Welcome to Cathalyst LTDA's Privacy Policy. At Cathalyst, we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you interact with our services, including our website, AI solutions, industrial IoT implementations, and business consulting services.
By accessing or using our services, you agree to the collection and use of information in accordance with this policy. We will not use or share your information except as described in this Privacy Policy.
2. Information We Collect
2.1 Personal Information
We may collect personally identifiable information, including but not limited to:
Full name
Email address
Phone number
Company name and position
Billing and payment information
Information provided in forms, surveys, or other interactive portions of our services
2.2 Technical and Usage Data
When you access our services, we may automatically collect:
IP address and geographical location
Browser type and version
Operating system information
Pages visited and navigation patterns
Time spent on pages and interaction information
Device information
2.3 Data from IoT Devices and AI Systems
For clients utilizing our Industrial IoT services or AI solutions, we may collect:
Machine and equipment performance data
Sensor readings and operational metrics
Process optimization data
Data inputs provided to our AI systems
Generated outputs and analysis results
3. How We Use Your Information
Cathalyst LTDA uses the collected information for various purposes, including:
Providing, operating, and maintaining our services
Improving, personalizing, and expanding our services
Understanding and analyzing usage patterns and preferences
Developing new products, services, and features
Processing transactions and sending related information
Communicating with you about updates, security alerts, and support
Providing customer support and addressing technical issues
Marketing and promotional purposes (with your consent)
Ensuring compliance with legal obligations
Preventing fraudulent or unauthorized transactions
4. Legal Basis for Processing (LGPD & GDPR Compliance)
Under the Brazilian General Data Protection Law (LGPD) and the European General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:
Consent: Where you have explicitly agreed to the processing of your data for specific purposes.
Contractual Necessity: Processing necessary for the performance of a contract to which you are a party.
Legal Obligation: Processing necessary for compliance with a legal obligation to which we are subject.
Legitimate Interests: Processing necessary for our legitimate interests, provided they do not override your fundamental rights and freedoms.
5. Data Sharing and Disclosure
We may share your information with third parties in the following situations:
Service Providers: We may employ third-party companies to facilitate our services, perform service-related tasks, or assist in analyzing how our services are used. These third parties have access to your personal information only to perform these tasks on our behalf.
Business Transfers: If Cathalyst LTDA is involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction.
Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities.
Protection of Rights: We may disclose information to protect the rights, property, or safety of Cathalyst LTDA, our clients, or others.
We do not sell, trade, or rent your personal identification information to others without your explicit consent.
6. Data Security
We implement appropriate data collection, storage, and processing practices and security measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal information and data stored on our systems.
Our security measures include:
Encryption of sensitive data
Regular security assessments and audits
Access controls and authentication requirements
Employee training on data protection
Physical and electronic safeguards
While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. No method of transmission over the Internet or electronic storage is 100% secure.
7. Cookies and Tracking Technologies
Our website and services may use "cookies" and similar tracking technologies to enhance user experience. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our services.
We use cookies and similar tracking technologies to:
Remember user preferences and settings
Understand how users interact with our services
Analyze usage patterns and trends
Improve our services based on user behavior
Provide targeted content and advertisements
8. AI and Automated Processing
As an AI consulting firm, Cathalyst LTDA may use artificial intelligence and automated processing systems to analyze data, deliver services, and enhance user experiences. These systems may:
Process user inputs to generate outputs or recommendations
Analyze patterns in data to provide insights
Learn from interactions to improve service quality
Generate content or responses based on provided data
You have the right to request human intervention, express your point of view, and contest any decision made solely by automated means that significantly affects you.
9. Industrial IoT Data Processing
For clients using our Industrial IoT services:
Machine and sensor data is processed according to contractual agreements
Operational data is used to provide insights, maintenance recommendations, and process optimizations
Aggregated and anonymized data may be used to improve our services
We implement appropriate technical measures to secure industrial data
10. Your Data Protection Rights
Under the LGPD, GDPR, and other applicable data protection laws, you have certain rights regarding your personal data:
Access: You can request copies of your personal data.
Rectification: You can request that we correct inaccurate or complete incomplete data.
Erasure: You can request the deletion of your personal data in certain circumstances.
Restriction: You can request that we restrict the processing of your data in certain circumstances.
Data Portability: You can request that we transfer your data to another organization or directly to you.
Objection: You can object to our processing of your personal data in certain circumstances.
Withdraw Consent: You can withdraw your consent at any time where we relied on consent to process your data.
To exercise any of these rights, please contact us using the information provided in the "Contact Us" section.
11. Data Retention
We will retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:
The duration of our ongoing relationship with you
Legal obligations to retain data for certain periods
Relevant statutes of limitations
Ongoing or potential disputes or legal claims
Guidelines from relevant data protection authorities
12. International Data Transfers
Your information may be transferred to and processed in countries other than the one in which you reside. These countries may have data protection laws that differ from those in your country.
When we transfer personal data outside of Brazil or the European Economic Area, we ensure a similar degree of protection by ensuring at least one of the following safeguards is implemented:
Transferring data to countries that have been deemed to provide an adequate level of protection
Using specific contracts approved by relevant data protection authorities
Implementing appropriate technical and organizational safeguards
13. Children's Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to remove that information from our servers.
14. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
15. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
Cathalyst LTDA
Email: administrativo@cathalyst.co
Phone: +55 (51) 98150-8056
Address: Porto Alegre, Brazil
Our Data Protection Officer can be contacted at dpo@cathalyst.com.br