What is the General Data Protection Law?
It is a federal law enacted in September 2020 and one of the objectives is to ensure transparency in the use of your personal data.
With this new law, we at AES have updated our Privacy Policy on our websites and applications and have released the Privacy Notice to our customers, where you can find more information about the treatment of your personal data. In addition, we changed the way of accessing some of our channels.
Know that we are committed to being transparent and taking care of your personal data.
In case of requests or information about the LGPD, send an email to the committee comitelgpd@aes.com.
The Data Protection Officer at AES Brasil can be contacted at the following email address: pedro.bernardelli@aes.com, Pedro Henrique Bernardelli, Lawyer - OAB/SP 297.394.
Any natural person or legal entity, of public or private law that carries out operations of processing of personal data, regardless of the environment, the country of its headquarters or the country where they are located or data, subject to the exceptions provided for by law, provided that:
I - the treatment operation is carried out in the national territory;
II - the treatment activity has the objective of offering or providing goods or services or processing data from individuals located in the national territory; or
III - the personal data subject to the treatment have been collected in the national territory.
Any information related to a natural person that identifies or may lead to your identification, such as CPF (Social Security Number), address, telephone, identity, IP address, among others.
Data related to racial or ethnic origin, religious belief, political opinion, union membership or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person.
The controller: natural or legal person, under public or private law, who is responsible for decisions regarding the processing of personal data;
The operator: natural or legal person, under public or private law, who performs the treatment of data on behalf the controller;
Any operation carried out with personal data, such as those referring to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, evaluation or control of information, modification, communication, transfer, diffusion or extraction.
Natural person to whom the personal data that are the object of treatment refer.
Confirmation of the existence of the treatment: the subject of personal data can seek from AES the confirmation of the existence of processing operations related to their personal data;
Access: the subject of personal data may request and receive a copy of all personal data collected and stored;
Correction: the subject of personal data may request the correction of personal data that is incomplete, inaccurate or out of date;
Elimination: the subject of personal data may request the deletion of their personal data from databases managed by AES, unless there is a legitimate reason for maintaining it, such as a legal obligation to retain data. In the event of elimination, AES reserves the right to choose the elimination procedure employed, committing itself to using means that guarantee security and avoid data recovery;
Request the suspension of unlawful processing of personal data: the subject of personal data may request at any time from AES the anonymization, blocking or deletion of his personal data that has been recognized by the competent authority as unnecessary, excessive or treated in non-compliance with the provisions of the LGPD;
Opposition to the processing of Personal Data: in the case of processing of personal data not based on obtaining consent, the subject of personal data may present an opposition to AES, which will be analyzed based on the criteria present in the LGPD;
Personal Data Portability: the subject of personal data may request AES to have their personal data made available to another service or product supplier, respecting the Institution's commercial and industrial secrecy, as well as the technical limits of its infrastructure;
Revocation of consent: the subject of personal data is entitled to revoke their consent. However, it is emphasized that this will not affect the legality of any treatment carried out before withdrawal. In the event of revocation of consent, it may not be possible to provide certain services. This being the case, the subject of personal data must be informed.
In case of doubts or requests regarding the General Data Protection Law (LGPD), please contact us by email: comitelgpd@aes.com
Only the subject of the personal data or their authorized legal representative.
Individual: Official document with photo and power of attorney in case of legal representative.
Legal entity: Presentation of original CNPJ (National Registry of Legal Entities) card with simple copy or certified copy or respective protocol of the state commercial board and documents related to its constitution, registration (Articles of Incorporation, Bylaws, Minutes of General Meeting and Election) and documents of their legal representative (s) in accordance with the item “individual”. Power of attorney in the case of a legal representative.
Legal entity of public authority: also present an Official Letter and/or Institutional Email issued by the requesting public agency.
Once your identity has been confirmed and your order has been formalized, within fifteen (15) days from the date of the subject's request.
You can contact us via email to comitelgpd@aes.com