Privacy Policy
This website is maintained and operated by Pége.
We collect and use some personal data belonging to those who use our website. In doing so, we act as the controller of this data and are subject to the provisions of Federal Law No. 13,709/2018 (General Personal Data Protection Law - LGPD). We take care of the protection of your personal data and, therefore, provide this privacy policy, which contains important information about:
-Who should use our website
-What data we collect and what we do with it;
-Your rights in relation to your personal data; and how to contact us.
1. Data we collect and reasons for collection
Our website collects and uses some personal data from our users, as provided in this section.
1.1. Personal data expressly provided by the user
We collect the following personal data that our users expressly provide us when using our website:
full name, CPF, e-mail, address, zip code.
This data is collected at the following times:
when the user makes a purchase and when the user subscribes to our newsletter.
The data provided by our users is collected for the following purposes:
to send offers and generate the purchase invoice.
1.2. Sensitive data
Sensitive data will not be collected from our users, as defined in articles 11 et seq. of the Personal Data Protection Law. Therefore, there will be no collection of data on racial or ethnic origin, religious beliefs, political opinions, membership of a union or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person.
1.3. Cookies
Cookies are small text files that are automatically downloaded to your device when you access and browse a website. They are basically used to identify devices, activities and user preferences.
Cookies do not allow any files or information to be extracted from the user's hard drive, and they do not allow access to personal information that does not originate from the user or how the user uses the website's resources.
a. Website cookies
Website cookies are those sent to the user's computer or device and managed exclusively by the website.
The information collected through these cookies is used to improve and personalize the user experience, and some cookies may, for example, be used to remember the user's preferences and choices, as well as to offer personalized content.
b. Cookie management
The user may oppose the registration of cookies by the website by simply disabling this option in their own browser. More information on how to do this in some of the main browsers used today can be accessed from the following links: Internet Explorer: https://support.microsoft.com/pt-br/help/17442/windows-internet-explorer-delete-manage-cookies Safari: https://support.apple.com/pt-br/guide/safari/sfri11471/mac Google Chrome: https://support.google.com/chrome/answer/95647?hl=pt-BR&hlrm=pt Mozilla Firefox: https://support.mozilla.org/pt-BR/kb/activate-e-desactivate-os-cookies-que-os-sites-usam Opera: https://www.opera.com/help/tutorials/security/privacy/ Disabling cookies, however, may affect the availability of some tools and features. of the website, compromising its correct and expected functioning. Another possible consequence is the removal of user preferences that may have been saved, impairing their experience. 1.4. Collection of data not expressly provided for Occasionally, other types of data not expressly provided for in this Privacy Policy may be collected, provided that they are provided with the user's consent, or that the collection is permitted based on another legal basis provided for by law. In any case, the collection of data and the processing activities resulting from it will be informed to the website users. 2. Sharing of personal data with third parties We do not share your personal data with third parties. Despite this, it is possible that we do so in order to comply with some legal or regulatory determination, or even to comply with an order issued by a public authority. 3. How long your personal data will be stored
Personal data collected by the website are stored and used for the period of time necessary to achieve the purposes listed in this document and which considers the rights of their owners, the rights of the website controller and the applicable legal or regulatory provisions.
Once the personal data storage periods have expired, they are removed from our databases or anonymized, except in cases where there is a possibility or need for storage due to a legal or regulatory provision.
4. Legal bases for the processing of personal data
Each personal data processing operation must have a legal basis, that is, a legal basis, which is nothing more than a justification that authorizes it, provided for in the General Personal Data Protection Law.
All of our personal data processing activities have a legal basis that underpins them, among those permitted by law. More information about the legal bases we use for specific personal data processing operations can be obtained from our contact channels, provided at the end of this Policy.
5. User rights
The website user has the following rights, granted by the Personal Data Protection Law:
- confirmation of the existence of processing;
- access to data;
- correction of incomplete, inaccurate or outdated data;
- anonymization, blocking or deletion of unnecessary, excessive data or data processed in non-compliance with the provisions of the law;
- portability of data to another service or product provider, upon express request, in accordance with the regulations of the national authority, observing commercial and industrial secrets;
- deletion of personal data processed with the consent of the holder, except in cases provided for by law;
- information on the public and private entities with which the controller shared data;
- information on the possibility of not providing consent and on the consequences of refusal;
- revocation of consent.
It is important to highlight that, under the LGPD, there is no right to delete data processed based on legal grounds other than consent, unless the data is unnecessary, excessive or processed in non-compliance with the provisions of the law.
5.1. How the data subject can exercise their rights
To ensure that the user who intends to exercise their rights is, in fact, the data subject of the personal data subject to the request, we may request documents or other information that may assist in their correct identification, in order to protect our rights and the rights of third parties. This will only be done, however, if absolutely necessary, and the applicant will receive all related information.
6. Security measures in the processing of personal data
We employ technical and organizational measures capable of protecting personal data from unauthorized access and from situations of destruction, loss, misplacement or alteration of such data.
The measures we use take into account the nature of the data, the context and purpose of the processing, the risks that a possible violation would generate for the rights and freedoms of the user, and the standards currently used in the market by companies similar to ours.
Among the security measures adopted by us, we highlight the following:
- Our users' data is stored in a secure environment;
- We limit access to our users' data, so that unauthorized third parties cannot access it;
- We keep records of all those who have, in any way, contact with our data.
Although we take everything within our reach to avoid security incidents, it is possible that a problem may occur caused exclusively by a third party - such as in the case of hacker or cracker attacks or, even, in the case of exclusive fault of the user, which occurs, for example, when they themselves transfer their data to a third party. Therefore, although we are generally responsible for the personal data we process, we are exempt from liability in the event of an exceptional situation such as these, over which we have no control.
In any case, in the event of any type of security incident that may generate significant risk or damage to any of our users, we will notify those affected and the National Data Protection Authority of the incident, in accordance with the provisions of the General Data Protection Law.
7. Complaint to a supervisory authority
Without prejudice to any other administrative or judicial remedy, holders of personal data who feel harmed in any way may file a complaint with the National Data Protection Authority.
8. Changes to this policy
This version of this Privacy Policy was last updated on: 11/29/2023.
We reserve the right to modify these rules at any time, especially to adapt them to any changes made to our website, whether by making new features available or by removing or modifying existing ones.
Whenever there is a change, our users will be notified of the change.
9. How to contact us
To clarify any questions about this Privacy Policy or the personal data we process, please contact our Personal Data Protection Officer through any of the channels mentioned below:
E-mail: contato@estudiopege.com