This policy is governed by the Terms and Conditions of Use of this app, and its application is conditioned on your acceptance of and compliance with the abovementioned terms.
CHAPTER 1 - INTRODUCTION
CLAUSE 1 - GENERAL INFO
1. In this section, you will find information about how POSTGRAIN treats your whole or partial personal data - which may (or may not) be automated or stored.
1.1. Our objective is to provide you the guidelines regarding the collected info, the reasons why we collect it, and how you will be able to update, manage, export, or even delete the stored info.
1.2. The pursuant of the General Data Protection Law (Brazilian Federal Law No. 13,709 of August 14, 2018) defines personal data treatment as any operation performed with personal data, such as those relating to its collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, erasure, information control or evaluation, modification, communication, transfer, dissemination or extraction;
CHAPTER TWO - USER RIGHTS AND PREFERENCES
CLAUSE 2 - USER RIGHTS
2. POSTGRAIN is committed to following the below-mentioned principles set by the EU General Data Protection Regulation principles, as such:
2.1. In addition to strictly following the EU General Data Protection Regulation principles mentioned above, the general principles of protection of personal data, properly described in Art. 2 and 6 of the EU General Data Protection Regulation, are duly guaranteed.
2.2. Following the regulations regarding the processing of personal data (which are: the Brazilian General Law of Data Protection - Brazilian Federal Law No. 13,709 of August 14, 2018; and the EU General Data Protection Regulation - Law No. 2016/678 of April 27, 2016), the POSTGRAIN USER has the following rights:
2.3. The rights outlined in Item 2.2 above shall be exercised at the express request of the data subject or of legally appointed representatives, as stated in Art. 18 paragraph 3 of the Brazilian General Law of Data Protection. To do this, the USER must send an email to firstname.lastname@example.org or correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).
2.4. The USER may exercise their rights through written communication titled "LGPD - _____" to the app, providing the following information:
2.5. The request shall be sent by e-mail to email@example.com or by correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).
2.6. In face of the USER’s request, POSTGRAIN reserves the right to send them a response within 30 calendar days.
2.7. The USER will also be informed in case of rectification or erasure of their data.
CHAPTER THREE - THE TREATMENT OF DATA
CLAUSE 3 - TYPES OF COLLECTED DATA
3. When you use our services, POSTGRAIN collects some information about you while using the app, as set out below:
3.1. When the USER creates an account, sends us an e-mail, or even insert any sort of data content, POSTGRAIN collects some personal data when you are signing up, which may include name, profile picture, email address, phone number, gender, birth date, and zip code.
3.2. When you are using the app, POSTGRAIN automatically collects as well some certain technical data, such as your GPS location (if you enable this function), your unique device ID, your MAC address, your IP address, your operating system, your browser type and your activity on POSTGRAIN.
3.3. When using POSTGRAIN, the USER may enable or disable the GPS localization services on the browser settings at any time.
3.4. This information (as provided in item 3.3) is not treated as personal data unless the USER combines or links this info with any personally identifiable data aforementioned.
3.6. To better understand how you interact with our services, monitor our users' aggregate usage and web traffic routing on our Services, or to customize and improve our Services, we may use both “session” cookies and “persistent” cookies.
3.8. Personal data necessary for the execution and fulfillment of the services contracted by the POSTGRAIN USER may also be collected.
3.9. Other types of data may eventually be collected provided user’s consent, or due to legitimate interests or other reasons permitted by law.
3.10. The USER undertakes to provide only their personal data and not those of third parties.
As previously described in items 3.1, 3.3. and 3.4., the non-identified data collected by POSTGRAIN are classified (according to art. 5 item 3 in EU General Data Protection Regulation) as anonymized data, in which such information is not linked to a specific holder due to the use of technical means of treatment provided by POSTGRAIN.
Thus, such information cannot be characterized as personal data, since they are collected only to improve the users’ experiences when using the app.
They will only be characterized as personal data if the USER themself combine or link them with any personally identifiable information provided to the app.
CLAUSE FOUR - CONSENT AND REVOCATION
4.1. POSTGRAIN collects the USER’s consent in written form or in any other means that explicitly expresses the holder’s will.
4.2. Persons who are relatively or absolutely incapable (i.e. children over 13 and under 16) will only be able of giving informed consent if they are properly assisted or represented.
4.3. The USER has the right to revoke consent at any time without affecting the lawfulness of the processing based on consent carried out until such revocation.
4.4. By the time the USER requests and confirms their revocation of consent, they will no longer be able to use the POSTGRAIN app. Also, their account will be canceled and their data will be deleted.
4.5. The user can request their revocation of consent by sending an e-mail to firstname.lastname@example.org or correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).
4.6. POSTGRAIN reserves the right to send a response to the USER’s request of revocation of consent, as well as the arrangements concerning the account’s cancelation and termination, within 30 days.
4.7. Once the USER’s consent has been revoked and their account eventually terminated, they will be able to purchase the services again (including the available free service in the platform) SINCE they accept the general terms and conditions of use and other attachments, consenting POSTGRAIN to treat their personal data once again.
4.8. In some jurisdictions, the data controller may be authorized to process personal data without the user’s consent will only be carried out due to legitimate interest or other legal bases specified below:
a) the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
b) the processing is necessary for studies to be developed by a research entity, in which it must be ensured, whenever possible, the anonymization of personal data;
c) the processing is necessary for the execution of a contract with the USER and/or the execution of pre-contractual measures;
d) the processing is necessary for the regular exercise of rights in judicial, administrative, and arbitral proceedings, the latter under the terms of Brazilian Law 9,307 of September 23, 1996 (The Brazilian Arbitration Law).
e) the processing is necessary for the protection of life or physical security of the holder or third party;
f) the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties;
g) the processing is necessary for credit protection purposes, including in what regards the specific legislation.
4.9. The need for the holder’s consent to process personal data is waived, regarding the data made public by the holder, safeguarding the holder's right and the principles established in this Law
CLAUSE FIVE - PURPOSES OF THE PROCESSING OF COLLECTED DATA
How we use the information we collect
5. The USER’s personal data collected by POSTGRAIN is intended to facilitate, expedite, and fulfill the commitments made with the user.
5.1. Personal data may also be used for commercial purposes to personalize the content offered to the user, as well as to subsidize the application to improve the quality and operation of its services.
5.2. Further to the above, POSTGRAIN also uses the collected information for the following specific purposes:
a) to provide our requested information and services, as well as to process and complete all transactions;
b) to answer your email inquiries and complaints, and to provide customer support.
c) to monitor and analyze usage and marketing trends; to customize and improve POSTGRAIN’s experiences when you use the app, such as providing content or features that match your profile or interests (including ads); and to increase the functionality and ease of use of our services.
d) to send you confirmations, updates, security alerts, support, and administrative messages, thus helping to facilitate your use, our management, and the operation of our services.
e) to allow you to add your location to your posts.
5.3. If the app intends to process the user’s personal data for other purposes or to change its purposes for processing personal data that are incompatible with the original consent given by the USER, the holder must be informed about the other purposes by the Data Controller (which must be done in compliance with the same rights and obligations), and they may revoke consent if there is any disagreement with the changes.
CHAPTER FOUR - RECIPIENTS AND TRANSFERS OF PERSONAL DATA
SIXTH CLAUSE - PERSONAL DATA SHARED WITH THIRD PARTIES
What information do we share with third parties?
6. The USER's personal data collected by POSTGRAIN can be shared, through our service, with other social networking services.
6.1. This data sharing is duly consented by the USER when accepting the general terms and conditions of use and its attachments, which can be revoked at any time by the user upon request to POSTGRAIN and due cancellation of the user's account.
6.2. POSTGRAIN will not share personal data collected from the USER with third parties, except as described below:
a) With service providers who work with us in connection with the operation of our website or our services (these service providers have access to your personal information only to perform services on our behalf and are required not to disclose or use it for other purposes).
b) We may share aggregated and non-identifying information with third parties for industry analysis, demographic profiling, and other similar purposes.
c) When you give us consent to share information with third parties, including the notification we send you if the information you provide will be shared in a particular way and you provide such information.
d) When we have a good faith belief that we are legally authorized or required to do or this is reasonably necessary or appropriate to comply with the law, legal processes, respond to legal requests or judicial authorities, including responding to subpoenas, legal orders, or court orders.
6.3. We are not responsible for the actions of the service provider or third parties, nor any additional information you provide directly to third parties.
6.4. The transfer of USER's personal data may only be made to another country, territory, or international organization that is capable of ensuring an adequate level of protection of the user's data.
6.5. If there is no adequate level of protection, the application undertakes to guarantee the protection of your data in accordance with the strictest rules, through specific contractual clauses for the specific transfer, standard-contractual clauses, global corporate norms or seals, certificates, and regularly issued codes of conduct.
CHAPTER 5 - CONSERVATION OF PERSONAL DATA
CLAUSE SEVEN - PERIOD OF CONSERVATION OF PERSONAL DATA
7. The USER's personal data will be kept for the period in which they use POSTGRAIN services.
7.1. If the USER requests the revocation of consent to the treatment of his personal data and his account is duly canceled, the period of conservation of the collected data will be considered to have ended.
7.2. The USER's personal data can only be kept after the end of its processing in the following cases:
a) For the fulfillment of legal or regulatory obligation by the data controller;
b) For studies to be developed by a research entity, in which it must be ensured, whenever possible, the anonymization of personal data;
c) For the transfer to a third party, provided that the data processing requirements provided for in the legislation are respected;
d) For the exclusive use of the controller, access by a third party is prohibited, and provided that personal data are anonymized;
CHAPTER 6 - PERSONAL DATA PROCESSING AGENTS
CLAUSE EIGHT - THE PERSONAL DATA CONTROLLER
8. The controller of the user's personal data is the natural or legal person, public authority, agency or other body that, individually or in conjunction with others, determines the purposes and the means of processing personal data
8.1. In POSTGRAIN, the person responsible for processing personal data collected, (one of the platform's administrators) can be contacted by the e-mail address email@example.com or by correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020-000).
CLAUSE NINE - PERSONAL DATA PROCESSING OPERATOR
9. The operator is the natural or legal person, whether public or private, who processes personal data on behalf of the controller.
9.1. In POSTGRAIN, the person responsible for processing personal data collected, (one of the platform's administrators) can be contacted by the e-mail address firstname.lastname@example.org or by correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).
9.2. The operator will be directly responsible for the processing of the USER's personal data according to the instructions of the controller; by understanding data treatment, as already mentioned, as any operation performed with personal data, such as those referring to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination or extraction;
CHAPTER 7 - PERSONAL DATA PROCESSING
CLAUSE TEN - PERSONAL DATA COMMUNICATION CHARGER
10. The person in charge of the personal data communication is the person indicated by the controller and operator to act as a channel between the controller, the data holders (USERS), and the National Data Protection Authority (ANPD).
10.1. The person in charge of the personal data communication is the professional responsible for informing, advising data processing agents about the application's obligations due to the legislative provisions, besides acting as a POSTGRAIN communication channel, in constant cooperation with the users and with the competent controlling authority.
10.2. In POSTGRAIN, the person in charge of communication regarding the personal data collected is PAULO PEIXOTO, who can be contacted by the e-mail address email@example.com, by the following phone number: +55 81 3072-7745, or by the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).
CHAPTER 8 - SECURITY PRACTICES IN THE PROCESSING OF USER'S PERSONAL DATA
CLAUSE ELEVEN - SECURITY
11. We are very concerned about maintaining the confidentiality of your personally identifiable information. We have implemented a series of administrative, physical, and electronic security measures to protect your information from unauthorized access.
11.1. POSTGRAIN undertakes to apply the appropriate technical and organizational measures to ensure a level of security for the user, taking into account the security techniques applied, the context, the types of data collected, and their purpose in the treatment, as well as the rights and users' freedoms.
11.2. However, POSTGRAIN disclaims liability for the sole fault of third parties, such as in the event of an attack by hackers or crackers, or the exclusive fault of the user, who, for example, transfers his data to third parties.
11.3. We at POSTGRAIN do not sell, buy, or otherwise transfer your personally identifiable information to third parties.
11.4. POSTGRAIN undertakes to notify the USER, in due time, in the event of any type of breach of the security of their personal data, which may cause the user a high risk to their personal rights and freedoms.
11.5. The breach of personal data is a breach of security that causes, accidentally or unlawfully, the destruction, loss, alteration, disclosure, or unauthorized access to transmitted personal data, keeping subjects subject to any other type of treatment.
11.6. POSTGRAIN undertakes to treat the USER's personal data with confidentiality, within the legal limits.
CHAPTER 9 - EXTERNAL LINKS
CLAUSE TWELVE - EXTERNAL LINKS
12. As also mentioned in the general terms and conditions of use, the POSTGRAIN application contains external links redirecting the USER to other internet pages that do not pertain to POSTGRAIN, over which the administrators have no control.
12.1. The fact that there is a link to a website is not an endorsement/guarantee, authorization or representation of our affiliation with that third party. We do not have control over third party websites.
12.2. Despite the prior and regular checks carried out by the administrators, they disclaim any responsibility for the content found on these sites and services.
12.3. These other sites may place their cookies or other files on your computer, collect data, or request personal information about you.
12.4. These other sites may have different rules regarding the use or disclosure of the personal information you send to them. We encourage you to read the privacy policies or statements of other websites you visit.
12.5. Links may be included in the pages and documents of the POSTGRAIN app by USERS, as long as they respect the specific prohibitions highlighted in clause ten, subparagraph "J" provided in the terms and general conditions of use, as well as the other provisions listed in this term and its attachments.
CLAUSE TWELVE - OUR POLICY CONCERNING CHILDREN AND ADOLESCENTS
12. Our services are not directed at children and adolescents under the age of 13; therefore, POSTGRAIN does not collect any personal data from children and adolescents under the aforementioned age group.
12.1. If POSTGRAIN eventually identifies that it has collected personal data and information from children and adolescents under the age of 13, we will take action to delete that data and information from our documents as soon as possible.
12.2. The processing of personal data of adolescents over 13 years of age who have access to the platform will be carried out in their best interest, in respect to Brazilian Law No. 8,069 of July 13, 1990 (The Brazilian Child and Adolescent Rights Act).
CLAUSE THIRTEEN - WHAT ARE COOKIES AND HOW DO COOKIES WORK?
13.1. This collection of information seeks to improve the user’s experience while they navigate through the app, by allowing it to present to the user personalized services according to their preferences.
CLAUSE FOURTEEN - USE OF WEB ANALYTICS
14. The following Web Analytics services are used to improve the user experience on our website.
14.1. POSTGRAIN uses Google Analytics, a website marketing analysis service provided by Google Inc. Google Analytics uses codes that consist of text and numbers, which will be stored on your computer and allows an analysis of the use of the cookie websites.
14.2. POSTGRAIN also uses Zendesk, a third analysis service provided by Intercom, Inc. to help us understand the use of our services and to communicate with you by sending you service-related notifications in the POSTGRAIN interface.
CHAPTER 12 - POSTULATION BEFORE THE BRAZILIAN DATA PROTECTION AUTHORITY (DPA)
CLAUSE FIFTEEN - POSTULATION BEFORE THE BRAZILIAN DATA PROTECTION AUTHORITY (DPA)
CHAPTER 13 - GENERAL PROVISIONS
16.2. By continuing to access or use POSTGRAIN after these changes come into effect, you agree to be bound by the revised policy.
CLAUSE SEVENTEEN - VALIDITY
EIGHTEENTH CLAUSE - PREVALENCE OF THIS INSTRUMENT
18. The terms and provisions of this instrument will prevail over any other contracts and other expressed or implied binding attachments previously made between USERS and POSTGRAIN, concerning the conditions established therein.
CLAUSE NINETEEN - NULLITIES
CLAUSE TWENTY - ANY QUESTIONS?
20. If YOU have any questions regarding our policy and privacy practices, please direct your doubts or comments to firstname.lastname@example.org.
POSTGRAIN team wishes you an excellent navigation experience!