Privacy Policy - DBPA​

Out of respect for our clients, suppliers, and other stakeholders, we have prepared a privacy policy that establishes how Di Blasi, Parente & Associados – DBPA – handles personal data under our care, whether physically on the office premises or digitally in information storage systems.

Please read this privacy policy carefully. Through it, we want to explain how we treat and protect your personal information and your rights in a simple, clear, and transparent way. Your security and that of your data are vital to us, and we consider your privacy a core value of our firm. To take good care of your business and your company, we need to handle your data properly and securely.

Personal data is any information that directly or indirectly identifies an individual, such as CPF, address, voice, image, license plate number, digital number, etc. According to the General Law of Data Protection – LGPD – personal data has legal protection, being its holders the ones who have rights over it and what to do with it. If you provide DBPA with your personal data, we must process it properly and securely stored it.
DBPA process your personal data with your consent, when it is applicable, for various purposes (reasons), to comply with a legal and regulatory obligation, by carrying out a contract with you, etc. The DBPA may request your express written consent or by any other means which confirms it when necessary.

According to LGPD, data processing is any action that DBPA may perform with your personal data, such as collecting, storing, transferring, and deleting the data from our systems.

It is important to note that the processing of your personal data is vital to the provision of the legal services for which DBPA has been contracted, as well as:

  • To identify and/or send relevant content about a preference or interest expressed by you to DBPA, including, newsletters, events, invitations, social network posts, messages via digital platforms, reminders, thank you notes, among others
  • For the formation of a database of DBPA suppliers and service providers as well as for the conclusion of related contracts
    For the formation of a database of employees, associates, and other collaborators
  • For defense and administration of DBPA’s interests, including compliance with regulatory issues
  • To the enforcement of the applicable legislation
  • For the fulfillment of any other demand requested by you to the DBPA

Name of controller: Alexandre Prado Ribeiro


Data Protection Officer / DPO

Name of Data Protection Officer: Ricardo de Barros Saracuza



On this page, we may collect your data through different sections, in relation to which we provide the following information:



No personal data in our custody will be transferred to third parties, except with the express consent of the employee or to comply with legal, regulatory, or contractual obligations.


As a general rule, DBPA does not practice international personal information transfers. No personal data will be transferred to third parties located outside the country, except through express authorization/consent of the employee or to comply with legal, regulatory or contractual obligations.

If there is any need for the international transfer of your data, you will be notified in advance.


DBPA guarantees, in any case, the exercise of your rights. You have the right to revoke or withdraw consent at any time. Likewise, you may exercise your right of access, rectification, limitation of suppression, opposition to its processing, or portability.

Access: The data subject has the right to be informed whether or not his or her personal data is being processed and, if the processing is confirmed, that processing information is provided to him or her.   Reasons for exercising the right:

  • I would like to confirm whether or not your personal data is being processed.
  • I would like to know what personal data we are responsible for.
  • I would like information about the processing performed on your data.

Resubmit: The data holder has the right to have their data corrected when it is inaccurate or incomplete.

Exclusion: The data holder has the right to have their personal data deleted. Examples: The processing or processing is unlawful, the data subject has withdrawn their consent, the data is no longer necessary in relation to the purposes for which it was collected or processed, the data must be deleted to comply with a legal obligation of the DBPA.

The personal data collected by the DBPA is stored indefinitely, while the legal relationship between the DBPA and the data subject persists. After its termination, they will be archived for the legal term and then anonymized.

Opposition: The personal data owner has the right to object to the processing of their data for reasons related to any situation. Examples: Processing based on satisfying the legitimate interests of the DBPA or third parties, if these do not override the interests or rights and freedoms of third parties, especially if he/she is a minor; user profiling, processing for historical, statistical, or scientific research purposes, unless the processing is necessary for reasons of public interest.

Limitation: The personal data owners will have the right to obtain from DBPA their personal data to limit the processing. For example, the processing is unlawful, and the data subject objects to the deletion of the data and requests instead of the limitation of its use.

Portability: The interesting party has the right to have from the DBPA the transmission of its data to another responsible party or even to the interested part, through a structured format of habitual use and mechanical reading. 

Automated decisions: The personal data owner has the right not to be subject to profiling whose purpose is to make individual decisions based on automated data processing.  Examples: when the purpose of the automated data processing is to evaluate, analyze or predict certain personal aspects.

The personal data owner may exercise their rights by sending a written request, accompanied by a copy with the identification or other document proving the identity, through the following means:



Rio de Janeiro. Av. Presidente Wilson, 231 – 13º andar, centro – CEP 20030-905

São Paulo. Alameda Santos, 455 – 14º andar, Cerqueira César – CEP 01419-000

For your demand to be satisfied, we need complete information. In case not all data is provided, the DBPA cannot guarantee that it can fulfill the purpose of the processing.


DBPA adopts all the technical and organizational measures necessary to guarantee the security and integrity of the personal data provided by the user, as well as to avoid its loss, alteration, and/or access by unauthorized third parties.

The site has the SSL Certificate (Secure Socket Layer) in order to guarantee security in data transmission between the browser and our site.


DBPA reserves the right to modify this policy to adapt it to future legislation, or applicable regulations or for technical, operational, commercial, and corporate reasons. In any case, it is recommended that, each time you access this platform, you read this policy in detail, as any modification will be published through it.

This privacy policy was prepared by the Data Officer, Marília Kairuz Baracat and approved by the administrators.

Last update: January, 2021.