Privacy Police

This site is maintained and operated by SHIRLEY PEREIRA DO NASCIMENTO FERNANDES
We collect and use some personal data from those who use our site. In doing so, we act as the data controller and are subject to the provisions of Federal Law No. 13,709/2018 (General Data Protection Law – LGPD).
We take care to protect your personal data, which is why we provide this privacy policy containing important information about:

– Who should use our site    
– What data we collect and what we do with it    
– Your rights regarding your personal data    
– How to contact us

1. Data We Collect and Reasons for Collection

Our site collects and uses some personal data from our users as detailed in this section.

1. Personal Data Provided Explicitly by the User
We collect the following personal data that our users explicitly provide when using our site:
Name and surname, address, ZIP code, city, state, type of person (individual or corporate), and email.
Data collection occurs in the following instances:
When the user fills out contact and scheduling forms on the site.
The data provided by our users is collected for the following purposes:
To enable users to make contact and request a service
To send our service proposal to registered users
To send offers to our users through channels provided by the user such as email and phone.

2. Personal Data Obtained in Other Ways
We collect the following personal data from our users:
IP address
Geolocation data
Data collection occurs in the following instances:
While the user navigates the site
These data are collected for the following purposes:
To comply with legal requirements for storing access records to applications
To gather statistical information on access and sources of access for measuring marketing actions
To personalize user experience

3. Sensitive Data
We do not collect sensitive data from our users, as defined in Article 11 and subsequent articles of the Personal Data Protection Law. Therefore, we do not collect data on racial or ethnic origin, religious beliefs, political opinions, union affiliation, or membership in religious, philosophical, or political organizations, health data, sexual life data, genetic or biometric data when linked to an individual.

4. Cookies
Cookies are small text files automatically downloaded to your device when you access and browse a site. They are used mainly to identify devices, activities, and user preferences.
Cookies do not allow any file or information to be extracted from the user's hard drive, nor do they provide access to personal information not provided by the user or their usage of site resources.

a. Site Cookies
Site cookies are those sent to the user's computer or device exclusively by the site.
The information collected through these cookies is used to improve and personalize the user experience. Some cookies may, for example, be used to remember user preferences and choices, as well as to offer personalized content.

b. Third-Party Cookies
Some of our partners may set cookies on users' devices accessing our site.
These cookies generally enable our partners to offer personalized content and services to the user accessing our site by obtaining browsing data from their interaction with the site.
Users can find more information about third-party cookies and how the data obtained from them is processed, as well as a description of the cookies used and their characteristics, by visiting the following links:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=pt-BR     
https://adssettings.google.com/authenticated     
https://optout.aboutads.info/?c=2&lang=EN
The entities responsible for collecting cookies may share the obtained information with third parties.

c. Cookie Management
Users may object to the registration of cookies by the site by disabling this option in their own browser. More information on how to do this in some of the major browsers today can be accessed through the following links:
Internet Explorer:     
https://support.microsoft.com/pt-br/help/17442/windows-internet-explorer-delete-manage-cookies
Safari:     
https://support.apple.com/pt-br/guide/safari/sfri11471/mac
Google Chrome:     
https://support.google.com/chrome/answer/95647?hl=pt-BR&hlrm=pt
Mozilla Firefox:     
https://support.mozilla.org/pt-BR/kb/ative-e-desative-os-cookies-que-os-sites-usam
Opera:     
https://www.opera.com/help/tutorials/security/privacy/
However, disabling cookies may affect the availability of some site tools and functionalities, compromising its correct and expected operation. Another possible consequence is the removal of user preferences that may have been saved, affecting their experience.

5. Collection of Unspecified Data
Occasionally, other types of data not expressly covered in this Privacy Policy may be collected, provided they are given with the user's consent, or if the collection is permitted based on another legal basis provided by law.
In any case, the data collection and subsequent processing activities will be informed to the site's users.

2. Sharing of Personal Data with Third Parties

We share some of the personal data mentioned in this section with third parties.
The shared data includes:
Name, email, phone, and company name.
This data is shared for the following reasons and purposes:
Data such as name, email, phone, and company name are shared for marketing and advertising actions carried out by a communication and marketing agency partnered with the controller.
In addition to the situations mentioned here, we may share data with third parties to comply with legal or regulatory requirements or to comply with orders issued by public authorities.
In any case, personal data sharing will comply with all applicable laws and regulations, always aiming to ensure the security of our users' data, in line with market standards.

3. Data Retention Period

The personal data we collect will be stored and used for the following periods:
Data is stored for up to 5 years, unless the user requests data deletion through one of our communication channels.
The specified periods are no longer than strictly necessary, serving the purposes and legal justifications for data processing.
It should be noted that if there is any legal or regulatory justification, data may continue to be stored even if the purpose for which it was collected or processed has been fulfilled.
Once processing is complete, in accordance with this section, data will be deleted or anonymized.

4. Legal Bases for Personal Data Processing

A legal basis for personal data processing is a legal foundation provided by law that justifies it. Thus, each personal data processing operation must have a corresponding legal basis.

We process our users' personal data in the following situations:
– With the consent of the data subject
– To comply with a legal or regulatory obligation by the controller
– For the regular exercise of rights in judicial, administrative, or arbitration processes
– For the execution of a contract or preliminary procedures related to a contract in which the data subject is a party, at the request of the data subject
– When necessary to meet the legitimate interests of the controller or a third party
– For credit protection

1. Consent
Certain personal data processing operations on our site will depend on the user's prior consent, which must be given freely, informed, and unequivocally.
The user may withdraw consent at any time, and if there is no legal basis allowing or requiring data retention, data provided with consent will be deleted.
Additionally, if desired, the user may refuse consent for specific data processing activities based on consent. In such cases, it is possible that some site functionalities dependent on that processing may not be available. The consequences of refusing consent for a specific activity will be informed before processing.

2. Compliance with Legal or Regulatory Obligations by the Controller
Some personal data processing operations, particularly data storage, will be carried out to comply with legal or regulatory obligations applicable to our activities.

3. Legitimate Interest
For certain personal data processing operations, we rely solely on our legitimate interest. To learn more about specific cases where we use this legal basis or to obtain more information about the tests we conduct to ensure its use, please contact our Personal Data Protection Officer through one of the channels listed in this Privacy Policy, in the "How to Contact Us" section.

5. User Rights

The site user has the following rights granted by the Personal Data Protection Law:
– Confirmation of the existence of processing     
– Access to data     
– Correction of incomplete, inaccurate, or outdated data     
– Anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed data     
– Portability of data to another service or product provider, upon express request, in accordance with the national authority's regulations, observing commercial and industrial secrets     
– Deletion of personal data processed with the consent of the data subject, except in cases provided by law     
– Information on public and private entities with which the controller has shared data     
– Information about the possibility of not providing consent and the consequences of refusal     
– Withdrawal of consent

It is important to note that, under LGPD, there is no right to delete data processed based on legal bases other than consent unless the data is unnecessary, excessive, or processed in non- compliance with the law.

1. How the Data Subject Can Exercise Their Rights
To ensure that the user requesting to exercise their rights is indeed the data subject of the request, we may request documents or other information that can assist in their proper identification, in order to protect our rights and the rights of third parties. This will only be done if absolutely necessary, and the requester will receive all related information.

6. Security Measures in Personal Data Processing

We employ technical and organizational measures to protect personal data from unauthorized access and from destruction, loss, theft, or alteration.
The measures we use take into account the nature of the data, the data, the context and purpose of processing, the risks that a potential breach would pose to the rights and freedoms of the user, and the current market standards for similar companies.
Among the security measures we adopt, we highlight the following:
User data is stored in a secure environment.
Access to user data is restricted so that unauthorized third parties cannot access it.
We use SSL (Secure Sockets Layer) certification to ensure that data transmission between users' devices and our servers is encrypted.
We maintain records of all individuals who have had any form of contact with our data.
Although we take all possible measures to prevent security incidents, it is possible that issues may arise due to third parties—such as hacker attacks—or due to the user's exclusive fault, for example, if they share their data with a third party. Therefore, while we are generally responsible for the personal data we process, we disclaim responsibility for exceptional situations beyond our control.
In any case, if a security incident occurs that could pose significant risk or damage to any of our users, we will notify the affected parties and the National Data Protection Authority, in compliance with the General Data Protection Law.

7. Complaint to a Regulatory Authority

Without prejudice to any other administrative or judicial recourse, data subjects who feel aggrieved in any way may file a complaint with the National Data Protection Authority.

8. Changes to This Policy

This version of the Privacy Policy was last updated on: 08/04/2021.
We reserve the right to modify these terms at any time, particularly to adapt to any changes made to our site, whether by adding new features or by removing or modifying existing ones.
Whenever there is a change, our users will be notified about the modification.

9. How to Contact Us

For any questions regarding this Privacy Policy or the personal data we process, please contact our Personal Data Protection Officer through the following channel:
E-mail: contato@essencialbaby.com