A SOCIAL S.A.registered with CNPJ No. 28.511.223/0001-32, located at Rua Tobias Barreto, 44 - Mooca, São Paulo/SP - CEP: 03176-000, herein referred to only as SOCIAL, with respect to the holders of personal data, committing to ensure the protection and proper processing of personal data, under the terms of the General Personal Data Protection Law (LGPD), Law No. 13,709, of August 14, 2018, and other relevant laws.
This privacy policy contains information on how we process, in whole or in part, whether automated or not, the personal data of users who use our services. In addition, this policy is intended to inform you of your rights.
For a better understanding of our privacy and data protection policy, below we highlight the main terms and concepts used in this document:
Controller: the natural or legal person, whether governed by public or private law, who is responsible for decisions relating to the processing of personal data;
Personal details: is information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an electronic identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Sensitive personal data: personal data concerning racial or ethnic origin, religious conviction, political opinion, membership of a trade union or religious, philosophical or political organization, data concerning health or sex life, genetic or biometric data, when linked to a natural person;
Operator: Natural or legal person, public or private, who processes personal data on behalf of the Controller;
Software: Set of logical components of a computer or data processing system; program, routine or set of instructions that control the operation of a computer; software;
Treatment: any operation carried out with personal data, such as those relating to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction;
Holder: the natural person to whom the Personal Data being processed relates; and
Data Protection Officer (DPO): The person responsible for coordinating compliance with the Data Protection Policy and applicable local legal/regulatory requirements will also act as the channel with Data Subjects and the National Data Protection Authority.
A SOCIAL does not collect and process personal data without there being a need, specific purpose, legal basis and compatible with the purpose of access control and security management.
The personal data processed will only be processed by those people who have the level of privilege and need for access, thus guaranteeing that your data will not be viewed by employees or service providers of the company. SOCIAL extraneous to the purpose for which the data is collected.
The Operators contracted to process your personal data on behalf of SOCIAL will only have access to the data necessary for the purpose of such processing, and must always follow the lawful guidelines transmitted by the Controller, in this case the SOCIAL.
A SOCIAL when acting as Controller of personal data to fulfill the purpose of providing services, will respect the legal guidelines and parameters of good market practices to better serve customers.
The Controller is the one who determines the purposes and means of processing personal data and the Operator is the one who carries out the processing of personal data on behalf of the Controller.
When processing personal data SOCIAL will be considered the Controller of personal data, i.e. it has the autonomy to define the essential rules on processing.
When the SOCIAL processing personal data relating to internal operations, it will also be considered a controller, under the terms of the LGPD and the processing of personal data will comply with all the guidelines established in this policy and other internal rules or procedures adopted by SOCIALas well as observing legal guidelines relating to the treatment it carries out.
A SOCIAL provides services directly related to the management and operation of e-commerce, precisely based on commercial partnership/service provision contracts in which the decisions and rules for the operation are necessarily guided by its clients (Brands), in order to direct the services of the SOCIALIn addition to their expertise, they sometimes provide support by pointing out the best practices, strategies and solutions to be implemented in e-commerces.
A SOCIAL plays the role of Operator, where the Brands, clients of the SOCIALare Controllers, since decisions on the processing of personal data come from them when they start contracting the services of e-commerce solutions and determining which processes will be carried out, in relation to Logistics, Customer Service, Payments, Store Management, Technology and Marketing, as well as the ways in which personal data will be operated in these processes.
We present the personal data processing operations carried out by SOCIAL.
It is important to clarify that in addition to the hypotheses presented below, the SOCIAL may also process personal data to comply with judicial, police and other competent public authority requests, including the ANPD.
The data collected by SOCIAL through its website are provided by you via the form on the "contact" page so that we can get in touch to answer your message.
A SOCIAL may also collect data related to the provision of services to customers, which are specified below and, depending on the service provided, additional data may be requested, always in accordance with the specific purpose for which they are intended and in a transparent manner with the holder.
A SOCIAL uses Cookies to improve the use and functionality of its pages and services, as well as to better understand how visitors use them and the tools and services offered there. Cookies help to adapt the pages and services of SOCIAL to the personal needs of users, improve their experience and make it increasingly easier to use.
Session cookies: are temporary cookies, so no record is left on the user's hard disk. The information obtained by these cookies is used to analyze site traffic patterns and identify problems, which allows us to improve the site's content and navigation;
Analytical cookies: are those that allow statistical analysis of how users use the site, highlighting products or services that may be of interest to users and monitoring the performance of the site, knowing which pages are the most popular, or to determine why some pages are receiving error messages. These cookies are only used for the purposes of statistical creation and analysis, without ever collecting personal information;
Functionality cookies: functionality cookies make it possible to remember the user's preferences for browsing the websites, so there is no need to reconfigure and personalize them each time they visit; and
Advertising cookies: are those that allow us to manage the offer of advertising space on the site more efficiently, being able to analyze your browsing habits and show you advertising related to your browsing profile. They record user preferences, so you don't have to customize the site every time you visit.
We would like to emphasize that by following the best practices in favor of maintaining your privacy, the SOCIAL adheres to the Privacy by Design model, keeping the basic settings of its data collection adjusted to the minimum collection of cookies and data in order to enable navigation and use of the site, and the owner can change their settings at any time.
The pages or services of SOCIAL or its partners may also use other tracking technologies, including IP addresses, log files and web beacons, which also help tailor websites to your personal needs.
Information is also collected on the origin of the access (whether it came from a search engine, social network, direct address, etc.), as well as the pages of the site that the user visits, in order to better identify the subjects of the access. SOCIAL that are of interest to you.
If you fill in a form on the website, other data may be collected, such as name, company name, telephone numbers, e-mail address, etc. All data provided will be stored in our database.
Depending on the type of Holder (employees, suppliers, partners, customers) and how this Holder interacts with the SOCIAL various categories of information are collected, as follows:
Personal contact information: any information provided for contact purposes, such as personal name, e-mail address and telephone number;
Information for drawing up contracts: Any information required for internal client registration and the drafting of the service contract that will be carried out by SOCIALThis includes the name, document number, personal address, business address, e-mail address and contact telephone number of the representatives;
Personal information for billing: Personal data needed for invoicing, such as issuing invoices and payment slips. These include name, CPF number, address, e-mail address and contact telephone number.
Personal data for customer service activities: When you purchase our services, we collect your personal data in order to: issue invoices, carry out billing, make estimates, provide the service for which we have been contracted and to maintain effective and efficient communication;
Personal data of future clients: When you show interest in contracting our services, we may collect your personal data in order to prepare quotes and send you proposals;
Personal data of service providers: By providing SOCIAL In order to provide you with a certain service, we may collect your personal data for the purposes of contacting you, payment transactions, invoicing, issuing invoices, doing business and maintaining efficient communication;
Personal data for recruiting and selecting candidates: If you are interested in a job vacancy and take part in a selection process at the SOCIALWe will process your personal data for recruitment and selection processes. For those not selected, their data remains in our talent banks for future selection processes.
Personal data of employees: If you work with us, we do so in order to fulfill our legal obligations, make payments, control time off and vacations, carry out internal company activities involved in the execution of the employment contract and in order to make the established relationship viable.
For a better understanding of the purpose for which the personal data collected by SOCIAL in the capacity of Operator during the execution of services for its clients (Brands), we highlight the following hypotheses of interaction with the SOCIAL and how we process Your personal data in our role as a service provider:
Personal Data for the provision of services related to Marketing: The Brands' customers access the e-Commerce managed by SOCIAL to get to know the products on offer, and may register to keep in touch and receive promotions and news made available in the virtual store, thus demonstrating their interest in maintaining this relationship. Data that can be collected Name and surname; and E-mail address.
Personal data for the provision of services related to the Satisfaction Survey: we can send satisfaction surveys to improve our services, as we always aim to provide the best service based on your expectations and experiences. Data that can be collected First and last name; and E-mail address.
Personal Data for service provision activities related to Purchasing and Order Management: information is collected when you make a purchase, including order processing, payment and delivery to the location you have informed us about. Data that can be Collected: Name and surname; ID; CPF; E-mail address; Order number; Full address; Telephone number; Bank details; and Credit card details.
Personal Data for service provision activities related to Customer Service (SAC): you may need to talk to us about a wide variety of issues, for example: obtaining information and monitoring the status of your order, exchanging or returning products, changing your address; making suggestions or complaints, etc. Data that can be collected First and last name; e-mail address; order number; address; telephone number; and voice recording.
Personal Data for the provision of services related to Online Browsing: we collect information when you browse our electronic platforms, through cookies that you have previously agreed to when accessing the site. Data that may be Collected: Personal description or preferences; GPS location; Consumption habits; Order details.
The personal data collected from users will be used to identify subjects of interest to them with the SOCIALIt can also be used to communicate with users, providing information on services, or for internal management of the office's activities.
Some of the uses listed above incorporate the concept of Data Processing, which are operations that can be carried out by the SOCIAL about the personal data or the set of personal data.
A SOCIAL may process the Personal Data collected for:
Data is only kept for as long as it is necessary to fulfill the purpose for which it was collected, and when the SOCIAL The maintenance of data will be in accordance with the guidelines presented by the Controller.
The registration information provided by the holder will be kept for the period necessary to fulfill the established purposes or until the holder requests its deletion, when applicable.
Even at your request for deletion, the SOCIAL may retain some of your data in the following situations: compliance with a legal or regulatory obligation; study by a research body, transfer to a third party and use by SOCIALwith anonymization of personal data, whenever possible, or as long as the purpose for which it was collected remains.
A SOCIAL may update this Privacy Policy from time to time, either to better adapt it to the conduct of SOCIALor to comply with laws and regulations.
A SOCIAL under no circumstances will it sell, rent or share your personal data, with the exception of sharing for the fulfillment of contracts, legal obligations, court orders and cooperation with the national data protection authority with its employees, service providers and partners.
In any case of sharing, the SOCIAL will make sure that there is a legal basis for sharing the information.
Data and information sharing can take place for:
A SOCIAL also does not share your data for marketing and business intelligence analysis purposes.
I - Confirmation of the existence of treatment;
II - Access to data;
III - correction of incomplete, inaccurate or outdated data;
IV - Anonymization, blocking or deletion of unnecessary, excessive or non-compliant data;
V - Data portability, upon express request;
VI - Deletion of personal data when processed with the consent of the data subject, except in the cases provided for in art. 16 of the LGPD;
VII - Information on public and private entities with which the controller has shared data;
VIII - Information about the possibility of not providing consent and the consequences of refusing; and
IX - Revocation of consent,
In order to respond to your request, we may ask you for some additional information to confirm your identity and prevent unauthorized access to your personal data.
We emphasize that none of these rights are absolute and may not be met, depending on legal provisions and/or other justified denials.
We would just like to remind you that on the legal basis of consent, its withdrawal does not affect the lawfulness of processing based on consent prior to its revocation.
Any request must be sent to us in writing, with clarification of what information you wish to receive. We will respond to your request as soon as possible. If we are unable to fulfill your request regarding access to your information, we will provide reasons for this.
In order to respond to your request, we may ask you for some additional information to confirm your identity and prevent unauthorized access to your personal data.
To request information about the processing of your data, obtain a list of what personal data about you is in our database, request corrections/amendments or request deletion of your personal information from our databases, please contact us at
through the customer service channel: https://www.consulteseusdados.com/socialdigitalcommerce
A SOCIAL has a Data Controller, whose identity and contact information is provided:
Name: Predolim Rocco Moreno Law Firm
E-mail contact: encarregado.socialdigitalcommerce@prmadvocacia.com.br
The requests described above will be subject to an assessment as to the legitimacy of the holder, as well as the possibility of compliance. A SOCIAL will make every effort to respond to such requests in the shortest possible time, and undertakes to respond to your requests even if it is unable to carry out your requests due to legal impediments and other responsibilities it has to fulfill, such as keeping your personal data for regulatory and law enforcement purposes.
When the SOCIAL is the operator of the data, the requests described above and addressed to the Controller are the sole responsibility of the latter, arising from its exclusive analysis of the legality and legitimacy of the processing of Your personal data, as well as the possibility of complying with the request submitted.
The personal data that SOCIAL collection may be stored in a location outside Brazil. In this situation, the transfer will be carried out in a secure manner, with all safeguards being taken in the operation to guarantee the security of your personal data, and will only be transferred if there is a provision in Brazilian law that allows the transfer of your personal data to foreign countries.
The data provided by the data subject is stored and processed on protected servers.
A SOCIAL has physical, logical, technical and administrative security processes that are compatible with the sensitivity of the information collected.
In addition, it strives to meet the security and transparency requirements, the standards of good practice and governance and the general principles established in Law No. 13,709/2018 (General Personal Data Protection Law ("LGPD").
Although SOCIAL uses security measures to protect your Personal Data against unauthorized disclosure, misuse or alteration, there is no guarantee that the information will not be accessed, disclosed, altered or destroyed by breach of any of the physical, technical or administrative safeguards, and in this situation the SOCIAL will take the necessary measures to mitigate the damage.
A SOCIAL undertakes to update this declaration whenever it changes the forms and purposes of the collection and processing of Personal Data.
A SOCIAL reserves the right to make changes to its practices and Privacy Policy at any time, and therefore suggests that this Privacy Policy be accessed periodically.
If you have any questions about SOCIAL's privacy practices or would like to make a request, please contact us by e-mail: encarregado.socialdigitalcommerce@prmadvocacia.com.br.
THIS POLICY WAS APPROVED ON MAY 27, 2023.
