Privacy Policy

GENERAL INFORMATION

Aubrick's Privacy Policywas created to demonstrate our commitment to safeguarding the privacy and protection of users' personal data, as well as to clarify how we handle their personal data. This Policy applies to Aubrick's institutional website, https://aubrick.com.br/.

Please read this Policy carefully and, if you still have any questions, feel free to contact us through our Data Protection Officer, PG Advogados, represented by the Data Protection Officer, Dr. Manuela Menezes Silva, via the email address dpoaubrick@pgadvogados.com.br.

This Privacy Policy applies to all users and visitors of the Aubrick institutional website and is an integral part of its General Terms and Conditions of Use, owned by Aubrick, headquartered at Rua Vieira de Morais, nº 177, Campo Belo, São Paulo – SP, CEP: 04617-010, CNPJ: 09.483.812/0001-00, hereinafter referred to in this policy as “Aubrick” or “we” / “our”.

This Privacy Policy describes our practices regarding personal data collected through websites we operate (the “Sites”), using software applications we develop (except where subject to an application-specific Privacy Policy) (the “Applications”), through social media pages (our “Social Media Pages”), in email messages sent in HTML format relating to this Privacy Policy, as well as offline interactions you may have with us (collectively, Sites, Applications or Social Media Pages and offline activity, “Services”).

This document was prepared in accordance with the General Data Protection Law (Law 13.709/18), the Brazilian Civil Rights Framework for the Internet (Law 12.965/14), and other personal data protection regulations. Furthermore, this document may be updated due to any regulatory updates, therefore users are encouraged to periodically consult this section.


GLOSSARY

  • Cookies: small files sent by Aubrick websites, saved on the user's devices, which store preferences and a few other pieces of information, in order to personalize website browsing according to the user's profile;
  • Personal Data: any information that refers to an identified or identifiable natural person. For example: name, address, CPF (Brazilian tax identification number), email, telephone number, IP address, etc.;
  • Sensitive Personal Data: This is Personal Data that concerns racial or ethnic origin, religious beliefs, political opinions, membership in a trade union or religious, philosophical or political organization, data relating to health or sex life, genetic or biometric data, when linked to a natural person;
  • Data Protection Officer: person designated to act as a communication channel between Aubrick, users and the National Data Protection Authority (“ANPD”);
  • Applicable Legislation: all legislation concerning privacy and protection of Personal Data, especially Law No. 13.709/2018 (General Law on the Protection of Personal Data – Law No. 13.709/18 – “LGPD”), the Brazilian Civil Rights Framework for the Internet, and Law 12.965/2014;
  • Site: This is our environment, designated by the web address https://aubrick.com.br/;
  • Data Subject / User: This refers to the individual to whom the Personal Data relates, when they interact with Aubrick in situations where they provide their Personal Data, whether as a parent, student, employee, information requester, or website visitor; and
  • Processing: any operation performed on Personal Data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction.


PERSONAL DATA

Personal data” refers to any data or information that can identify you individually or that relates to an identifiable individual, such as:

  • Name;
  • Address;
  • Email address;
  • Phone number;
  • WhatsApp number;
  • School and/or university records;
  • PIS;
  • Emergency contact details;
  • Socioeconomic data, including, where relevant, gender, date of birth, place of birth, racial and ethnic origin, and health;
  • Professional information (resume);
  • National registration numbers, such as RG or CPF numbers;
  • Bank account details;
  • Profile picture;
  • Data related to your browsing, including IP address and geolocation;
  • Additional data, in the form and within the limits of the corresponding consent provided by you (when necessary).

On the other hand, we also have anonymized data (data that, by itself, cannot identify or make identifiable a natural person) which is not considered personal data.


How do we collect user and visitor personal data?

We collect personal data in various ways, always in accordance with applicable law, including:

Through services

  • We collect personal data through our services. For example, when you visit our website or social media and register, submit your resume through official channels, or maintain any relationship with us as a school community member, service provider, or collaborator;
  • The information collected during the selection process for unsuccessful candidates may remain in the database for future opportunities for up to 6 (six) months;
  • The information collected during the academic period may remain in the database even after the end of the contracted academic year, in order to fulfill legal obligations.
  • We collect your information for the duration of the contract (student or work contract). It is possible that some information may be retained in our database even after the contract ends due to legal or contractual obligations.
  • If you do not provide the requested information, we may not be able to offer the services, in whole or in part, nor consider your participation in the selection process you are interested in.

Offline

  • We collect your personal data offline when you fill out forms at our headquarters or contact our call center.

Through other sources

We receive your personal data through other sources, such as:

  • Our partners and service providers;
  • Available public or private databases;
  • References and/or recommendations.

If you share any personal data of another person with us or our service providers in connection with the services, you represent that you have the authority to do so and permit the processing of this data in accordance with this Privacy Policy.


For what purposes do we use the personal data of users and visitors?

We process personal data for the performance of a contract or preliminary procedures related to a contract to which the data subject is a party, at the request of the data subject, including the following purposes:

PurposeActionsLegal Basis for Treatment
Execution of services provided by Aubrick.
  • We handle requests and inquiries through our customer service channels or other means of communication.
  • Internal administrative activities for the execution of a contract or preliminary procedures related to a contract.
  • Sending administrative information.
  • Sending contract-related information to fulfill obligations to accounting, banks, the contracting party, and the tax authorities.
We will carry out these activities for the purpose of contract execution or preliminary contract-related procedures and/or to comply with legal and regulatory obligations.

Marketing actions and facilitating sharing on social networks.Sending marketing emails.

To facilitate the sharing of information on the social networks you choose to use.

We will carry out this activity with your consent or when there is a legitimate interest on our part.

Meter evaluation for service improvement
  • To analyze or predict our users' preferences, aggregating trend reports on how our digital content is used, and thus improve our services;
  • To get to know you better and, therefore, personalize our interactions and provide information and/or offers according to your interests;
  • To better understand your preferences and, therefore, provide you with relevant and interesting content through our services.
We will provide personalized services with your consent or because we have a legitimate interest in doing so.

Achieving our business objectives
  • For data analysis, for example, improving the efficiency of our services;
  • In audits, to verify that our internal processes are functioning as they should, in accordance with legal, regulatory or contractual requirements;
  • For the purposes of information security and fraud monitoring, for example, to detect unauthorized access and prevent digital attacks or attempts at identity theft;
  • To develop new services;
  • To improve, expand or modify our current services;
  • To identify usage trends, for example, to understand which parts of our services attract the most attention from users;
  • To determine the effectiveness of our campaigns and adapt them to the needs and interests of our users;
  • To operate and expand our business activities, for example, to understand which parts of our services are of greatest interest to users, focusing our efforts on meeting their interests.
We carry out these activities when they are necessary for the fulfillment of our contractual relationship with you, in compliance with any legal or regulatory obligation, and/or because we have a legitimate interest in these activities, as permitted by applicable law. In other situations, such as in the case of satisfaction surveys where we use your personal data, we will carry out this activity based on your consent.

Other purposes:

For other purposes, in the manner and within the limits of the consent granted by you, when necessary, and to the extent permitted or required by applicable law.


Who we will share your personal data with.

We share your personal data in accordance with the purposes described in this Privacy Policy:

For accounting and legal purposes;

For the Municipal, State or Federal Treasury;

For police and/or judicial authorities;

For service providers and/or employees.


This may include service providers such as website hosting, cloud computing, operating systems, data analytics, payment processing, order processing, information technology and related infrastructure, customer service, email delivery, auditing, troubleshooting, and services related to fraud and security, as well as other services.

By using the services, you choose to disclose your personal data:

In selection processes that interest you or are compatible with your profile. Please note that the data you provide during the selection process may be made available by Aubrick to accounting, tax authorities, the Department of Education, and police and/or judicial authorities.

Other purposes

In the form and within the limits of the corresponding consent provided by you, when necessary, and to the extent permitted or required by applicable law.


Other treatment purposes:

We also process your personal data as necessary and/or appropriate to comply with a legal or regulatory obligation or judicial, administrative or arbitration requests and orders, including:

To comply with applicable law;

This may include laws from outside your state or country of residence.

To fulfill requests from public and governmental authorities;

This may include authorities from outside your state or country of residence.

To cooperate with law enforcement;

For example, when responding to judicial, administrative, or arbitration requests and orders.

For other legal reasons;

  • To fulfill our contracts, terms and conditions;
  • To protect the rights, privacy, security, and property of ourselves and/or our candidates, employees, clients, and other parties with whom we maintain a relationship.


Due to a transaction involving the sale of assets or equity interests.

We have a legitimate interest in sharing your personal data with third parties in the event of a corporate transaction involving reorganization, merger, sale, joint venture, assignment, transfer, or any other type of disposal of all or any part of our business, assets, or equity interests (including in connection with any bankruptcy or similar proceeding). These third parties may include, for example, an acquiring entity and its advisors. The provisions of this Privacy Policy will continue to be valid and applicable to your personal data if it is transferred to a new organization or economic group.


OTHER INFORMATION

Other information” refers to any information that does not reveal your specific identity or that does not directly relate to an identifiable individual. Examples include:

  • Information collected through a device and browser that is not capable of revealing your specific identity;
  • Application and/or website usage data that cannot reveal your specific identity;
  • Information obtained through cookies, pixel tags, and other technologies that are not capable of revealing your specific identity;
  • Information aggregated in a way that can no longer reveal your specific identity.

If for any reason we are obliged to process other information under the legal regime of personal data, in accordance with applicable legislation, we may process it in accordance with the purposes for which we process your personal data, as detailed in this Policy.


Gathering other information.

We and our service providers collect other information in various ways, including:

Through your browser or device:

Some information is collected by most browsers or automatically by your device. This includes MAC address (media access control), computer type (Windows or Mac), smartphone type, screen resolution, operating system name and version, manufacturer and model, language, internet browser and version, as well as the name and version of the services (such as the application) you are using. We use this information to ensure the functionality of the services.

Through your use of apps:

When you download or use the applications, we and our service providers may monitor and collect application usage information, such as the date and time the applications access our servers, as well as what information and files were downloaded to the applications based on your device number.

Use of cookies, pixel tags and other similar technologies:

Cookiesare small pieces of information stored directly on your computer that we use. Cookies allow us to collect information such as browser type, time spent on services, pages visited, language preferences, and other browsing data. We and our service providers use this information for security purposes, to facilitate navigation, to provide information more efficiently, and to personalize your experience. We also collect statistical data on the use of our services to continuously improve their design and functionality, to understand how they are used, and to troubleshoot related problems. Cookies also allow us to select which ads or offers are most likely to appear to you while you are using the services. We may also use cookies or other online marketing technologies to monitor the response to our advertisements.

Currently, we do not respond to "do not track" signals from browsers. If you do not want your information to be collected through the use of cookies, most browsers allow you to automatically reject cookies or have the option to accept/reject a specific cookie (or cookies) from a particular website. However, if you do not accept cookies, there may be some problems using the services. You may also miss out on receiving ads or offers that are relevant to your interests and needs.


Handling other information

We may use and share other information, always for legitimate, specific, and legal purposes, in which case you will be duly informed or asked for your consent if the purpose requires it. Consent will not be requested when we are obliged to share information for the execution of a contract or preliminary procedures related to a contract to which you are a party, legal obligation, or a request from a police and/or judicial authority.In some cases, we may combine other information with personal data. In this case, we will treat the combined information as personal data for as long as it is combined.


INFORMATION SECURITY

We use reasonable organizational, technical, and administrative measures to protect personal data within our organization, in accordance with applicable law and best market practices. Our aim is to protect your personal data against unauthorized access, accidental or unlawful destruction, loss, alteration, disclosure, or any other form of inappropriate or unlawful processing.

In this regard, we allow your personal data to be accessed by our employees and third parties only to the extent necessary for them to perform their activities, in accordance with express instructions and subject to a contractual obligation of secrecy and confidentiality regarding the shared personal data.

In order to protect your personal data against unauthorized access, we recommend that you maintain strong passwords to access the services, do not share your passwords and access credentials to the services provided by us with third parties, even those you trust, and protect yourself against the unauthorized use of your devices.

However, unfortunately, even taking all measures to prevent security incidents, no data storage or sharing system can be considered 100% secure. If you have reason to believe that the integrity of your personal data is no longer secure with us, please contact us immediately via email at dpoaubrick@pgadvogados.com.br.


YOUR RIGHTS AND ACCESS OPTIONS

Aubrick will adopt appropriate technical and organizational measures to fulfill its obligations regarding your rights as a personal data subject. In this regard, we are committed to enabling the exercise of your rights in the best possible way. To this end, you can contact us through our Data Protection Officer, PG Advogados, represented by the Data Protection Officer, Dr. Manuela Menezes Silva, at the email address dpoaubrick@pgadvogados.com.br.

Additionally, you have the option to access or not access some of our services, and you can cancel at any time:

  • Regarding receiving our marketing emails: If you no longer wish to receive marketing emails, you can unsubscribe by following the instructions in each email or by contacting our Data Protection Officer, PG Advogados, represented by Data Protection Officer Dr. Manuela Menezes Silva, at dpoaubrick@pgadvogados.com.br.
  • Regarding receiving other types of marketing communications: If you no longer wish to receive marketing-related communications, you can unsubscribe by contacting our Data Protection Officer, PG Advogados, represented by Data Protection Officer Dr. Manuela Menezes Silva, at dpoaubrick@pgadvogados.com.br.

Please note that if you opt out of receiving our marketing communications, we may still send you important administrative messages necessary for the fulfillment of our contractual relationship, which you cannot opt out of receiving unless you cancel the services altogether.


How can you exercise your rights regarding personal data?

If you wish to exercise any of your rights regarding the processing of your personal data by us, as listed above, you can contact us through our Data Protection Officer, PG Advogados, represented by the Data Protection Officer, Dr. Manuela Menezes Silva, at the email address dpoaubrick@pgadvogados.com.br.

We will respond to your request, at no cost to you, within the timeframe and under the terms stipulated by applicable law.

In your request, please clearly state which personal data you would like to change, whether you would like your personal data deleted from our database, or inform us of any limitations you would like to place on the processing of your personal data. For your protection, we recommend that such requests be made from the personal email address you used in your registration or contract with Aubrick and that you keep it always up to date. We may also verify your identity before implementing the request, seeking to prevent your personal data from being misused.

We will comply with requests to delete personal data upon your express request or in the event of legal and/or regulatory obligations. In this case, such data will be permanently deleted, except in cases of mandatory record keeping as provided for by law, and in cases where such retention is necessary to regularly exercise our rights in administrative and/or judicial proceedings, in which case the data will be stored for the period required by law.


How long is personal data stored?

We retain personal data for the period necessary to achieve the intended purposes or as permitted by applicable law.

The criteria used to determine retention periods include:

  • Within the 6 (six) months following the completion of the selection process, search for a new opportunity;
  • During the period your resume is stored in our database for future opportunities;
  • During the term of your employment contract;
  • If there is a legal obligation that we must fulfill (for example, certain laws require us to keep student records even after the end of the contracted school year);
  • If retention is advisable based on legal advice (such as with regard to applicable codes and regulations, in the event of judicial or extrajudicial disputes or investigations by government authorities).


THIRD-PARTY SERVICES

This Privacy Policy does not cover (nor are we responsible for covering) the privacy, information, or other practices of third parties, including third parties that operate websites or services mentioned in the services.

The inclusion of any link in our services to third-party products or services does not imply our endorsement of the linked site or service by us or our affiliates.

Although we constantly seek to establish relationships with reliable partners, we are not responsible for the personal data handling practices carried out exclusively by these third parties. For this reason, we recommend that you read the terms and policies of these third parties before providing any personal data to them while using our services.

Furthermore, we are not responsible for the information collected, used, disclosed, or the security policies and practices of other organizations, such as Facebook, Apple, Google, Microsoft, or other application developers, application providers, social media platform providers, operating system providers, service providers, or wireless device manufacturers, including personal data that you disclose to other organizations through or in connection with the applications or our social media pages.


INTERNATIONAL TRANSFER OF PERSONAL DATA

Your personal data may be processed in any country where ISP – International Schools Partnership conducts business, has facilities, or engages service providers, and by using the services, you understand that your information will be transferred to countries outside your country of residence, including the United States, which may have different data protection rules than those of your country.

In these cases, in order to guarantee appropriate protection regarding the international transfer of personal data, we adopt suitable measures, collect your consent and/or adopt contractual clauses with our partners that include minimum standards for the protection of personal data, in order to ensure the protection of your personal data.

Under certain circumstances, courts, law enforcement authorities, regulatory bodies and/or security authorities of these other countries, whenever authorized by Brazilian laws and regulations, may have the right to access your personal data.


UPDATES TO THIS PRIVACY POLICY

Aubrick reserves the right to periodically update and modify any of its legal documents, including this Privacy Policy.

Aubrick is constantly striving to improve in order to offer you the best possible experience when using its services. However, the services are provided "as is," and Aubrick is free to implement changes, alterations, additions, deletions, and any other forms of modification to the services.

If you do not agree with any changes to this Privacy Policy, you must discontinue using the services. Otherwise, continued use of the services will constitute your acceptance of the new version of the Privacy Policy.

The clauses of this Privacy Policy will remain in effect regardless of any termination, for any reason whatsoever, and will continue to have effect on you and Aubrick for as long as there are subsequent legal relationships.


Contact us regarding LGPD (personal data). Contact information for the Data Protection Officer.

Our Data Protection Officer is PG Advogados, represented by the Data Protection Officer, Dr. Manuela Menezes Silva.

This role is responsible for guiding the conduct of our privacy-related activities in accordance with current legislation, as well as for receiving complaints and communications from data subjects and authorities, and providing them with clarifications.

If you have any questions about this Policy or wish to exercise any of your rights, please contact our Data Protection Officer.

The channel used to contact the Data Protection Officer at Aubrick is email:dpoaubrick@pgadvogados.com.br.


Customer service channel covering various topics.

If the interested party has questions, complaints, or requests regarding topics other than the LGPD (Brazilian General Data Protection Law), they may seek assistance via email: dpoaubrick@pgadvogados.com.br

Aubrick, through its communication channels, acts transparently by maintaining impartial and up-to-date internal regulations, notices, and policies, with accessible, reliable, clear, and objective information.