7. WHY DOES HELISUL PROCESS PERSONAL DATA?

In addition to the purposes mentioned above, HELISUL may process personal data to:

• Ensure the satisfactory performance of its business operations;
• Execute sales contracts and conduct credit analysis;
• Protect the rights of customers, the general public, and HELISUL itself;
• Fulfill legal obligations or comply with applicable laws, including responding to legal proceedings or requests from competent authorities, such as the Judiciary, especially to protect the rights and privacy of data subjects, maintain physical or material integrity, comply with the terms of agreements or contracts, or honor our own terms and conditions.

8. DO WE SHARE YOUR PERSONAL DATA?

HELISUL may share customers’ or third parties’ personal data as needed to enable business relationships or for specific, legitimate purposes, with:

• Professional consulting firms offering banking, insurance, accounting, or technical advisory services;
• Partner companies involved in HELISUL’s operations;
• Government entities or tax authorities, such as the Judiciary and/or other competent agencies, to meet legal obligations. This may include, for instance, full identification data;
• Service providers, suppliers, or other partners assisting in activities directly related to HELISUL’s business operations and customer relations.

9. HOW LONG WILL HELISUL RETAIN YOUR PERSONAL DATA?

Your personal data and other information will be retained only for as long as strictly necessary to fulfill the purpose for which it was collected or for the periods established by legal and contractual requirements.

Therefore, in addition to the ongoing review and compliance with these regulations, the General Data Protection Law allows HELISUL to retain personal data of clients, service providers, and the general public, even without consent or in the event of deletion requests, to fulfill one of the following situations:

• Compliance with a legal or regulatory obligation;
• Transfer to a third party, provided your rights are respected and the transfer is in accordance with data protection and privacy laws;
• For exclusive use, with third-party access prohibited, and provided the data is anonymized.

10. SECURE STORAGE OF PERSONAL DATA

HELISUL ensures that all personal data and information provided will be handled in accordance with strict security standards to prevent destruction, loss, alteration, or unauthorized disclosure.

Thus, HELISUL adopts several precautions related to information security, as provided for in applicable laws and regulations:

1. 1. HELISUL implements protections against unauthorized access to its internal systems and directories.
2. 2. HELISUL has safeguards in place to prevent unauthorized access to the physical locations where personal data is stored.
3. 3. HELISUL requires that partner companies, service providers, and suppliers that process personal data are compliant with the General Data Protection Law and maintain absolute confidentiality of the personal data and information they access.

11. WHAT ARE YOUR RIGHTS REGARDING YOUR PERSONAL DATA?

In compliance with applicable regulations regarding the processing of personal data, HELISUL respects and guarantees the data subjects, through request, the following rights:

• Confirm the existence of processing;
• Access your personal data;
• Correct incomplete, inaccurate, or outdated personal data;
• Request the anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed personal data, in accordance with the LGPD;
• Request the portability of personal data to another service or product provider, as regulated by the national authority;
• Delete or anonymize personal data processed based on your consent, except when the law authorizes the retention of such data for another legal basis;
• Obtain information about the possibility of not providing consent to the processing of your personal data and the consequences of such refusal;
• Revoke your consent, as applicable;
• Submit a complaint to the National Data Protection Authority (ANPD);
• Data subjects may exercise any other right provided for by law, even if not listed here. As an exception, your request may not be fulfilled, but if that happens, we will explain the reason. However, we emphasize that this will only occur if there is a legal basis.

12. CONTACT OUR PERSON RESPONSIBLE

HELISUL is prepared to receive and respond to your requests. If necessary, for any reason, or to exercise your rights regarding the processing of Personal Data, contact the Data Protection Officer:

MARTINELLI ADVOCACIA EMPRESARIAL
[email protected]

Contact may also be made by sending letters or other physical means to the address:

Helisul Táxi Aéreo Ltda
Recipient: LGPD Committee
Rua Trajano da Costa Pereira, 348 – Bacacheri – Zip Code 82515-180 – Curitiba-PR – Brazil.

13. REVISION HISTORY AND VERSION CONTROL