FANIA Control Cables

POLÍTICA
QUALITY POLICY
ENVIRONMENTAL POLICY
PRIVACY POLICY

FANIA ensures that the Quality and Environmental Policies have been established, meet the organization's purposes and rely on the commitment of all employees to meet applicable regulatory requirements, to continually improve the effectiveness of the quality and environmental system, and was structured to allow the establishment and critical analysis of quality and environmental objectives, being documented, communicated, understood and applied within FANIA at all levels and for all employees, and when appropriate disclosed to interested parties that are relevant to the internal quality system from FANIA. Quality and Environmental Policies are analyzed during management's critical analysis, taking into account their continued suitability for their purpose and strategic direction based on the organization's context. FANIA is committed to the continuous improvement of the Integrated Management System, considering the following principles:..

MISSION
Provide products and services that fully satisfy the needs of our customers and other interested parties, taking into account the management of the opportunities and risks involved.

KEY FACTORS
All employees of the organization are responsible for quality and are committed to meeting customer and interested party requirements that are relevant to the quality management system.

Valuing people, believing in their potential, giving them responsibilities and providing for their development through documented instructions and constant training, including addressing risks and opportunities.

GOAL
Maintain the FANIA brand as excellence and synonymous of control cables and a symbol of high quality in the automotive and parts production segment for the aftermarket.

MISSION
Provide control cables and components for vehicle applications, destined for the internal and external markets of original and replacement equipment, minimizing their environmental impact and taking into account interested parties, through a process of continuous improvement for waste management, with actions to its reduction and prevention of pollution.

KEY-FACTORS
Identify environmental aspects related to the nature and scale of past, current and future activities, establishing the level of impact on the environment, taking into account the management of opportunities and risks. Develop a management system integrating procedures with strategic planning to meet customer, legal and other applicable requirements, with the establishment of objectives and goals that are analyzed and monitored periodically. Raise awareness and train employees aiming for the rational use of resources.

GOAL
To be recognized as a conscious, responsible company dedicated to improving the environment, as a way of contributing to improve the quality of life of current and future generations.

INTERNAL PERSONAL DATA PROTECTION POLICY

1. Definitions

Personal data any information relating to an identified or identifiable natural person.

Sensitive personal data: any personal data that contains information about:

Racial or ethnic origin.
Religious conviction.
Political opinion..
Membership of a trade union or organization of a religious, philosophical or political nature.
Health.
Sex life.
Genetics or biometrics..

Holder: natural person to whom the data refers.

Processing::any operation with personal data, including storage. Consent: free and unequivocal expression by which the holder agrees to the processing of their personal data for a specific purpose.

Controller:: natural or legal person, governed by public or private law, who manages and makes decisions about the processing of personal data. In the case of this policy, FANIA.

Operator:: natural or legal person, governed by public or private law, who processes personal data on behalf of the controller. Operators are all service providers, partners and companies that process personal data on behalf of FANIA, as this company needs to hire a specialized service to do so. Specialized offices that offer advice to the company, as appropriate, are also operators.

Person in charge:: : person appointed by the controller to be responsible for communication between the controller, data subjects and the National Data Protection Authority (ANPD).

Personal data protection impact report: document that contains the description of the personal data processing processes, and the competent risk assessments to civil liberties and fundamental rights, with the necessary risk mitigation measures.

2. Objective of the internal data protection policy.

Guide all FANIA members on good practices in protecting personal data, aiming to comply with Law No. 13,709 of August 14, 2018, the General Personal Data Protection Law..

3. Context of the LGPD.

The LGPD was published in 2018 with the aim of bringing to the Brazilian legal system a concern that already exists in all developed countries: the protection of personal data. Worldwide, data protection legislation for natural persons is a necessary instrument to ensure greater legal security and respect for fundamental human rights. Therefore, compliance with such laws has been an important factor for companies and a decisive factor even when closing commercial partnerships.

4. LGPD Principles

The guiding principles of the Data Protection Law and also those of this internal policy are:

Adequacy
Necessity
Free access
Data Quality
Transparency
Security
Prevention
Non-discrimination
Responsibility and accountability

Adequacy: data processing must be compatible with the purpose informed to the holder

Necessity: processing must be limited to the minimum necessary to achieve the proposed purpose

Free access holders have the right to access information relating to the treatment their data receives at any time.

Data quality: data processing must keep it accurate, clear, relevant and up-to-date, without discrepancies or distortions

Transparency: data processing must be explained to data subjects in a transparent and accessible manner, observing the necessary commercial and industrial secrecy.

Security: personal data must be protected by the controller, so that it is not lost, altered, destroyed or accessed inappropriately

Prevention it is up to the controller to take measures to prevent damage originated from the processing of personal data..

Non-discrimination the processing of personal data must not be carried out for discriminatory, illicit or abusive purposes.

Responsibility and accountability: demonstration, to data subjects, of the measures used to ensure compliance with the General Personal Data Protection Law.

5. Shared responsibility

Fania is responsible for the correct processing of personal data of which it is the controller and operator. It is important to highlight that the company only shares data in accordance with the LGPD, respecting the provisions and legal bases set out in the legislation.

The culture of privacy within the company is promoted and shared among all Fania employees and those who act as operators, with everyone's cooperation being essential so that the company is always in compliance with the law, offering security to all data holders personnel under your control. To this end, procedures such as Information Security Policy, Privacy Policy in the Work Environment and all others must be fully followed by all those who process personal data on behalf of the company..

Under the terms of art. 42 et seq. of the General Data Protection Law (Law 13,709 of August 14, 2018), a personal data operator who fails to comply with the controller's legal data protection guidelines – in this case FANIA – will respond to the extent of its contractual responsibility and civil, administrative and criminal law regarding the inappropriate processing of data.

Violation of company secrets, a concept that includes personal data under its control, may, at the sole discretion of Management, be grounds for dismissal of employees for just cause or termination of contracts of service providers involved in the violation, without prejudice to the actions judicially applicable return.

6. Processing of personal data at FANIA

The processing of personal data at FANIA must follow the principles defined in this policy, and must be strictly aimed at the purposes for which the data collection is intended, respecting the principles of this policy and the information sharing and security criteria.

Another important point: personal data is only handled by people who need to handle it. This reduces the risk of human error leading to a leak or inappropriate use of information. We guarantee this by dividing the data by sectors, and by specific responsibilities within each sector. This way it will be known in each situation who the data handlers are, and the risks of an information security incident will be reduced enormously..

To guarantee this sectorized processing of data, each FANIA employee or service provider's access to the company's database is individual and protected by their own non-transferable password, in addition to specific guidelines set out in the Information Security Policy. Thus, only people authorized to handle personally identifiable data of employees and contractors, for example, will be able to access it.

7. Personal data collection criteria

Information relating to natural persons must only be collected to the extent necessary to comply with legislation, fulfill contracts and in other legal cases provided for in the LGPD, as well as consent - General Data Protection.

AThe Collection of personal data will be accompanied with appropriate privacy information associated with the purpose of collection and the rights of the data subject collected..

In the case of consent, it will be required for the processing hypotheses set out in the LGPD in which no other legal basis is applicable.

8. Personal data storage criteria

Regarding storage, the following guidelines must be followed:

When physically stored, data is kept in a locked location, out of reach of anyone other than those expressly authorized to access it.
When stored digitally, they are in a folder protected by encryption and restricted access by personal password.

Any copies of personal data are made to meet the need to fulfill the purpose proposed for processing or for information security reasons.

9. Criteria for internal access to personal data

Personal data may only be transmitted internally to people whose role within the company requires them to have access to it. For example: (i) data relating to occupational health, such as medical certificates, admission exams, among others, can only be shared within the company with people who are responsible for processing this information, such as the person responsible for HR, and cannot be shared with someone from the technical area who does not need to have access to this data to carry out their functions. (ii) customer and contract data are only manipulated by employees who need such information to comply with the law, contract or judicial and administrative order.

10. Criteria for external sharing of personal data.

The sharing of personal data with people or entities external to FANIA must be restricted to the minimum necessary for the execution of contracts and provision of services in which the holders are involved, or for the fulfillment of any legal obligation. Even when the treatment directly involves the provision of services.

The external sharing of personal data of customers or company members for purposes other than those provided for in the contract or provided for by law is prohibited – by any means, telephone, digital or in writing. To do so, specific consent must be obtained

11. Personal data deletion criteria.

When the purpose of processing personal data has been achieved, and they no longer need to be stored to satisfy any legal, contractual requirements or the legitimate interests of FANIA, they must be duly eliminated physically and digitally.

12. Provision of information and transparency.

FANIA and personal data operators must provide all information required by holders regarding the processing of their personal data, respecting the company's right to maintain commercial secrecy when applicable. The purpose of the processing must always be clear and transparent. When a request is made for the provision of information about personal data by the holder, directly to the operators who process data on behalf of FANIA, they must inform the company's Personal Data Protection Officer, so that the information requested by the holder can be provided.

13. Person in Charge of Personal Data Protection.

The person responsible for protecting personal data will be the person responsible – under the terms of the LGPD – for communication between data subjects, FANIA and the National Data Protection Authority (ANDP). The person in charge is responsible for verifying existing risks, pointing out corrective measures and periodically evaluating the security of personal data within the company, and must also carry out any necessary communications with data subjects or public authorities. Any questions that arise in the company's day-to-day operations regarding the protection of personal data must be taken to the person in charge so that he or she can immediately guide the operator or seek guidance from ANDP and other specialized entities appropriate to the question raised.

14. Contacts.

If you have any questions or to request information about this policy, please contact the Data Protection Officer:
dpo.fania@fania.com.br

Online

Store

Location

Itajubá/MG

SAC

+55 (35)3629-5807

E-mail

fania@fania.com.br

Últimas Notícias

Dia da Mulher

Dia do Trabalho

Nosso Catálogo Eletrônico

Quality and Environment Policy

Delivering results with solid reliability