial, administrative, or arbitration proceedings.
4. COOKIES, WEB BEACONS, AND OTHER TECHNOLOGIES
When you first visit our website, you will be asked for your consent to the processing of your browsing data, or cookies, by the company. If consent is given for the use of your cookies, they will be used to assist in diagnosing and resolving any technical issues on the website or browsing, as well as to develop new improvements that enhance the quality of your experience on our platforms.
Monitoring technologies are also used for statistical purposes, without individualizing the user.
Under no circumstances will malicious cookies be used, nor will your cookie information be provided to or shared with third parties under any pretext. Without your consent, your cookies will not be used; however, you should be aware that browsing our website or application will not take full advantage of all its features.
5. SHARING OF PERSONAL DATA
Your data may be disclosed, transferred, or shared with business partners that provide database storage and administrative support services. Information will also be shared when necessary for the preservation of rights and/or compliance with legal obligations, if requested by public authorities, or if necessary to comply with a court order, always ensuring full transparency and acting in accordance with the expectations of data subjects who interact with us, emphasizing that NUTRIRE does not sell personal data of any person, under any circumstances.
All NUTRIRE service providers or partners who have access to your data do so solely and exclusively for the purpose of fulfilling the respective service agreement and within the strict limits of the service itself.
5.1. International sharing of personal data
In order for NUTRIRE to provide its services, cloud service providers may be included in the operations, such as those in the United States, and as established by national legislation, the international transfer of personal data may be carried out to business partners or international organizations located in countries that offer a level of personal data protection compatible with that provided by law, or that guarantee this same level of protection through contractual agreements.
Therefore, we ensure that when transferring personal data to countries with different security standards, we adopt appropriate measures to ensure compliance with Brazilian legislation regarding security when performing international personal data sharing.
6. STORAGE AND DATA RETENTION PERIOD
Your digitally collected data is stored primarily on cloud-type servers. It is important to emphasize that even data stored on a cloud server, the control and responsibility over the data remain with NUTRIRE as the controller, together with the company that operates the respective processing.
The data retention and storage period varies according to the purpose for which the data was collected or is stored, but in general, data is used only for the period in which it is necessary for the provision of services, being stored only for rights protection purposes after this period, without use. It can be assumed that the retention period for each piece of data is related to the statute of limitations for possible legal actions and administrative proceedings related to each piece of data.
7. DATA SECURITY
Various security measures are adopted so that your data is stored securely, complying with all legal measures imposed by the General Data Protection Law. NUTRIRE has Information Security Control procedures, policies, and systems designed and implemented to ensure the confidentiality, integrity, and availability of personal data, with measures adopted to record and track access to personal data, allowing the monitoring of interactions and the prompt identification and correction of any adverse events.
The security measures aim, among other things, to prevent unauthorized access, destruction, loss, alteration, or any form of inappropriate or unlawful processing of your data that is with us.
However, we emphasize that unfortunately no digital platform is absolutely secure. The pursuit of greater security is ongoing in our organization, but no security technology available on the market is infallible — this is a fact.
Therefore, NUTRIRE is not responsible for security incidents that are generated or caused by third parties, without its fault. If you are concerned about the security of your data, please contact us through our Data Officer so that we can assist you and clarify whatever is necessary.
8. DATA SUBJECT RIGHTS
Any request for rights under the General Data Protection Law by the data subject must be made by completing the appropriate form, which must be requested from the DPO in person at the company's headquarters, or by e-mail through the contact indicated below.
To exercise rights, confirmation of your identity or of guardians, tutors, curators, and other legal representatives will be required. Therefore, our DPO may request some additional data and documents to supplement the request.
Data subjects may request the display, correction of inaccurate, incomplete, or outdated data, or anonymization, blocking, or deletion of their data, as well as the elimination of data, except in cases where the maintenance of collected data is necessary for the preservation of rights and/or compliance with legal or contractual obligations.
In cases where data subjects request the revocation of consent for future collection and processing of their personal data, it is important for them to be aware that this may partially or totally prevent the provision of a service, the execution of a request, or the protection of their own rights.
If the request for data deletion is approved, NUTRIRE will eliminate all your data from all our databases, except for those essential for compliance with a legal or regulatory obligation, for the protection of the organization's rights in any judicial or administrative proceedings, or for audit purposes.
10. DPO (DATA PROTECTION OFFICER)
NUTRIRE has a Data Protection Officer, responsible for guiding our operations in accordance with the legislation, as well as receiving and responding to complaints and communications from personal data subjects and authorities, providing clarification when necessary.
The Data Protection Officer is Contego Security, responsible person Ruan Diego Batista, and can be contacted via e-mail: dpo@contego.com.br.
11. UPDATES TO THE PRIVACY NOTICE
Our privacy notice is constantly being improved and enhanced, so we reserve the right to modify it at any time without prior notice. To be aware of modifications, we recommend that you visit our page periodically.
12. CONTACT
If you have any questions about this Privacy Notice, about how we handle your personal data, would like to exercise any of your rights under the LGPD, or in the event of a violation, non-compliance, or any irregularity related to personal data operations carried out by us or our partners/suppliers, please contact our Data Officer/DPO, Contego Security, responsible person Ruan Diego Batista, via e-mail at dpo@contego.com.br.
Last updated: February 13, 2026.