This privacy notice on personal data processing (hereinafter, the “Privacy Notice”), is aimed at informing how Cirion, whose ID details as well as the domicile for service of process may be verified according to the country where you are located (see Annex 1), conducts the processing of the personal data it collects in its capacity as controller through its webpage www.ciriontechnologies.com (hereinafter, the “Webpage”) . This data is collected by navigating and using the Webpage, filling virtual forms, and through different spaces on the Webpage for entering personal data virtually. Additionally, this Privacy Notice shall apply to other data collection channels when so informed thereby to the personal data subjects.
For these purposes, “Subject” shall refer to the person whose data is collected and processed pursuant to the terms of the Privacy Notice. Only personal data for which due consent has been obtained is processed, or data subject to other permissive conditions for their processing, as established in the appliable country’s legislation.
2. Statement on Cirion Customer Personal Data
Some data protection laws distinguish between the activities a business conducts on behalf of another business or person (sometimes referred to as a processor, third party or service provider), and those activities that a business conducts on behalf of itself (sometimes referred to as a controller or business). This Privacy Notice covers only those activities that Cirion engages in as a controller of your personal data, including when you engage with our website, or interact with us. It does not cover those activities Cirion engages in as a processor to its customers.
Cirion provides digital infrastructure and technology solutions to business to business and wholesale businesses (hereinafter, the “Services”). This means we may store or have access to limited personal data on behalf of our customers. Where we process personal data as a processor, we do so in accordance with our customers’ instructions, and this Privacy Notice does not apply.
3. Regulatory Framework
This Privacy Notice is governed by the applicable country or state legislation, in particular, when reference is made to “your country’s jurisdiction,” the “applicable regulation,” or “your country’s current legislation”, it shall be understood as the regulation listed as Annex 2 to this Privacy Notice applicable to you based on the location from which you are interacting with us.
4. Retention Period
Personal data shall be retained as long as necessary to fulfill the purpose for which it was collected and (if applicable) while the Subject has not revoked their consent, pursuant to your country’s applicable legislation.
Upon fulfillment of said purpose, your personal data may continue to be processed by us for the reasons indicated below:
- If there exists a statutory or contractual obligation on their retention.
- If necessary for research purposes, for auditing purposes, and/or for the regular exercise of our rights in judicial, administrative, or arbitration proceedings.
5. Personal Database
The personal data provided by the Subject shall be stored, pursuant to your legislation’s requirements, in a personal database owned by Cirion, duly registered in the Registry of your country (where applicable).
6. Collected Data and Purposes
Cirion collects personal data from three different sources as described below.
a. Collected Directly
Cirion collects personal data directly from the Subject when they interact with us for the following purposes:
- To respond to your inquiries: to request a meeting with our experts, to be contacted to receive information about Cirion’s services, and to receive quotations, and, where applicable, for Cirion’s service provision, we may collect personal data of an identifying nature and contact personal data, such as first and last name, country, company, corporate e-mail, job title, telephone number and reason for your inquiry.
- Marketing: to contact you advertising the products and/or services offered by Cirion we may collect e-mail and your marketing preferences.
- To Communicate with you: with the valid consent of the Subject, which may be revoked at any time, Cirion may contact you via e-mail to send you notifications, surveys, and information about events and solutions.
- Transactions: to process payments.
- Security and video surveillance: to maintain physical security inside the facilities and guarantee the operation of services.
b. Collected Automatically
- Cirion collects certain usage data, or visitor data, automatically when using the website.
- Usage data may include information such as your device’s Internet Protocol (“IP) Address, browser type, browser version, device location, mobile operating system, the pages that you visited on our websites, the time and date of your visit, time spent on the page, and other diagnostic data.
- Cirion uses usage data to optimize your experience on our websites, to improve our services, to detect, prevent and respond to suspicious activities and for marketing activities.
c. Collected from Third Parties
Where permitted, Cirion may collect personal data from third parties, duly authorized to transmit it in order to connect with the Subject, direct marketing, commercial referrals, among others.
These purposes are necessary for the legal relationship between Cirion and the Subject, and if the Subject does not provide this data, or provides erroneous or inaccurate data, Cirion will not be able to fulfill this purpose.
Cirion reserves the right to make any type of automated decisions regarding their personal data, pursuant to your country’s current legislation.
7. Transfer, Transmission, and Recipients
a. Transfers for a Business Purpose
Cirion uses service providers for the following business purposes:
- Business Transactions – if Cirion is involved in a merger, acquisition, or asset sale, Subjects’ personal data may be transferred to third parties involved in the transaction. If personal data is transferred and becomes subject to a different privacy notice, Cirion will provide notice to Subjects prior to the transaction.
- Law Enforcement – where required by law, Cirion may disclose personal data to law enforcement or to public authorities.
- To Comply with Legal Requirements – Cirion may disclose Subjects’ personal data if it is necessary to comply with its legal requirements; to protect and defend Cirion’s rights or property; to prevent or investigate possible wrongdoing; to protect the safety of others or the public; or to protect Cirion against legal liability.
- Fulfill Transactions – In order to fulfill a transaction, Cirion may disclose billing information with third parties to process payments on our behalf.
- Security – to protect the security of our systems, Cirion may use service providers to assist in monitoring and protecting against unauthorized or unlawful access to its systems.
b. Consent to Data Transfer
By accepting this Privacy Notice, the Subject authorizes their personal data to be shared with service providers, who may be located in countries other than the Subject’s country and that enable the fulfillment of the purposes described in this Privacy Notice, or with third parties with whom Cirion has an obligation regarding information transfer.
If you do not want your personal data to be transferred, please send an e-mail to: firstname.lastname@example.org. The admissibility of the objections to data transfer shall be assessed on a case-by-case basis.
In order to safeguard your privacy, we use contracts to guarantee that the third parties receiving your personal data in our name provide the same level of protection as we do.
Whenever there is an international transfer of personal data under our responsibility, we make sure that said transfer is made only to countries that offer a similar level of protection to the one provided by the laws of the territories where we operate, or that these transfers have been authorized by the subject and/or their data protection authorities, pursuant to your country’s legislation.
8. Security Measures
Cirion adopts the necessary security measures to guarantee the protection of the Subject’s information in order to avoid unauthorized or illegal alteration, loss, destruction, damage, processing, disclosure thereof, and/or access thereto, taking into consideration the nature of the information and the risks the data is exposed to. To protect the Subject’s personal data, measures have been put in place, which at least imply the following:
- Control and registration of accesses and privileges, as well as verification thereof from time to time.
- Record of events, logical interactions.
- User identification and authentication through password use and management.
- Information copies and backups in a controlled and authorized manner.
- Security in personal data processing environments.
Cirion agrees not to disclose or share the personal data provided by the Subject without their consent, except for the following cases:
- When necessary for the purpose for which the information was collected.
- When the Information subject is duly notified before the disclosure or at the time of collection of the Information, and their previous and express consent is obtained.
- When consent is not a requirement pursuant to your country’s legislation.
- When the Information is required by public entities within their area of competence and in the exercise of their duties and powers.
- When the Information is requested by virtue of court orders or legal provisions.
- When it comes to access to Information by auditors, lawyers, and other professionals in exercise of their duties, who are subject to keep professional secrecy.
- In any other cases provided for and authorized by your country’s legislation.
If otherwise stated by your country’s jurisdiction in regard to these events, Cirion shall comply with the provisions set forth in said legislation.
Cookies are small text files from websites that are stored in your computer, smartphone, tablet, or any other Internet access device, in order to collect some specific information on your navigation experience and your preferences. Cookies cannot damage your computer or device, and they are very useful as they help us identify and resolve errors.
The Webpage uses its own cookies and third-party cookies, which may be classified as follows and for the following purposes:
- Preference cookies: These cookies enable the webpage to remember information that changes the way it behaves or looks, such as your preferred language or the region that you are located in.
- Statistical cookies: These cookies help website owners understand how visitors interact with webpages by collecting and providing information anonymously.
- Marketing cookies: These cookies are used for tracking webpage visitors. They are aimed at displaying relevant adds that are appealing to the individual user, and therefore, more valuable for editors and third-party advertisers.
- Targeting cookies: These cookies are established by our advertising partners. These companies may use a profile of your interest and display relevant adds in other websites. They exclusively identify your browser and your Internet device.
- Performance cookies: These allow for counting visits and traffic sources in order to measure and improve our website performance. They help us know which webpages are the most and the least popular and see how visitors navigate the website. All the information collected by these cookies is aggregated.
- Functional cookies: These cookies enable the website to offer improved functionality and customization. They may be established by Cirion or by third-party service providers whose services we have added to our webpages.
- Necessary cookies: These cookies help us build a usable webpage by activating basic features like webpage navigation and access to webpage safe areas. The webpage cannot work properly without these cookies.
Additionally, you may allow, block, or delete the cookies installed in your computer or device through the cookie settings of the browser installed in your computer or device.
Do Not Track Signals. Some web browsers allow you to turn on Do Not Track (“DNT”), which sends signals to websites you visit, telling those sites that you do not want your online activities to be tracked. Our websites currently are not designed to respond to DNT signals received from web browsers.
11. Exercise of Rights
You may have certain rights under applicable data protection laws, depending on the country from which you are interacting with us.
a. LATAM Rights
The Subject may exercise the right of processing confirmation, access to, rectification, correction of incomplete, inaccurate, or outdated data, opposition, cancellation, anonymization, blocking or deletion of unnecessary or excessive data, revocation, portability, information on the processing, suppression, deletion, updating, inclusion, annulation, limitation of the processing, the right not to be subject to decisions made only based on automated assessments, the right of limitation of use, disclosure of personal data, and further rights enshrined in the applicable law, through a request that may be addressed to the following e-mail address: email@example.com. Additionally, Subjects may exercise their rights in person at the addresses set out in Annex No. 1 to this Privacy Notice.
b. Additional Rights for California Residents
The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (hereinafter “CCPA”), requires that we disclose the privacy rights applicable to California residents regarding their personal data (or Personal Information). We have defined the rights applicable to California Residents below:
Access and Know:
You may have the right to know the categories of Personal Information collected about you, the purposes for Processing your Personal Information, and to know whether your Personal Information is disclosed / Sold and to whom. You may also have the right to access certain pieces of your Personal Information and to receive a copy of your information.
You may have the right to request the transfer of your Personal Information to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for Us to use or where we used the information to perform a contract with you.
You also may request that we erase your information. You also have the right to ask us to delete or remove your Personal Information where you have successfully exercised your right to object to Processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Limit Use and Disclosure of Sensitive Personal Information:
Non-Discrimination / Non-Retaliation:
You may have the right not to receive discriminatory treatment by the Company because you exercise your privacy rights.
Opt Out of the Sale or Sharing:
You may have the right to opt out of the Sale of your Personal Information, to the extent applicable. Company does not engage in the Sale of Personal Information. You may also have the right to request that we do not share your Personal Information with third parties.
Opt Out of Profiling and/or Cross Context Behavioral Advertising:
You may have the right to opt out of the Processing of your Personal Information for the purposes of Cross Context Behavioral Advertising, or Profiling which is used in furtherance of decisions that produce legal or similarly significant effects. “Profiling” means any automated processing of Personal Information to evaluate, analyze, or predict aspects concerning an individual’s economic situation, health, personal preferences, interest, reliability, behavior, location or movements.
You may have the right to request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
c. Making a Request, Verification, Reviewing Requests, and Appeals
Cirion strives to make Subject requests simple and free. pursuant to the provisions set forth in your country’s legislation. Notwithstanding the foregoing, Cirion may retain some specific information of the Subject requesting cancellation, to be used as evidence in the event of a potential claim. The retention term shall not exceed the statute of limitations of said responsibilities pursuant to law. If any information on the user’s logical interactions with the Webpage cannot be deleted due to technical limitations, this data shall be anonymized so it cannot be used to identify the Subject or to make them identifiable.
12. Personal Data Portability
Upon express request of the Subject, Cirion may return the personal data collected on them, in a compatible, updated, structured, common, interoperable, and mechanical-reading format, preserving its characteristics, or it may deliver it to a person duly appointed by the Subject for said purpose.
Subject’s data portability will not apply for information inferred, created, generated, obtained, or resulting from any analysis or processing conducted by Cirion.
13. Personal Data Protection Delegate
Cirion has appointed an individual responsible for the fulfillment of the personal data protection policies adopted for each one of the jurisdictions where it operates. For more information on this appointment, please visit the company’s website or send an e-mail to firstname.lastname@example.org.
14. California Shine the Light Notice
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our Subjects who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the following e-mail address: email@example.com.
15. Children's Privacy
Cirion’s website is not intended for use by anyone under the age of eighteen (18). In accordance with the Children’s Online Privacy Protection Act (“COPPA“). Cirion does not knowingly request or solicit personal data from anyone under the age of eighteen (18). In the event that we receive actual knowledge that we have collected such personal data without parental consent, we will take steps to permanently delete that information from our personal database.
16. Changes to the Privacy Notice
Cirion may modify, update, or supplement the Privacy Notice at any time. Any modification, update, or addition in regard to this notice shall be immediately communicated through the Webpage, and through any other channels that may be determined, requesting the approval of the new conditions where applicable.
Last update: September, 2023
Who are we in your country?
Cirion Technologies Argentina S.A.
Alférez Pareja 256, Buenos Aires
Cirion Technologies do Brasil Ltda.
Av. Eid Mansur, 666, Parque São George, Cotia (SP).
Cirion Technologies Participações e Comercial Ltda.
Av. Eid Mansur, 666, Parque São George, Cotia (SP)
Cirion Technologies e Serviços do Brasil Ltda.
Av. Eid Mansur, 666, Parque São George, Cotia (SP)
Cirion Technologies Holding Brasil Ltda.
Av. Pedro II, 329, São Cristovão, Rio de Janeiro (RJ)
Cirion Technologies Chile S.A.
Av. Kennedy 5735 oficina 802 Edificio Marriott Torre Poniente, Los Condes, Santiago de Chile
Cirion Technologies Colombia S.A.S.
185 st. N° 45 – 03, C.C. Santafé, Corporate Tower, 5th floor, City of Bogotá.
Cirion Technologies Costa Rica S.R.L.
Provincia de San Jose, Canton Escazú, distrito Guachipelin de la entrada a desnivel de Multiplaza 800mts norte VMG Business Center, Oficina 13
Cirion Technologies Ecuador S.A.
Calle Juan Diaz Nro. 37-111, Urbanización Iñaquito, Alto Quito, Ecuador
Cirion Technologies Mexico II, S. de R.L. de C.V.
Lago Zúrich Nro. 96, Col. Ampliación Granada, Miguel Hidalgo, México DF.
Cirion Technologies Mexico, S. de R.L
Lago Zúrich Nro. 96, Col. Ampliación Granada, Miguel Hidalgo, México DF.
Cirion Technologies Panamá Inc
Avenida Arnulfo Arias y Calle Ramón Levy Balboa, Edificio Nro. 851. Panamá City, Panamá.
Cirion Technologies Peru S.A.
Avenida Manuel Olguín 395, Urb. Los Granados, Santiago de Surco, Lima, Peru.
Cirion Technologies Solutions, LLC. (Puerto Rico Branch)
801 Brickel Avenue, Suite 2400, Miami-Florida, 33131
Cirion Technologies Argentina S.A., Sucursal Uruguay.
Juncal,1392 – Montevideo
Cirion Technologies S.A.
Calle 7, Zona 1, Manzana B-2 Sector Sur, Edificio Impsat, La Urbina, Caracas, Venezuela.
Cirion Technologies Solutions, LLC
801 Brickell Avenue, Suite 2400, Miami-Florida, 33131
US Virgin Islands
Cirion St. Croix, Inc.
801 Brickell Avenue, Suite 2400, Miami-Florida, 33131
Law No. 25,326: Law on personal data protection.
Law No. 13,709/2018: General law on personal data protection.
Law No. 19,628: Law on private life protection.
Law No. 1581 of 2012: Law on personal data protection and its Regulatory Order No. 1377 of 2013.
Law No. 8968: Law on protection of the person regarding the processing of their personal data, and its regulations.
Official Register Supplement No. 459: Organic law on personal data protection.
Federal law on the protection of personal data held by private companies or individuals.
Law No. 81 of 2019: Law on personal data protection, and its regulations.
Law No. 29733: Law on personal data protection and its regulations, approved by Supreme Order No. 003-2013-JUS.
United States of America (California)
California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (Cal. Civ. Code 1798.100 et seq.); California Shine the Light Law (Cal. Civ. Code 1798.83); California Online Privacy Protection Act.
Law No. 18,331: Law on personal data protection and “habeas data” action; Regulatory Order No. 414/009; Law No. 19,670; and Regulatory Order No. 64/020.
Constitution of the Bolivarian Republic of Venezuela.