Privacy Policy
Last updated: June 2026
This Privacy Policy describes how the Safety Culture Diagnosis collects, uses, stores, shares and protects the personal data of this website's visitors, in compliance with the Brazilian General Data Protection Law (LGPD — Law No. 13.709/2018). By using this website and submitting your data through our forms, you acknowledge the conditions described here.
1. Who is the data controller
The controller responsible for processing the personal data collected on this website is Safety UP (CNPJ 35.064.250/0001-70). For any matter related to privacy or the processing of your data, contact our Data Protection Officer (DPO) at dpo@andrezaaraujo.com.
2. What data we collect
We collect the data you voluntarily provide when completing the quote request form: company name, corporate email, contact phone, address and details of the units to be assessed (location, number of employees and contractors) and any comments. We may also automatically collect technical browsing data (IP address, browser type and access date/time) through cookies and similar technologies, as detailed in our Cookie Policy.
3. How we use your data
We use the collected data to: (a) respond to your quote request and prepare a tailored commercial proposal; (b) contact you about the Safety Culture Diagnosis; (c) comply with legal and regulatory obligations; and (d) prevent fraud and ensure website security. We do not use your data for purposes incompatible with those described here.
4. Legal basis for processing
The processing of data provided in the form is based on the data subject's consent (art. 7, I of the LGPD), expressed when accepting this Policy, and on legitimate interest for commercial contact (art. 7, IX). The processing of non-essential cookie data is based on your consent, collected through the cookie banner.
5. With whom we share your data
We do not sell or rent your personal data. We share data only with processors that provide us essential services, under a contractual obligation of confidentiality and security: Resend (sending and processing contact emails) and Cloudflare (hosting, content delivery network and website security). These providers may process data outside Brazil; in such cases, we adopt appropriate safeguards under the LGPD. We may also share data when required by a competent authority or by legal obligation.
6. How long we keep your data
We retain your personal data only for as long as necessary to fulfil the purposes described in this Policy, unless a longer period is required by law or for the regular exercise of rights. Once the commercial relationship ends and legal obligations are met, the data is securely deleted or anonymized.
7. How we protect your data
We adopt technical and organizational measures to protect your data against unauthorized access, loss, alteration or improper disclosure, including encryption in transit (HTTPS), access control and the use of providers that follow recognized security standards. No system is entirely risk-free, but we work continuously to mitigate such risks.
8. Your rights as a data subject
Under the LGPD, you may at any time: confirm the existence of processing; access your data; correct incomplete or outdated data; request anonymization, blocking or deletion; request portability; obtain information about sharing; and withdraw consent. To exercise your rights, write to dpo@andrezaaraujo.com.
9. Cookies
This website uses cookies essential to its operation and, subject to consent, analytics and marketing cookies. For details on cookie types and how to manage them, see our Cookie Policy.
10. Changes to this Policy
This Policy may be updated periodically to reflect legal, technical or service changes. The current version will always be available on this page, with the date of the last update shown at the top. We recommend reviewing it periodically.
11. Contact
If you have questions about this Privacy Policy or about the processing of your personal data, contact our Data Protection Officer (DPO) at dpo@andrezaaraujo.com.