Supplementary Privacy Notice – Brazil

This supplementary privacy notice from Mintz Group LLC and its affiliates (collectively, “MG”) provides additional information as required by Federal Law No. 13,709/2018 – General Data Protection Law of Brazil (“LGPD”).  The provisions and statements in MG’s Global Privacy Policy explain our practices with respect to Personal Information (term defined in the Global Privacy Policy), in Brazil.

Information about MG

This information is provided by MG on behalf of itself and its affiliates.  MG is headquartered in the United States.  You may contact MG’s privacy department via email at or write to the privacy department at MG’s headquarters, as follows: 

MG Data Protection Team
116 E 16th Street, 4th Floor
New York, New York, 10003

Collection and use of Personal Information

As described in MG’s Global Privacy Policy, some Personal Information is necessary for us to establish a business relationship with you so that you can engage us to provide services.  

MG’s Global Privacy Policy explains the purposes for which we process your Personal Information.

Also as described in MG’s Global Privacy Policy, we may also process your Personal Information to comply with local record retention laws and other applicable legal requirements. 

Automated decisions

We do not use profiling and analytics to understand how people use MG services.  We do not make automated decisions about you.

Your Rights 

You may choose how MG will use your Personal Information whenever MG acts as data controller with respect to the custody and processing of your information.  We will not use your Personal Information for marketing communications without your written consent.  

Pursuant to the Brazilian LGPD, MG agrees and understands that you have the right to submit requests based on the following rights:

  • Confirmation of processing;
  • Access to data;
  • Correction of incomplete, inaccurate or outdated data;
  • Anonymization, blocking or deletion of unnecessary, excessive data;
  • Data portability to another service provider or product, upon express request, as may be provided by the appropriate law;
  • Deletion of data processed with your consent;
  • Obtaining information about the public or private entities with which MG shared your data;
  • Information on the possibility of you not providing consent, as well as being informed about the consequences should consent not be given;
  • Revocation of consent.

To exercise these rights, please write to our privacy department at: and a member of our privacy team will assist you.  Please note that we may need to verify your identity before we process your request.

If MG is processing your Personal Information as a data processor, you will receive our client’s contact details (e.g. the client that provided your Personal Information to us in order to obtain our services) to obtain support with your requests directly with this client.  MG supports its clients by responding to requests as required by law and, subject to applicable laws, MG’s response will be undertaken pursuant to MG’s clients’ direction.

We note that your request regarding your rights as data subject may be legally rejected, either for formal reasons (such as your inability to prove your identity) or legal reasons (such as the request for deletion of data whose maintenance is required or permitted by law).  In the event that MG is unable to approve your request in these situations, MG will notify you and provide reasonable justification of why the request cannot be fulfilled.

If you believe that we are processing your Personal Information in violation of applicable law, you may also file a complaint with MG’s Data Protection Officer, Esther Rhee (Associate General Counsel and Managing Director), who may be contacted at, or with a supervisory authority.

Sharing Personal Information

As noted in MG’s Global Privacy Policy, we may share your Personal Information with the client that requested our services and with our affiliates and certain third parties as necessary to provide the services requested by the client, and to comply with applicable law.

We also may share your Personal Information with our service providers, who are required to protect it by law or contract and use it in accordance with our instructions.

International Transfers

In accordance with Mintz Group’s Global Privacy Policy, your Personal Information may be transferred, stored or processed in the United States and other countries that may not have equivalent privacy or data protection laws.

In general, we may use standard contractual clauses to ensure that Personal Information is adequately protected when transferred outside Brazil, or we may make transfers using other mechanisms as permitted by law. 

Please contact us at if you would like more information about international transfers.

Duration of processing and retention of Personal Information

We will retain your Personal Information as long as it is necessary for the purposes set out above and for any additional period that may be required or permitted by law.  The period in which your Personal Information is retained depends on the purposes for which it was collected, how it is used, and the requirements to comply with applicable laws.  You may request the deletion of your Personal Information via email at or by writing to MG’s privacy department at the address above.  If we do not have a legal basis for retaining your information, we will delete it in accordance with applicable law.