This DPA is incorporated by reference into, and forms part of, the Agreement (Order Form + General Terms). Acceptance of the General Terms constitutes acceptance of this DPA, with no separate signature. For matters of personal-data processing, this DPA controls over the General Terms. Provider: VISIO SERVIÇOS DE TECNOLOGIA LTDA., CNPJ 46.173.861/0001-72 (“Visio”).
1. Definitions
1.1 “Applicable Data Protection Law” means the LGPD (Lei 13.709/2018) and, where applicable, the GDPR and other data-protection laws that apply to the processing.
1.2 “Controller”, “Operator” (processor), “Personal Data”, “Processing”, “Data Subject”, and “Personal Data Breach” have the meanings given in the LGPD (and GDPR where applicable).
1.3 “Customer Personal Data” means Personal Data within the Customer Data that Visio processes on the Customer’s behalf. “Sub-processor” means a third party engaged by Visio to process Customer Personal Data.
2. Roles and Instructions
2.1 The Customer is the Controller and Visio is the Operator. Visio processes Customer Personal Data only on the Customer’s documented instructions, which consist of the General Terms, the Order Form, this DPA, and the configuration the Customer sets within the Services.
2.2 Visio processes Customer Personal Data only to provide and support the Services and as described in Annex I (nature and purpose, data types, categories of Data Subjects, duration).
2.3 Visio informs the Customer if, in its opinion, an instruction infringes Applicable Data Protection Law.
3. Visio Obligations
3.1 Confidentiality. Visio ensures personnel authorized to process Customer Personal Data are bound by confidentiality.
3.2 Security. Visio maintains the technical and organizational measures in Annex II.
3.3 Assistance. Taking into account the nature of processing, Visio assists the Customer, by appropriate measures, with: responding to Data Subject requests; security, breach notification, and data-protection impact assessments; and inquiries from the ANPD or another authority.
4. Sub-Processors
4.1 The Customer provides a general authorization for Visio to engage the Sub-processors listed in Annex I.
4.2 Visio notifies the Customer of any intended addition or replacement of a Sub-processor and allows the Customer to object on reasonable data-protection grounds within thirty (30) days.
4.3 Visio imposes data-protection obligations on each Sub-processor that are comparable to those in this DPA and remains liable for the Sub-processor’s acts and omissions.
5. Personal Data Breach
5.1 Visio notifies the Customer of a Personal Data Breach affecting Customer Personal Data without undue delay after becoming aware of it. The notification timeline aligns with the LGPD/ANPD and GDPR Article 33 expectations (target: within seventy-two (72) hours to the authority where the Customer is the reporting Controller).
5.2 Internal client tiers: Visio uses an internal triage (initial alert within two (2) hours of confirmation, qualified assessment within eight (8) hours) before the Customer notification in 5.1.
5.3 The notification describes, to the extent known, the nature of the breach, the categories and approximate number of Data Subjects and records, likely consequences, and the measures taken or proposed.
6. International Transfer
6.1 Where Customer Personal Data is transferred outside Brazil (for example, to the Sub-processors in Annex I), Visio relies on a transfer mechanism permitted by Applicable Data Protection Law and applies appropriate safeguards.
7. Special-Category Data (LGPD Art. 11)
7.1 Some Tools may process sensitive Personal Data (for example, health data such as CID-10 codes, national identifiers, voice, or geolocation). The Customer is responsible for having a lawful basis for such data. Tools that process sensitive data are contracted only under the additional safeguards of this DPA, and the enhanced liability cap in General Terms 9.4 applies to breaches affecting that data.
8. Data Subject Rights
8.1 Visio provides the Customer with the means, within the Services or on request, to access, correct, delete, port, or restrict Customer Personal Data, so the Customer can meet Data Subject requests.
9. Return and Deletion
9.1 On termination, Visio deletes or returns Customer Personal Data per General Terms 11.6, except where retention is required by law.
9.2 Deletion does not extend to aggregated or de-identified data, nor to AI/ML model parameters already derived from aggregated or de-identified data, as set out in General Terms 14.3.
10. Audits
10.1 Visio makes available information reasonably necessary to demonstrate compliance with this DPA and, on reasonable prior notice and subject to confidentiality, allows audits limited in scope, frequency, and duration to what is proportionate.
11. Franchise / Multi-Controller Addendum
11.1 In a franchise or group arrangement contracted through a single matrix CNPJ (General Terms), each store entity is the Controller of its own store data, and the contracting matrix entity funds and administers the Services.
11.2 Data parity: each store accesses its own data. Data shared with the franchisor or matrix entity is limited to aggregated metrics; raw video, PII, and store-identifiable detail are not disclosed to the franchisor or matrix entity unless that entity is itself a Controller of that data or the relevant store authorizes it.
11.3 Aggregation threshold: cross-store aggregates use a minimum group size (k-anonymity, k >= 5) so an individual store or person cannot be re-identified.
11.4 Lawful-request protocol: requests for another entity’s data follow a documented protocol and are honored only with a lawful basis.
12. General
12.1 This DPA controls over the General Terms for personal-data matters. It is governed by the laws of Brazil, with forum in São Carlos/SP. It survives for as long as Visio processes Customer Personal Data.
Annex I — Processing Details and Sub-Processors
Nature and purpose: providing the contracted Tools and Services. Data types: as submitted by the Customer (for example, financial and operational records, documents, employee and store data, and, where the Tool requires it, sensitive data per Section 7). Data Subjects: the Customer’s staff, representatives, and, where applicable, its customers. Duration: the term of the Agreement.
| Sub-processor | Purpose | Used by | Transfer |
|---|---|---|---|
| Pluggy | Open Finance / bank-data connection | Visio DRE | may transfer internationally |
| OpenAI | AI/LLM processing | AI features across Tools | international |
| Google Drive | document / NF-e storage | Visio Inventory | international |
| Google Calendar | scheduling / booking | Visio R&S | international |
| iFood | order and sales integration | Visio Command Center | Brazil |
| Speech-to-text provider | voice transcription | Visio Journal, Visio R&S | as applicable |
Annex II — Security Measures
Visio maintains technical and organizational security measures appropriate to the risk of the processing. This Annex asserts only measures Visio actually maintains; it does not claim any control Visio does not yet have.
Measures Visio maintains:
- Access control and tenant isolation, including row-level security (RLS) so each store accesses only its own data.
- Encryption of Customer Data in transit and at rest.
- Logging and monitoring of access to Customer Personal Data.
- Regular backups of Customer Data.
- Change control for production changes.
Visio continues to formalize and strengthen its security program. Additional controls (for example, independent penetration testing, formal CVSS-based remediation SLAs, and point-in-time recovery) are being implemented and will be reflected here only once in place.