BIS CRM
Compliance Training for GDPR & LGPD

BIS CRM • Data Protection

Privacy Policy

Learn how we process personal data on the DPOSaaS platform in accordance with the LGPD.

Contact the DPOView terms of use

BIS CRM respects your privacy and is committed to protecting personal data processed through its websites, platforms, and services, including the DPOSaaS platform and the privacy and compliance training environment.

This Privacy Policy explains how we collect, use, store, and protect personal data, in compliance with the Brazilian General Data Protection Law (Law No. 13.709/2018 – LGPD).

1. Who we are

BIS CRM operates in privacy, data protection, and information governance, providing technological, methodological, and educational solutions focused on legal compliance and best practices for personal data processing.

Through the DPOSaaS platform, we provide tools, trainings, courses, certifications, and content related to LGPD, privacy, and compliance for individuals, companies, and public institutions.

2. What personal data we collect

The personal data processed may vary depending on how you interact with the platform, including:

  • Identification data (e.g., name, email)
  • Contact data
  • Professional data (e.g., company, role, department)
  • Platform access data (login, course history, progress)
  • Payment and billing information, when applicable
  • Technical browsing data (e.g., IP address, access date and time, device type)

BIS CRM does not collect unnecessary sensitive data and limits processing to what is necessary for each purpose.

3. Purposes of processing

Personal data is processed for the following purposes:

  • Create and manage user accounts
  • Provide access to courses, trainings, and certifications
  • Manage licenses, subscriptions, and corporate access
  • Process payments and fulfill contractual obligations
  • Send communications related to contracted services
  • Comply with legal and regulatory obligations
  • Improve user experience and platform security

Data is not used for purposes incompatible with those stated in this document.

4. Legal bases

Personal data processing is based on the legal grounds provided by the LGPD, including, when applicable:

  • Performance of a contract
  • Compliance with legal or regulatory obligations
  • Legitimate interest, balanced with data subject rights
  • Consent, when required

5. Data sharing

Personal data may be shared only when necessary, with:

  • Technology infrastructure providers (e.g., hosting, payment processing)
  • Essential partners for service delivery
  • Public authorities when there is a legal obligation

BIS CRM does not sell personal data.

6. Storage and security

We adopt appropriate technical and administrative measures to protect personal data against unauthorized access, loss, alteration, or destruction, including:

  • Access control
  • Activity logging
  • Information security best practices
  • Use of technology providers with recognized security standards

Data is stored only for as long as needed to fulfill its purposes or as required by law.

7. Data subject rights

Under the LGPD, data subjects may request, at any time:

  • Confirmation of processing
  • Access to data
  • Correction of incomplete, inaccurate, or outdated data
  • Anonymization, blocking, or deletion of unnecessary data
  • Portability, when applicable
  • Information about sharing
  • Revocation of consent, when applicable

Requests should be directed to the Data Protection Officer.

8. Data Protection Officer (DPO)

BIS CRM appoints a Data Protection Officer (DPO) to assist data subjects and competent authorities.

📧 DPO contact email:

dpo@dposaas.com.br

9. Cookies and similar technologies

The platform may use cookies and similar technologies for operation, security, and user experience improvements. Cookie use follows transparency best practices and can be adjusted through browser settings.

10. Changes to this policy

This Privacy Policy may be updated at any time to reflect legal, regulatory, or operational changes. The current version will always be available on this page, with an update date.

11. Final provisions

By using BIS CRM services and the DPOSaaS platform, users acknowledge and agree to this Privacy Policy.

If you have questions, recommendations, or requests related to personal data protection, please contact our DPO via the email above.