Scroll to top

Data Protection and Privacy Policy

CBL’s Data Protection and Privacy Program reflects its culture of integrity, associated with the importance attached to compliance with the legislation applicable to the activities carried out. CBL has as one of its values the maintenance of the confidentiality and protection of the data that are in the exercise of its activities. Such data includes compensation data, technological, personal information, purchase contracts in addition to any third party data. The purpose of this Policy is to inform everyone involved about how information should be collected, as well as how it will be stored and processed. For this, ethical and moral standards will be verified, as well as the guidelines issued by Law No. 13.709/2018 (“General Law for the Protection of Personal Data” or “LGPD”).

The main point of this Policy is that CBL has as one of its main concerns the storage and responsible disposal of the data entrusted to it and the maintenance of a transparent relationship with the data subjects. That said, the units make their best efforts to comply with the LGPD and Compliance standards. Therefore, the irresponsible treatment of personal and third party data is condemned by CBL and the applicable regulations, national (“General Law for the Protection of Personal Data”) and foreign (“General Data Protection Regulation” or “GDPR”), being prohibited to all those involved conduct such practices, and must prevent this type of attitude and alert the Compliance area if they testify or have legitimate suspicion regarding irregularities.

Our goal is that you, the employee, know how your personal data is treated. We prioritize transparency in this regard and, therefore, if something has not been made clear in this Policy, do not hesitate to clear your doubts with the Compliance area or with the Data Supervisor of your unit.

The collected data is stored on our servers located in Brazil, as well as in an environment of use of resources or servers in the cloud (cloud computing), which may require a transfer and/or processing of that data outside of Brazil.



Done clearly and with the express authorization of the holder through terms, contractual  or electronic “for our website” clauses.

The database formed through the collection of data is the property and responsibility of Usiminas Companies, and its use, access and sharing, when necessary, are made within the limits and purposes of the business described in this Policy.

If outsourced companies carry out the Treatment on behalf of CBL of any Personal Data we collect, they must, mandatorily, respect the stipulated conditions and the rules of information security and confidentiality of their respective contracts.

If you need additional information regarding treatment, use, disposal, anonymization, exclusion, a request must be sent to the Data Officer or DPO.


DPO Walter da Silva Moreira Gilmar Chaves Simone Cardoso

Units of SP/DA/AR

Units of SP/DA

Units of SP/DA