Carioca appreciates and respects the protection of personal data, recognizing that effective data management and storage are necessary to support our business, comply with the laws, and ensure proper protection of the information of those who have any relationships with us. This effort is aimed at affirming our commitment to security and transparency in the processing of personal data, as provided for in the data protection laws in force.

Click here to read our
Privacy Policies/Procedures.

1. General Data Protection Law:

The main objective of the General Data Protection Law (acronym in Portuguese: LGPD) is to regulate the processing of personal data, ensuring the security, freedom and privacy of data subjects.

2. What is personal data?

According to the law, any information relating to an identified or identifiable individual is considered personal data. For example: a name, an identification number, or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of an individual.

3. Important Definitions

Data subject: any individual to whom the personal data refers.

Controller: an individual or legal person, governed by either public or private law, who is responsible for decisions regarding the processing of personal data.

Operator: an individual or legal entity, governed by either public or private law, that processes personal data on behalf of the controller.

Personal data processing: it means any activity performed with personal data, such as collecting, producing, receiving, sorting, using, accessing, reproducing, transmitting, distributing, processing, filing, storing, deleting, evaluating or controlling, modifying, communicating, transferring, sharing or extracting information.

4. Rights of Data Subjects

The LGPD provides the following rights to Data Subjects:

  1. Confirming the existence of data processing;
  2. Accessing personal data;
  3. Correcting any personal data that is incomplete, incorrect or out of date;
  4. Requesting the anonymization, blocking or deletion of unnecessary or excessive personal data or any data that may have been processed in violation of the General Data Protection Law;
  5. Expressly requesting portability of the data to another vendor or supplier, according to the applicable laws;
  6. Having their personal data deleted upon consent, except for the cases provided in the General Data Protection Law;
  7. Information from public and private entities with which Carioca carried out shared use of data;
  8. Information on the possibility of not providing consent and on the consequences of such refusal;
  9. Revoking consent, according to the General Data Protection Law.

Data Subjects may exercise their rights at any time upon request, which can be made by filling out the form available on this website or directly to Carioca’s Data Protection Officer (DPO) Rosimar Felipe da Silva, by sending an e-mail to:

5. How does Carioca handle personal data?

We handle personal data for legitimate, specific and explicit purposes, informed in privacy notices and policies supported by the General Data Protection Law.

6. How does Carioca guarantee information security?

We guarantee information security by managing and controlling access to information and unauthorized storage locations, and by adopting guidelines, lessons learned and other measures to ensure that personal data be processed in a confidential manner, in keeping with good market practices, the legislation and the company’s processes.

7. Requests

If you have any requests, questions or comments about this Privacy Policy/Procedure, about the way we or vendors treat your personal information, we kindly ask you to contact us by phone, by calling +55 21 3891 2200 or, alternatively, by sending an e-mail to informing your name, subject, and describing your request.