Protecting privacy and personal data reflects Salt's values, and this privacy notice aims to affirm the company's commitment to security and transparency in handling such data, as provided for by applicable personal data protection laws.

The purpose of this page is to detail how Salt collects, uses, shares, and protects personal data of users of its services, as well as the available alternatives for processing this data.

What Data is Covered?

Salt processes personal data, which is understood as data that allows the identification or potential identification of a natural person.

The company collects data for the regular activities conducted with users of the services it offers. The list of collected data typically includes: identification data, contact information, financial data, and browsing data (cookies, IP address).

In Which Services Does Salt Collect Personal Data?

Personal data used by the company is collected to provide services such as:

Executive Assessment or Evaluation
Coaching
Competency Profile
Cultural Transformation
HR Consulting
HR Training
Online Courses
When collecting your personal data, such as name, address, CPF (Brazilian tax ID), phone number, and email address, Salt aims to identify you for your registration as a client in events, courses, training, and webinars, on the website, and with third parties. The data is collected through Salt's website, landing pages created for this purpose, and Facebook ads.

 Operational cookies are used to identify you for the provision of educational services or legitimate interests related to your participation in Salt's events and courses or for information about consulting service contracts with its clients.

In addition to providing such services, personal data of employees, suppliers, and contractors are also collected. The processing of this data is governed by specific documents.

For certain Assessment processes at Salt, specific personal data may be collected via platforms like LinkedIn. These data include contact information (name, mailing address, email, and mobile phone number), employment history, and curriculum vitae.

Purpose of Data Collection and Processing

The collection and processing of personal data are carried out for legitimate, explicit, and specific purposes. Most personal information is provided directly by the data subjects for one of the following reasons:

To contact you during the offering of our services;
To enable secure browsing on our websites;
To better target content on our websites;
To perform our services, receive and make payments, and provide support; or
To conduct regular activities with users of Salt's services.
Specific purposes include:
Identification as a client during the session;
Issuing service contracts and various certificates based on contract execution.
Salt stores proof of opt-in consent when such consent is deemed essential for data processing under applicable privacy laws. Likewise, if consent is revoked, proof of such revocation is also stored.

How is Personal Data Shared?

Salt may share personal data with its suppliers if necessary to provide services. For such sharing, the rights and duties of the parties are defined to prevent misuse of personal data or violations of applicable privacy laws.

All involved parties are required to handle personal data securely and confidentially, retaining it only for a predetermined period. These obligations remain in effect even after the relationship between the parties ends.

In certain circumstances, Salt may be legally required to share personal data to respond to inquiries or investigations. Salt’s legal department may access and use your personal data to protect our rights in legal disputes, administrative or arbitration proceedings, or to respond to legal investigations or irregularities on our website.

All information you provide to us will be used solely for the purposes stated in this privacy notice. Your information will not be sold or shared with individuals outside Salt or with other companies.

What Are the Data Subjects' Rights?

Data subjects have the following rights concerning their data, as recognized by applicable laws:

Confirmation of Processing: Confirmation of the existence of data processing activities conducted by Salt.
Access to Data: Access to data collected by the company, except where protected by trade or industrial secrets.
Data Correction: Request correction of incomplete, outdated, or incorrect data.
Anonymization and Blocking: Anonymization or blocking of unnecessary, excessive, or unlawfully processed data, using reasonable and available technical means at the time of data processing.
Portability: Data portability upon express request. Salt and its controlled entities reserve the right to deny portability for personal data that could compromise trade or industrial secrets.
Information on Data Sharing: Information about personal data shared with public or private entities.
Revocation of Consent: Revocation of previously granted consent at any time through an express request. Revocation procedures are always free and straightforward.
Data Deletion: Personal data will be deleted upon the end of its purpose or when consent is revoked, subject to local legal requirements. Salt may retain personal data when: Legally required to do so. Necessary for compliance with laws and/or regulations. Necessary to establish, exercise, or defend legal claims. Retention is justified by public health considerations.
To exercise these rights, please contact us using the contact details provided at the end of this page.

How is Personal Data Security Ensured?

All data, including personal data, is protected against unauthorized access, unlawful processing, or disclosure, as well as accidental loss, alteration, or destruction.  

We safeguard the security of your data through physical, electronic, and administrative procedures. Reasonable precautions are taken to protect your personal data from misuse, theft, loss, unauthorized access, disclosure, alteration, or destruction.

Our seminar registration forms are transmitted via a server protected by a firewall. Additionally, we use industry-standard encryption to enhance the security of data transmissions. Should it be necessary to transfer or receive sensitive information, you will be appropriately notified.

Salt implements technical and organizational measures to ensure the protection of personal data, such as information classification, data backup and recovery, and identity and access management, as detailed in our Information Security Policy and Access Policy.

When personal data is deleted, the process is conducted securely, using appropriate technical measures to ensure the data cannot be recovered.

How Long is Data Retained?

All personal data collected is processed and retained exclusively for the purposes described in the section “Purpose of Data Collection and Processing.”

Data may be retained in our records in compliance with legal timeframes. This justifies maintaining personal data in our systems under the same security and protection mechanisms.

Data that no longer serves a purpose or falls outside the scenarios mentioned above will be deleted from our systems. Evidence of data deletion will be provided upon the data subject’s request.

For inquiries regarding data subject rights, please email us at dpo@saltbr.com .

Privacy Notice Updated on: 03/25/2021