Acesso Rápido
Consultar
Deseja fazer qual tipo de consulta?
BSM Personal Data Protection Statement
Do you know why this page is named Personal Data Protection Statement instead of Privacy Policy, as you might have seen on most websites?
We explain: BSM wants to tell you what personal data we have and what we do with it. After all, we care about your privacy and understand how important it is for you to have your personal data protected. Therefore, it is important that you know how we handle your personal data and that you have control over it.
This Statement will explain what we do with your personal data for the performance of BSM's self-regulation activities. Regarding our digital channels and the use of Cookies, you can access the Statements for each of them on our website.
It is important that you read this Statement carefully and, if you have any questions, contact us by sending an email to [email protected]. We will be happy to assist you!
Let's go! To ensure your complete understanding, how about getting to know some concepts?
To help you understand how BSM collects and uses your personal data, we first need to explain what BSM is and how its activities work, according to the authority granted by the Securities and Exchange Commission (CVM). So, let's go:
BSM is the self-regulation of the markets managed by B3 and other organized market administrators and market infrastructures authorized to operate by the CVM that may hire its self-regulation services. According to CVM regulations, these organized securities market institutions must have self-regulation as a requirement for operation. BSM acts as an auxiliary body to the CVM in supervising organized markets and their Participants (such as securities brokers and distributors) and representatives.
BSM's activities are divided into three pillars, as shown in the table below:
Pillar 1: GUIDANCE
We share knowledge and guide market Participants
Pillar 2: MARKET INTEGRITY
Our activities are aimed at ensuring compliance with the rules and regulations that govern the markets under our supervision. We supervise 100% of the offers and operations of the markets managed by B3 and other market infrastructures, and we audit their Participants. To perform this activity, CVM regulations guarantee BSM broad and unrestricted access to the offers and operations of the markets under its supervision and determine that the entities managing organized exchange and over-the-counter markets, the market infrastructures authorized to operate by the CVM, and the Participants provide the information requested by BSM.
Pillar 3: INVESTOR PROTECTION
We promote market confidence and transparency. We manage B3's Investor Compensation Mechanism (MRP), which aims to compensate investors for losses resulting from operational failures of Participants in the intermediation of securities transactions in the stock market.
Now that you are familiar with BSM's activities, let's explain how we collect and use your personal data:
PERSONAL DATA WE COLLECT
If You are an investor:
a. We receive your registration data and investor profile from Participants.
b. Each transaction you make is recorded in the B3 systems and/or in the systems of other BSM self-regulation and is shared with BSM.
WHAT WE USE THEM FOR:
If You are an investor:
We use your personal data to perform BSM's activities based on the previously defined pillars.
- a.We comply with legal and regulatory obligations and report to regulators such as the CVM, the Central Bank of Brazil (BACEN), public authorities, among others.
- b.We monitor your transactions, ensuring the security and integrity of the markets managed by B3 and other organized market administrators and market infrastructures authorized to operate by the CVM that may hire BSM's self-regulation services.
a.We use your personal data to analyze and adjudicate the Request you submitted to the MRP.
- b.Once the MRP process is completed, the information from your process is published on the BSM website, as required by CVM regulations and the MRP Regulation.
BSM is the self-regulation of the markets managed by B3 and other organized market administrators and market infrastructures authorized to operate by the CVM that may hire its self-regulation services.
The self-regulation activities are monitored by the CVM. Therefore, we share your data with the CVM, as well as other institutions to comply with regulatory obligations and judicial determinations.
Security above all! Transparency too. BSM will keep your personal data securely, according to the periods stipulated below and to achieve the purposes, which vary depending on the service. For example:
It is important for you to know that BSM has internal rules regarding the retention and disposal of information to ensure that the data will no longer be used at the right time and in a secure manner.
You have the right to request certain actions from BSM regarding your personal data.
You can do this at any time through an express request, which can be made by you or your legal representative.
After taking the necessary steps to confirm your identity (and, when applicable, the validity of the representation presented by your legal representative), BSM will evaluate your request as described below.
It is important to remember that when processing personal data of children and adolescents, parents and/or legal guardians will be guaranteed the exercise of the same rights regarding the processing of their represented/assisted data.
To make a request or if you want additional information, access: [email protected]. You can request the exercise of the following rights regardless of your location or nationality.
You can ask to confirm if we have your personal data in our environments. If so, you can request access to your personal data at any time.
If we are using your data based on your consent or to execute a contract, you can also request a full electronic copy of your data in a format that allows its use in other situations, including in processing operations.
If we are using your data based on your consent or to execute a contract, you can also request a full electronic copy of your data in a format that allows its use in other situations, including in processing operations.
You can revoke any consent you have given to BSM at any time.
As the withdrawal of consent may have some direct or indirect consequences on products or services you have contracted, we will clarify the consequences of this withdrawal before fulfilling your request, okay?
As the withdrawal of consent may have some direct or indirect consequences on products or services you have contracted, we will clarify the consequences of this withdrawal before fulfilling your request, okay?
In certain circumstances, you can request the correction of personal data that you consider incomplete, inaccurate, or outdated.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
In addition to the rights above related to consent, if BSM is using your personal data because you consented, you have the right to request the deletion of this personal data at any time.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
BSM's premise is to process only the personal data necessary for the intended purposes. However, if you consider that your personal data used by BSM is excessive for achieving the purposes or BSM is not observing what the LGPD determines, you can request the anonymization, blocking, or deletion of this personal data.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
In cases where BSM uses your data with your consent or to execute a contract signed with you, you have the right to request the portability of your personal data in two ways:
Your portability request will be analyzed, and when we can fulfill it, only the data you have effectively provided will be subject to portability, directly or indirectly. Anonymized data and data inferred from the use of our products and services will not be subject to portability.
- Receiving the data in a structured, interoperable, or commonly used format that can be automatically read by computers, so that it can be used by another service or product provider; or
- Direct transfer of the data to another service or product provider, also in a format that allows the new provider to use the data.
Your portability request will be analyzed, and when we can fulfill it, only the data you have effectively provided will be subject to portability, directly or indirectly. Anonymized data and data inferred from the use of our products and services will not be subject to portability.
In cases where BSM uses your data with your consent or to execute a contract signed with you, you have the right to request the portability of your personal data in two ways:
Your portability request will be analyzed, and when we can fulfill it, only the data you have effectively provided will be subject to portability, directly or indirectly. Anonymized data and data inferred from the use of our products and services will not be subject to portability.
- Receiving the data in a structured, interoperable, or commonly used format that can be automatically read by computers, so that it can be used by another service or product provider; or
- Direct transfer of the data to another service or product provider, also in a format that allows the new provider to use the data.
Your portability request will be analyzed, and when we can fulfill it, only the data you have effectively provided will be subject to portability, directly or indirectly. Anonymized data and data inferred from the use of our products and services will not be subject to portability.
BSM's premise is to observe all LGPD rules. However, if you consider that BSM is not observing what the LGPD determines when using your personal data, you can object to the processing of your personal data at any time.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
You can always make a request or petition to BSM or the national personal data protection authority about situations involving the processing of your personal data.
If BSM uses your data to make exclusively automated decisions, that is, without any human intervention, you can request a review of the decision.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
Now, if you are a person located in the European Union and your data was collected while you were in the European Union, know that, in addition to the LGPD, the GDPR regulation will also apply, which has some different rights, as described below. But you can also request all the rights described above.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
Now, if you are a person located in the European Union and your data was collected while you were in the European Union, know that, in addition to the LGPD, the GDPR regulation will also apply, which has some different rights, as described below. But you can also request all the rights described above.
You can ask to confirm if we have your personal data in our environments and, if so, request access to it and also request a full electronic copy of your personal data in a format that allows its use in other situations, including in other processing operations.
You can revoke any consent you have given to BSM at any time.
As the withdrawal of consent may have some direct or indirect consequences, we will inform you of the consequences of this withdrawal before fulfilling your request.
As the withdrawal of consent may have some direct or indirect consequences, we will inform you of the consequences of this withdrawal before fulfilling your request.
In certain circumstances, you can request the correction of your personal data that you consider incomplete, inaccurate, or outdated.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
GDPR - DELETION OF DATA
You can request the deletion of your personal data in the following situations:
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
Your portability request will be analyzed, and when we can fulfill it, only the data you have effectively provided will be subject to portability, directly or indirectly. Anonymized data and data inferred from the use of our products and services will not be subject to portability.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
PETITION You can always make a request or petition to BSM, to our representative in the European Union via email [email protected], or to the Personal Data Protection Authority of your country.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
REVIEW OF AUTOMATED DECISIONS If BSM uses your data to make exclusively automated decisions, that is, without any human intervention, you can request a review of the decision.
If BSM cannot, for technical or legal reasons, fulfill your request, we will inform you of the reasons that prevent us from proceeding.
BSM, to ensure the efficiency and quality of its services, has relationships with international regulatory and self-regulatory entities. Therefore, your personal data may be transferred to other countries.
BSM takes the protection of your personal data seriously in its activities, adhering to strict security and confidentiality standards to provide a safe and reliable environment. We use tools and technologies to maintain the integrity and confidentiality of your information, as well as to protect it from unauthorized access.
Additionally, we restrict access to your information only to authorized and trained individuals who are obligated to maintain confidentiality and secrecy, and who adopt security measures.
We also require all organizations or individuals contracted to provide support services to comply with contractual provisions and/or rules established by BSM, such as the Information Security Policy, the Supplier Code of Conduct, Regulations, and Manuals, among others.
BSM works tirelessly to ensure that the information disclosed to clients is true and accurate, with rigorous monitoring controls of the information provided.
This statement may be changed at any time. The latest version will always be considered the current version.
If we make any changes to the statement, we may post a notice or send you an email along with the updated Statement. Therefore, it is always important to keep your contact information up to date.
To check the date of the current version, refer to the "Update Date" at the beginning of this document.
Exercise of Rights
If after reading this Personal Data Protection Statement you need to contact us regarding matters involving your personal data, please reach out through the channels below:
Electronic Service:
Digital Request
If you have any questions regarding the opening of your request or the validation of your identity
access the step-by-step guide below: Step-by-step electronic service guide
Letter:
Download letter template BSM – Market Supervision (A/C: Governance Management) Praça Antônio Prado, 48 – 1st Basement – Protocol Centro – São Paulo – CEP: 01010-901 Contact Us
If you have any other questions, criticisms, or suggestions exclusively related to the LGPD (General Data Protection Law), please contact us through the channel below:
Email:
[email protected]
Data Protection Officer:
Cristiano Adjuto E Campos