GENERAL TERMS OF USE AND PRIVACY AND DATA PROTECTION DECLARATION
Linked to the SEFRAS Privacy and Data Protection Policy – PPPD.
This Privacy Policy of the Franciscan Solidarity Association (SEFRAS) involves the processing of Personal Data both online and offline, covering Personal Data that is collected through various means, including, but not limited to Sefras physical services, websites on the web, social networks and third-party tools.
By accepting this Policy, you declare that you have read it completely and carefully, being fully aware of this document, giving your free and express agreement with the terms stipulated here, including the collection of personal data, as well as its use for the purposes stipulated below . If you do not agree with the provisions of this Policy, you must discontinue your access or use of SEFRAS websites, landing pages, social networks, as well as not make use of the services made available by it.
1. PURPOSE
SEFRAS, considering:
I. the foundations of Law No. 13,709, of August 14, 2018, which provides for the protection of personal data, namely:
The. respect for privacy;
B. informational self-determination;
w. freedom of expression, information, communication and opinion;
d. the inviolability of intimacy, honor and image;
It is. economic and technological development and innovation;
f. free enterprise, free competition and consumer protection;
g. human rights, the free development of personality, dignity and the exercise of citizenship by natural persons.
II. the entire content of Law No. 12,527, of November 18, 2011, called the Access to Information Law (LAI);
III. the entire content of Law No. 12,965, of April 23, 2014, called Marco Civil da Internet; IV. It undertakes to make this Declaration public and accessible to its employees, users, other interested parties and the general public, which becomes effective under the following terms.
IV. It undertakes to make this Declaration public and accessible to its employees, users, other interested parties and the general public, which becomes effective under the following terms.
2. DEFINITIONS
For the purposes of this Declaration, the following are understood as: a) categorization of information: form of organization of information processing within SEFRAS, corresponding to the so-called “information classification”, in order to guarantee unity and coherence in the processing of data and information ;
The. Holder: natural person to whom the personal data that is subject to processing refers; including those who access SEFRAS services regardless of being the holder of data registered in its systems and services, but who, for this access, provide personal data of any nature, with explicit consent to use.
B. Confidentiality: guarantee that the information is accessible by authorized people;
w. Personal data: information related to a natural person, whether identified or identifiable;
d. Integrity: guarantee of the accuracy and completeness of information and its processing methods;
It is. Partner: legal entity with which Sefras maintains a relationship of cooperation and reciprocal support, through agreements, terms of cooperation or similar;
f. Information security: set of practices and methods aimed at preserving the confidentiality, integrity and availability of information processed within the organization;
g. Processing: any operation carried out with personal data, such as those relating to collection, production, reception, classification, use, access, crossing, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification , communication, transfer, diffusion or extraction;
3. PRIVACY
SEFRAS operates in line with its institutional mission, respecting the right to privacy and aiming to make the best use of information technology to the satisfaction of its donors, partners, those served and society in general, taking into account its sustainability and organizational autonomy, ensuring the stability and continuity of its activities.
Privacy, for the purposes of this Declaration, is considered the attribute of certainty on the part of the user and other interested parties in relation to:
The. the way in which the services, systems, processes and people of the SEFRAS workforce act and behave in relation to these agents;
B. to the reasonable expectation of discretion and preservation of your interests and information of any nature.
3.1 Exceptions
The following information is excluded from the restrictions that privacy imposes, and within the limits of the exceptionality that justifies it:
The. that corresponds to the hypotheses of Article 4 of Law 13,709/2018;
B. public by legal determination;
w. object of a final court decision, for the disclosure or display of information or data;
d. ostensible with a duty of active transparency;
It is. ostensible with a duty of passive transparency;
f. already given, by act of the holder, to public knowledge;
g. existed and managed within the scope of the working relationship between the company and its employees, fundamental to the exercise of management power, within the strict scope of this purpose;
H. data necessary for the legitimate action of SEFRAS in compliance with its institutional mission and within the limits of the appropriate purpose for the applicable legal basis.
3.2 Information Categorization
SEFRAS maintains a systematized information categorization model, in accordance with the Access to Information Law (LAI) and the General Data Protection Law (LGPD), and ensures, in accordance with art. 8th of Law No. 5,615, of October 13, 1970, for the confidentiality of the information and data it processes, whether personal or not, in addition to remaining in line with good security practices and technological treatment, and with the most advanced practices of governance.
3.3 Sensitive Data
SEFRAS understands that the processing of sensitive data (racial origin, religious conviction, politics, union, philosophy and health) is subject to greater legal rigor and more severe supervision by the National Authority and, in this sense, it treats sensitive data exclusively under the palliation of one of the legal hypotheses of Art. 11 of the LGPD, preferably through informed and categorical consent.
3.4 Children's Data
Likewise, with regard to data on children and adolescents, SEFRAS understands that the dissemination of data or images of children is prohibited, as determined by law. Photos of children may only be used with the permission of their parents or guardians.
4. PRINCIPLES OF PERSONAL DATA PROTECTION
The protection of personal data observes the following principles, regarding its application, management and form of interpretation.
4.1 Principle of Personal Data Protection
The processing of personal data within the scope of SEFRAS is carried out with attention to the rights of personal data holders and contractual and legal requirements.
4.2 Current Principle
This Declaration is dynamic and consistent with the state of the art in technology and must be read and interpreted in its latest version, published on the SEFRAS website.
4.3 Principle of Integrity
The services provided by SEFRAS are focused on public purposes and fulfilling its institutional mission of welcoming, caring for and defending, especially those who need help with issues relating to people in vulnerable situations.
4.4 Principle of Purpose
Any and all personal data processing practices within the scope of SEFRAS are consistent with its nature, scope and institutional mission.
4.5 Principle of Adequacy
The processing given by SEFRAS to personal data and the purposes observed are strictly linked to the stated purpose, whether by agreement, law, regulation or public policy and consistent with the legal basis that authorizes it.
4.6 Principle of Necessity
Applications and business rules services, since their conception, observe minimalist rigor, guided by the collection of only data strictly necessary to carry out the purposes and the processing itself.
4.7 Principle of Free Access
In compliance with the rules and rights prescribed in Arts. 9 and 18 of the LGPD, the Holder is guaranteed free access to their personal data, through adequate personal identification, so that there is no prejudice to the principle of security.
4.8 Principle of Transparency
All information posted on the SEFRAS website is transparent, respecting the Principle of Advertising, under the terms of the Law.
4.9 Security Principle
SEFRAS works to constantly update and integrate standards and policies, review procedures and harmonize the level of Privacy management as a basis and security for its users.
4.10 Non-discrimination
Under no circumstances may the decisions, configurations, planning and management of SEFRAS activities in the processing of personal data imply any type of discriminatory direction or bias or attack on individual rights and freedoms, guaranteeing effective dignity in the treatment of natural persons, equality of opportunities, neutrality in the configuration of managed assets and corporate and commercial decisions.
4.11 Accountability Principle
When processing personal data and individual privacy, SEFRAS understands that proactive responsibility must guide the conduct of its employees and decisions at its level of governance, through appropriate processes and compliance with adequate planning aligned with its Privacy Policy and Data Protection.
5. CONTROL EXERCISED BY LGPD
5.1 Controller: natural or legal person, governed by public or private law, who is responsible for decisions regarding the processing of personal data;
5.2 Operator: natural or legal person, governed by public or private law, who processes personal data on behalf of the controller;
5.3 Person in charge: person appointed by the controller and operator to act as a communication channel between the controller, data subjects and the National Data Protection Authority (ANPD).
6. LEGAL COMPLIANCE
SEFRAS declares itself I – In compliance with Law no. 13,709, of August 14, 2018, and committed to maintaining this compliance through the resilient execution of continuous improvement and improvement actions; II – Adherent to the aforementioned principles and committed to maintaining this adherence through the resilient execution of continuous improvement and improvement actions.
7. TERMS OF USE OF SERVICES
SEFRAS may publish specific rules for each service, subject to the general principles of this term and the Privacy and Personal Data Protection Policy, without prejudice to the provisions contained in the signed contracts. SEFRAS is not responsible for malicious practices or personal misuse of content from other websites, nor for the malicious exploitation of data security flaws or illegalities committed by third parties.
7.1 Information Collection
For several services, SEFRAS collects data essential to its operation, such as name and CPF (or Company Name and CNPJ, in the case of Legal Entities), address, email, contact telephone numbers, among others. The holder may choose not to provide any of this information.
7.2 Cookies and Similar Technologies
Cookies are files saved on your computer, tablet or phone whenever you visit a website. Sefras may use cookies and similar technologies, sending small packets of data to your browser, where they are stored on your device. We use necessary cookies to make the website work as well as possible and always improve our services. Cookies allow us to better understand user behavior, informing which pages and content on our websites have been visited, in addition to contributing to the effectiveness of content distribution. We use cookies to store information about how you use our website, the pages you visit and to make your experience as pleasant as possible.
Most browsers are preset to automatically accept cookies. In the settings it is possible to change this rule, however, with cookies disabled, some website features may not work properly. By clicking “I understand”, you agree to our use of cookies.
To understand the types of cookies we use, read below:
Firstly, we have to differentiate between permanent cookies and session cookies.
The. Necessary Cookies: as the name suggests, these cookies are necessary to enable certain website features and the use of our services.
B. Permanent Cookies: these are those that are stored in your browser, even after you have finished accessing the website.
w. Temporary Cookies: are those that are only collected while you access the website, after closing the session they are not stored.
d. Analytical Cookies: are those that enable the collection and analysis of statistical data, allowing you to check which pages you accessed, how many times these pages were accessed, which aim to improve the performance and functioning of the website.
It is. Functionality Cookies: these cookies are responsible for saving your preferences for use on our website, so you do not need to select them again.
f. Advertising Cookies: are those intended to collect information to enable advertisements and personalize publication. Cookies used:
As mentioned previously, the only cookies that we necessarily use are necessary cookies, as these guarantee and allow the website to function. However, if the user desires a more complete experience, they can also authorize other cookies, thus customizing their cookie settings and preferences.
With the exception of necessary cookies, you are not required to consent to the use of cookies.
Our website does not automatically collect cookies, therefore, if you wish to have a better and complete experience on our website, we suggest that you authorize all cookies.
Most Internet browsers already have settings to automatically accept cookies. You can change your settings to block cookies or alert you when a cookie is being sent to your device. Consult your browser instructions or help section to learn more about adjusting or changing your browser settings.
If you choose not to allow certain cookies, some website functionality may not work correctly.
7.3 Use of Information
The information collected during browsing allows us to offer customized services, study preferences and, consequently, provide a browsing experience that is closer to the interests of each user.
SEFRAS may also use this information for purposes of communicating with users, clients and partners. The data collected may be used to send advertising and promotional materials, including digital campaigns (such as targeted marketing on social networks and push notifications) and conventional media. You may, at any time, opt out of receiving marketing emails via or from the unsubscribe link provided in the email itself. SEFRAS uses Google Display Advertising, and implements the remarketing functionality to advertise online, as long as you already agree with the terms mentioned here.
In this way, notices and information about services developed by SEFRAS may be sent, which may be inhibited by the user. The information may also be used in audits, statistical analysis, data science, development and improvement of services provided by the company.
7.4 Sharing Information with Third Parties.
SEFRAS will not pass on the information collected to third parties or partners. Any and all information regarding SEFRAS users will only be passed on with their express approval or by court order.
8. CHANGES TO THE PRIVACY POLICY
Whenever SEFRAS changes any treatment or process involving the HOLDER's Personal Data, this Policy will be updated. Any and all practices adopted by this Policy may be updated or revised at any time, always aiming to maintain compliance with current legislation.
9. GENERAL PROVISIONS
This Privacy Policy only covers SEFRAS and does not apply to services that have a separate Privacy Policy and/or over which we do not exercise any type of interference.
9.1 Third Party Links
If we provide links to third party websites, we are not responsible for the way they are treated and processed, and this privacy policy does not apply to them. It is important to note that these third-party websites have their own privacy policies, over which we have no control. Therefore, we do not have any responsibility or obligation regarding them. We recommend that when accessing these websites, you read the privacy policy of the respective website.
9.2 Legislation and Jurisdiction:
This Privacy Policy and the relationship arising from the actions included herein, as well as any dispute arising as a result thereof, will be regulated exclusively by Brazilian law. The Central Forum of the District of São Paulo/SP is hereby elected to resolve any issue involving this document, the parties renouncing any other, however privileged it may be or may become.