Terms and Conditions of Use and Privacy Policies

This privacy policy applies to all types of activities in which personal data is processed on the websites of the EDP Group.

The purpose of this Privacy Policy is to demonstrate the EDP Group's commitment to privacy and the protection of personal data of its USERS or individual USERS, establishing rules regarding the collection, registration, storage, use, sharing, and elimination of personal data within the services and functionalities of the websites, in accordance with applicable and current Brazilian legislation.

As a condition to access and use the exclusive functionalities of the websites, the USER declares that he/she is legally capable and has read this document's rules completely and carefully, being fully aware and in agreement with the policy stipulated here.

You, as the USER, may contact the Data Controller appointed by EDP Brasil regarding any matter related to this privacy policy through the following email address: suaprivacidade@edpbr.com.br.

The EDP Group is the entity responsible for processing the personal data of the USERS of the WEBSITES related to the EDP domains located in Brazil, and is committed to ensuring the protection, confidentiality, and privacy of this information. 

Personal data are information that identifies and allows us to know who you are within the EDP environment. Thus, as a USER, you voluntarily provide and/or submit your data to access and interact on the WEBSITES.

Information provided by you
From the information provided by you through the forms available on our websites and applications, EDP will collect personal identification data such as, for example, name, phone number, email, ID, CPF, and address. It is possible that other information may be requested through direct contact from EDP with USERS, in person, via email, or phone.

Website navigation information
When accessing our websites and applications, a 'cookie' may be installed on your browser to identify how many times you return to our address. In this case, information such as IP address, geographical location, reference source, browser type, duration of visit, and pages visited may be collected.

Data generated for the use of our Services or request for our Products
If you use any of our Services, or request our Products, EDP may collect other information necessary for the execution of the Service contract or provision of the Product. In this case, contact data such as full name, email, phone number, ID, CPF, and full address may be collected.

All personal information collected within the scope of EDP website usage is intended to:

• Identify the User.
• Utilize for service provision or product supply.
• Comply with legal or regulatory obligations.
• Respond to customer and USER requests.
• Inform the USER about content, news, updates, and other matters for maintaining the relationship between the USER and EDP.

EDP is not responsible for the truthfulness, accuracy, or inconsistency of information provided by USERS. If this data is not updated, EDP recommends that the USER contact us to update their information through our available service channels. EDP will inform the USER when consent is necessary for the execution of its activities. Consents to be collected by EDP will be obtained individually, clearly, specifically, and legitimately to meet the established purpose.

Your data may be shared with regulatory bodies related to EDP, as well as with judicial, administrative, or governmental authorities when there is a specific request for this matter, according to legal provisions.
Your data may be customized (“Privacy by Design”) for certain Service or Product to increasingly adapt them to your preferences and interests.

Personal data may be transferred in whole or in part to third-party companies, business partners that are not part of the EDP Group to ensure the proper performance of activities within the Company's environment. It is also possible that personal data may be shared among companies within the EDP Group.

This transfer will seek the purpose intended for that activity established in the EDP Group's activities.

Personal data may be transferred, in whole or in part, abroad to entities located outside the USER's country of residence.

EDP Brasil is attentive to the requirements established by current legislation and guarantees the use of appropriate tools and measures (such as the European Commission Standard Contractual Clauses), adopting best security and privacy practices to protect USERS' personal data.

Access to personal data will be restricted to EDP employees, and among these, only people with specific internal authorizations for this purpose.

Among other rights provided for in data protection legislation, upon request and at any time.

A EDP disponibiliza aos USUÁRIOS um canal de comunicação específico para atendimento de solicitações: Portal de Privacidade.

Este canal de comunicação é exclusivo para atendimento de solicitações relacionadas ao tratamento de dados pessoais tais como:

• Confirmação da existência de tratamento de dados pessoais dentro do ambiente da EDP.
• Bloqueio ou oposição ao tratamento de dados.
• Eliminação de dados desnecessários e/ou excessivos.
• Exclusão de dados, observado o cumprimento de obrigações legais ou regulatórias.
• Revisão de decisões automatizadas.
• Revogação do consentimento.

The retention period of personal data within EDP is in accordance with the requirements of the legislation related to the sector, and may vary according to the purpose for which they were collected. 
In any case, the data of EDP's USERS and customers is stored in a secure and controlled environment for the period required by current legislation.

Nothing prevents the USER from using the communication channel to request the deletion of your data before this deadline. However, it is possible that the data will have to be kept to comply with a legal or regulatory obligation, as well as to comply with a court order, fraud prevention (Art. 11, II, “a” of the LGPD), credit protection (Art. 7, X, LGPD), among other legitimate interests provided for in the LGPD.

Once the legal deadlines have been met, personal data will be deleted following an internal methodology or will be kept in an anonymized form for statistical purposes.

 

The EDP Customer Ombudsman is committed to guaranteeing the protection of the security of the personal data made available to it.

Therefore, various technical and organizational security measures are adopted in order to protect the personal data made available to it against dissemination, loss, misuse, alteration, unauthorized processing or access, as well as against any other form of illicit processing.

Notwithstanding the security measures adopted, as an Internet USER, visitors to the website should always adopt additional security measures, such as ensuring that they use a computer and browser that are up-to-date in terms of properly configured security patches, with an active firewall, antivirus and antispyware, and make sure that the sites they visit on the Internet are authentic, and should avoid websites of dubious reputation.

Use of websites presupposes full knowledge of this Privacy Policy, which may be changed without prior notice. It is therefore recommended that visitors check this page regularly so that they are always up to date.

Like other websites, we collect and use information contained in advertisements.

The information contained in the advertisements includes your IP (Internet Protocol) address, your ISP (Internet Service Provider), the browser you used when visiting our website (such as Internet Explorer or Firefox), the time of your visit and which pages you visited within the websites.

EDP Group is not responsible for the privacy policy or content of third-party websites. USERS should always consult privacy policies if they consult another website from the websites.

This document shall be governed by and construed in accordance with the laws of the República Federativa do Brasil (Federative Republic of Brazil).  

In the absence of a legal determination to the contrary, the Court of the District of São Paulo, State of São Paulo, is hereby elected as the competent court to settle any questions arising from this document, expressly waiving any other, however privileged.

Use of the EDP Group websites by USERS implies acceptance of the conditions set out in this Privacy Policy, including any changes that may be made.


Date of Publication of the original version: 27/08/2020
Date of publication of the latest version of this document: 08/05/2025