Appointment of the Data Protection Officer (DPO)
CORTEX INTELLIGENCE TECNOLOGIA LTDA., and its subsidiaries and affiliates, a limited liability company, hereinafter referred to as the “Controller,” hereby appoints LUIS FILIPE RACHE SOARES, holder of OAB/PR 75.056, with business address at Alameda Vicente Pinzon, No. 51, Suite 601 – 6th floor - Condomínio Central Vila Olímpia - Vila Olímpia - ZIP: 04547-130, telephone +55 (21) 2233-6718, as the Data Protection Officer (DPO), pursuant to Article 41 of the Brazilian General Data Protection Law (LGPD), to act as the communication channel between the Controller, the data subjects, and the National Data Protection Authority (ANPD).
Responsibilities and Tasks of the Data Protection Officer:
The Data Protection Officer shall perform the following tasks in compliance with Article 41 of the General Data Protection Law:
- Accept complaints and communications from data subjects, provide clarifications, and take necessary actions;
- Receive communications from the National Authority and take necessary actions;
- Orient the entity’s employees and contractors regarding the practices to be adopted in relation to the protection of personal data;
- Execute other duties determined by the controller or established by complementary regulations;
- Upon request, advise the Controller on conducting data protection impact assessments and their implementation, pursuant to the General Data Protection Law (LGPD);
- Act as the point of contact for the National Data Protection Authority on issues related to the processing of personal data, including prior consultations regarding data protection impact assessments under the General Data Protection Law (LGPD), where appropriate, and providing advice on all other matters;
- Act as the point of contact for the exercise of data subjects' rights under the General Data Protection Law (LGPD) and process their inquiries related to data processing activities.
Duties of the Controller:
The Controller hereby undertakes to:
- Provide the Data Protection Officer with all necessary means, financial resources, and personnel to allow the proper performance of their tasks and duties;
- Promptly involve the Data Protection Officer in all matters related to the protection of personal data;
- Refrain from providing instructions on how the Data Protection Officer should perform their tasks;
- Refrain from removing or penalizing the Data Protection Officer as a result of the performance of their tasks;
- Verify that the Data Protection Officer performs their tasks autonomously and independently;
- Decide without delay on the adoption of compliance and damage mitigation measures, the addressing of breaches and incidents, communications to the public and authorities, and other executive decisions regarding privacy and data protection brought to senior management by the Data Protection Officer;
- Decide without delay on the adoption of compliance measures, damage mitigation, and the addressing of risks, breaches, incidents, and other issues related to information security, privacy, and data protection brought to senior management by the Data Protection Officer;
- Keep the contact details of the Data Protection Officer available to the public.
The name and contact details of the Data Protection Officer shall be shared by the Controller and, when necessary, officially communicated to the National Data Protection Authority and the public.
Finally, the email address of the Data Protection Officer is provided for Data Subjects to exercise their rights: dpo@cortex-intelligence.com.
CORTEX INTELLIGENCE TECNOLOGIA LTDA
January 12, 2022RIO DE JANEIRO/RJ