GENERAL ASPECTS
We collect and use some personal data belonging to those who use our website. In doing so, we act as the controller of this data and are subject to the provisions of Federal Law No. 13,709/2018 (General Data Protection Regulation – GDPR).
We take care of the protection of your personal data and, therefore, provide this privacy policy, which contains important information about:
- Who should use our website;
- What data we collect and what we do with it;
- Your rights regarding your personal data;
- How to contact us.
1. Data we collect and reasons for collection
Our website collects and uses some personal data from our users, in accordance with the provisions in this section.
1.1 Personal data provided explicitly by the user
We collect the following personal data that our users expressly provide to us when using our website:
– Full name;
– Document;
– Address;
– Email;
– Contact message;
– Phone number.
The collection of this data occurs at the following times:
- When the user uses a form;
- When the user registers on the website;
- When the user makes a purchase.
The purposes for which we collect this data are:
- So that the user can purchase our products and services;
- So that the user can contact our SAC (customer service);
- So that the user can receive information from the company, as well as products and services, in their email.
1.2 Personal data obtained in other ways
We collect the following personal data from our users:
- IP address;
- Geolocation data;
- Transaction data made through the website.
The collection of this data occurs at the following times:
- When the user logs in and logs out of the site;
- When the user makes a purchase;
- When the user clicks on a product;
- When the user fills out a form.
These data are collected for the following purposes:
- Ensure the security and authenticity of transactions made on the site;
- Comply with legal requirements for storing access logs to applications;
- Personalize the user experience.
1.3 Sensitive data
Sensitive data of our users, as defined in articles 11 and following of the Personal Data Protection Law, will not be collected. Therefore, there will be no collection of data regarding racial or ethnic origin, religious belief, political opinion, union membership, or organization of a religious, philosophical, or political nature, data related to health or sexual life, genetic or biometric data, when linked to a natural person.
1.4 Cookies
Cookies are small text files automatically downloaded to your device when you access and browse a website. They essentially serve to identify devices, activities, and user preferences.
Cookies do not allow any file or information to be extracted from the user’s hard drive, nor is it possible, through them, to access personal information that did not come from the user or how they use the site’s resources.
a. Site cookies
Site cookies are those sent to the user’s computer or device and managed exclusively by the site.
The information collected through these cookies is used to improve and personalize the user experience, and some cookies may, for example, be used to remember user preferences and choices, as well as to offer personalized content.
b. Third-party cookies
Some of our partners may set cookies on users’ devices that access our website.
These cookies generally aim to enable our partners to offer their content and services to the user who accesses our site in a personalized way, by obtaining browsing data extracted from their interaction with the site.
Users can obtain more information about third-party cookies and how the data obtained from them is processed, as well as access the description of the cookies used and their characteristics, by accessing the following link:
Google Analytics: https://developers.google.com/analytics/devguides/collection/gajs/cookie-usage;
Entities responsible for collecting cookies may share the information obtained with third parties.
c. Cookie management
Users can oppose the registration of cookies by the site by simply deactivating this option in their own browser. More information on how to do this in some of the main browsers used today can be accessed from the following links:
Internet Explorer: https://support.microsoft.com/pt-br/help/17442/windows-internet-explorer-delete-manage-cookies
Safari: https://support.apple.com/pt-br/guide/safari/sfri11471/mac
Google Chrome: https://support.google.com/chrome/answer/95647?hl=pt-BR&hlrm=pt
Mozilla Firefox: https://support.mozilla.org/pt-BR/kb/ative-e-desative-os-cookies-que-os-sites-usam
Opera: https://www.opera.com/help/tutorials/security/privacy
However, deactivating cookies may affect the availability of some tools and functionalities of the site, compromising its correct and expected operation. Another possible consequence is the removal of user preferences that may have been saved, affecting their experience.
Collection of data not expressly provided
Occasionally, other types of data not expressly provided in this Privacy Policy may be collected, provided they are provided with the user’s consent, or that the collection is permitted based on another legal basis provided by law.
In any case, data collection and the processing activities arising from it will be informed to the website’s users.
2. Sharing of personal data with third parties
We do not share your personal data with third parties. However, we may do so to comply with any legal or regulatory requirements, or to comply with any order issued by a public authority.
3. How long will your personal data be stored
The personal data collected by the site is stored and used for a period of time that corresponds to the necessary to achieve the purposes listed in this document and that considers the rights of its holders, the rights of the site controller, and the applicable legal or regulatory provisions.
Once the storage periods for personal data have expired, they are removed from our databases or anonymized, except in cases where there is a possibility or need for storage due to legal or regulatory provisions.
4. Legal bases for the processing of personal data
Each operation of processing personal data needs to have a legal basis, that is, a legal justification that authorizes it, provided for in the General Data Protection Law.
All our activities of processing personal data have a legal basis that underlies them, among those allowed by law. More information about the legal bases we use for specific personal data processing operations can be obtained from our contact channels, provided at the end of this Policy.
5. User rights
The user of the site has the following rights, conferred by the Personal Data Protection Law:
- confirmation of the existence of treatment;
- access to data;
- correction of incomplete, inaccurate, or outdated data;
- anonymization, blocking, or deletion of unnecessary, excessive, or processed data in breach of the law;
- portability of data to another service or product provider, upon express request, in accordance with the regulation of the national authority, observing commercial and industrial secrets;
- deletion of personal data processed with the consent of the data subject, except in cases provided for by law;
- information from public and private entities with which the controller has shared data;
- information about the possibility of not providing consent and about the consequences of refusal;
- withdrawal of consent.
It is important to highlight that, according to the GDPR, there is no right to delete data processed based on legal bases other than consent unless the data is unnecessary, excessive, or processed in breach of the law.
5.1 How the data subject can exercise their rights
To ensure that the user intending to exercise their rights is indeed the data subject of the personal data subject to the request, we may request documents or other information that may assist in their correct identification, in order to safeguard our rights and the rights of third parties. This will only be done, however, if absolutely necessary, and the requester will receive all related information.
6. Security measures in the processing of personal data
We employ technical and organizational measures to protect personal data from unauthorized access and situations of destruction, loss, misuse, alteration, or disclosure.
The measures we use take into account the nature of the data, the context and purpose of the processing, the risks that a potential breach would pose to the rights and freedoms of the user, and the standards currently employed in the market by companies similar to ours.
Among the security measures adopted by us, we highlight the following:
- Our users’ data is stored in a secure environment;
- We limit access to our users’ data so that unauthorized third parties cannot access it;
- We use SSL (Secure Socket Layer) certificate so that data transmission between users’ devices and our servers occurs in an encrypted manner;
- We keep records of all those who have, in some way, contact with our data.
Although we do everything within our reach to prevent security incidents, it is possible that a problem may occur solely due to a third party – such as in the case of hacker or cracker attacks or, even, due to the exclusive fault of the user, which occurs, for example, when they transfer their data to a third party. Thus, although we are generally responsible for the personal data we process, we exempt ourselves from liability if an exceptional situation like these occurs, over which we have no control.
In any case, if any type of security incident occurs that may generate a relevant risk or damage to any of our users, we will notify the affected parties and the National Data Protection Authority about the incident, in accordance with the provisions of the General Data Protection Law.
7. Complaint to a supervisory authority
Without prejudice to any other administrative or judicial remedy, data subjects who feel, in any way, harmed, may submit a complaint to the National Data Protection Authority.
8. Changes to this policy
This version of the Privacy Policy was last updated on: 16/11/2021.
We reserve the right to modify these rules at any time, especially to adapt them to any changes made on our website, either by providing new features, by deleting or modifying existing ones.
Whenever there is a modification, our users will be notified of the change.
9. How to contact us
To clarify any doubts about this Privacy Policy or about the personal data we process, contact our Personal Data Protection Officer through one of the channels mentioned below:
Email: [email protected]