Privacy Policy

PRIVACY POLICY

Last Updated in: 23 de March de 2026

PECK ADVOGADOS, headquartered in Rua Henrique Schaumann, nº 270, 4th floor, Pinheiros, São Paulo/SP, CEP 05413-909 (“Us”)

This Privacy Policy (“Policy”) aims to demonstrate our commitment to safeguarding your privacy and Personal Data, establishing rules regarding data processing, as well as your rights and how to exercise them.

In case individuals below the age of 18 (minors) interact with our platforms, those must always be supervised and/or assisted by their parents or legal guardians.

Updates, Quality and Accuracy of Personal Data. You are solely responsible for the accuracy, truthfulness and updates of the data provided to us. We are not obligated to process your Personal Data if there are reasons to believe the referred processing may constitute violation of any applicable law, or if You are using our systems for illegal or illicit purposes.

Database. The database, derived from Personal Data processing, is our priority and responsibility. Its use, access and eventual sharing will be carried out exclusively for the legitimate and specific purposes informed in this Policy, in compliance with the applicable laws and regulations, especially the Brazilian General Data Protection Law (Law nº 13.709 of 2018).

 

We do not make any decisions solely based on automated processing of Personal Data that may affect your interests.

 

COOKIES

We use Cookies to improve your experience and navigation through our systems.

You can also set your Cookies preferences directly in your browser.


SHARING INFORMATION AND PERSONAL DATA 

Our processed Personal Data and registered activities can be shared:

  • With the competent judicial, administrative or governmental authorities, whenever there is a legal determination, requirement or court order;
  • With service providers, suppliers or partner companies, to enable, facilitate, improve and/or execute activities related to the service provision or events organized by Us, with your authorization, if applicable;
  • Automatically, in case of corporate transactions, such as mergers, spin-offs, acquisitions and incorporations.

In case You have any doubts about who we share your Personal Data with, please contact us through our official channels provided in this Policy.

Data Anonymization. For the purposes of market intelligence, sharing information with the press and conducting advertising campaigns, Personal Data may be anonymized. In other words, it will be shared without the possibility of direct or indirect association with an identified or identifiable natural person.

 

HOW DO WE PROTECT AND SAFEGUARD YOUR PERSONAL DATA AND HOW YOU CAN PROTECT IT AS WELL

 

PRECAUTIONS WE TAKE

Internal Access to your Personal Data is restricted to duly authorized professionals, in accordance with the principles of proportionality, necessity and relevance, aligned with our business objectives and the core informational security pillars.

Aiming to optimize our communication, we can receive notifications when You open our e-mails, provided that this feature is available on your device.

To avoid potential fraud attempts, we emphasize that our e-mails are sent exclusively from the domains @peckadv.com.br and @peckadvogados.com.br.

In the event of individual Personal Data breach or unauthorized access, we may initiate direct conciliation, provided you agree, pursuant to article 52, § 7º, of the Brazilian General Data Protection Law (Law nº 13.709 of 2018).

 

STORAGING YOUR PERSONAL DATA AND ACTIVITY LOGS

Storage Location. Your Personal Data and activity logs are stored on our own servers or on servers of carefully selected partners. To protect your privacy, we take rigorous technical and organizational safety measures, ensuring that your data can only be accessed by authorized individuals and protected against unauthorized alterations. We are committed to preserving confidentiality, integrity and availability of your data throughout its whole lifecycle under our responsibility.

Storage Period. We storage your Personal Data only for the necessary time-period and to fulfil the purposes for which it was collected, to comply with legal and regulatory obligations or to preserve certain rights.

Data Disposal. Following the conclusion of the storage period, Personal Data shall be eliminated via secure disposal methods or anonymized for statistical purposes, when applicable.

 

INTERNATIONAL DATA TRANSFERS

We currently do not carry out international data transfer.

Should we eventually carry it out, we will take all necessary measures to update this Policy, always valuing transparency and compliance with the Brazilian General Data Protection Law (Law nº 13.709 of 2018) and the provisions under Resolution CD/ANPD nº 19.

 

ENSURING YOUR PERSONAL DATA SECURITY

Security and Governance Practices. We safeguard your privacy and Personal Data through a dedicated Privacy and Information Security Governance Program. Guided by the internal policies, procedures and standards, this program ensures all Personal Data processing follows the established best practices and security guidelines.

Third-party processing under our guidelines. We carefully evaluate our partners and service providers to assure their maturity in privacy and informational security matters reaches satisfactory levels, as well as execute contracts with Personal Data protection clauses, clearly allocating responsibilities.

 

YOUR RIGHTS AND HOW TO EXERCISE THEM

The data belongs to You, and the applicable law provides a series of rights related to it, which You may exercise by the submission of a request to our customer service channel, as detailed in this Privacy Policy.

  • Access and Confirmation – You may request confirmation of the existence of processing and access to your Personal Data, including request the copies of records we hold about You.
  • Correction – You may request correction of incomplete, inaccurate or outdated Personal Data.
  • Portability – You may request that, when third-party transferring, we provide your Personal Data in a structured and interoperable format, while respecting our intellectual property and trade secrets.
  • Anonymization, Blocking and Deletion – You may request Personal Data Anonymization so it no longer can be associated with You, Blocking their use, suspending the possibility of processing referred data for certain purposes temporarily, or Personal Data Deletion.
  • Sharing Information – You may request information regarding third parties with whom we share your Personal Data, limiting this disclosure to information that does not violate our intellectual property or our trade secrets.
  • Revocation of Consent – You may opt to revoke your consent for certain purposes to which You have previously given permission. This revocation with not affect the legality or validity of any previously carried out data processing. In case You revoke your consent for fundamental purposes to the proper functioning of our environments and services, those may become unavailable to You.
  • Opposing – You have the right to oppose Personal Data processing in case you disagree with any of its purposes.
  • Revision – in situations where decisions are based solely on automated processing, You may request a review of the referred decisions, indicating any interests that may have been affected.
  • Access to contract clauses – if your Personal Data is internationally transferred based on standard or specific contract clauses, You may request access to these clauses, subject to the confidentiality of our trade secrets.

Identity Authentication. For your safety, at any time You exercise your Personal Data-related rights, we may request identity confirmation and complimentary information. This measure aims to prevent security incidents and guarantee that only the data subject has access to their own data.

Non-Fulfilment Possibilities. In some cases, a request may not be fulfilled, especially if it results in violation of intellectual property, trade secrets or when legal basis justifies maintaining the data, as provided in the applicable law.

Response Deadline. We are committed to answering requests within a reasonable timeframe and always in accordance with the Brazilian General Data Protection Law (Law nº 13,709 of 2018), and other relevant legislation.

Petition to Brazilian National Data Protection Agency – ANPD. You have the right to directly petition to the Brazilian National Data Protection Agency (ANPD) in case You believe your rights have not been properly respected or that your Personal Data has been inappropriately handled.

 

FURTHER INFORMATION ABOUT THIS POLICY

Changes and Updates to this Policy. We reserve the right to alter this Privacy Policy at any moment, based on legal, operational or Personal Data processing needs. If significant changes are made, You will be duly notified through the appropriate means and channels.

Customer Service Channel. In case there are any doubts about the provisions included in this Privacy Policy or if related to exercising any of your rights as the personal data subject, You or your legal guardian may contact us though the following channel: Data Subject Portal.

  • Data Protection Officer (DPO)/Supervisor: Cecília Helena de Castro
  • Deputy Data Protection Officer: Graziella Veras Medeiros Rosa
  • Address for correspondence: Rua Henrique Schaumann, nº 270 – 4th floor, Pinheiros, São Paulo/SP – CEP: 05413-909
  • E-mail: dpo@peckadv.com.br

Applicable Law. This Privacy Policy will be interpreted pursuant to the Brazilian Law, in the Portuguese language.

 

STILL UNSURE ABOUT ANY TERM? THIS GLOSSARY MAY HELP.

We are aware that some terms used in this Policy may not be familiar to You. Therefore, for better understanding, we have prepared a glossary including some of their main definitions.

If any expression still raises doubts, feel free to contact us through our customer service channel indicated in the “FURTHER INFORMATION ABOUT THIS POLICY” section.

 

A

Anonymization: use of more technical, reasonable and available means of data processing, through which certain data loses the possibility of direct or indirect association to a natural person.

Applicable Law: every law concerning privacy and personal data protection, especially the Brazilian General Data Protection Law (Law nº 1. 13,709 of 2018) and ANPD’s published Resolutions.

 

B

Brazilian National Data Protection Agency – ANPD: administrative body responsible for ensuring, implementing and overseeing compliance with the Brazilian General Data Protection Law (Law nº 13.709 of 2018) throughout the Brazilian territory.

 

C

CCTV:Closed-Circuit Television” abbreviation. Camera-based monitoring and surveillance system that transmits images in real time to a video recorder and/or monitoring center through wired or IP system.

Cookies: archives installed on a user’s device, allowing collection of certain information for various purposes, including Personal Data in some situations.

 

D

Database: structured set of Personal Data, which may be established physically or digitally.

Data Controller: natural or legal person, of public or private law, who is responsible for decisions regarding the purposes and means of personal data processing.

Data Protection Officer (DPO): person designated by the Controller and Operator to act as a communication channel between data subjects and the Brazilian National Data Protection Agency (ANPD).

Data Subject: natural person, identified or identifiable, whose personal data is collected and processed.

 

I

IP:Internet Protocol” abbreviation. The set of numbers and letters that identifies the device You use to access our platforms.

International Data Transfer: transfer of personal data to a foreign country or international organization of which the country is a member.

 

O

Operator: natural or legal person, of public or private law, who processes Personal Data on behalf of our Controller.

Our systems/platforms: Our digital systems (institutional website, social media) and physical environment (physical locations).

 

Policy: this Privacy Policy.

Personal Data: any information relating to an identified or identifiable natural person (data subject). E.g.: name, e-mail, IP address, geolocation.  

Processing: any operation or set of operations which is performed on Personal Data or on sets of Personal Data, such as collection, production, reception, classification, use, access, replication, transmission, processing, archiving, storage, erasure or destruction, evaluation or information control, adaptation or alteration, communication, transfer, diffusion or extraction.

 

S

Sensitive Data: special category of Personal Data, which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms. They include racial or ethnic origin, religious beliefs, political opinions, membership in labor unions or religious, philosophical or political organizations, data concerning health or sexual life, genetic or biometric data, when linked to a natural person.

 

Y

You: user/data subject, our clients, professionals linked to Us, legal guardians, third parties (partners/suppliers) and visitors.

SUBSCRIBE TO OUR NEWSLETTER

Receive content on Law, Innovation, and Business.

SIGN UP

Our Office

Rua Henrique Schaumann, nº 270, 4º andar
Edifício Pinheiros Corporate,
São Paulo – SP | CEP: 05413-909
(11) 2189-0444