Privacy policy

POSTGRAIN APP PRIVACY POLICY

Hello, and welcome to the POSTGRAIN privacy policy!

This policy is governed by the Terms and Conditions of Use of this app, and its application is conditioned on your acceptance of and compliance with the abovementioned terms.

Our Privacy Policy will explain how we gather, use, and share your data as you access and use our services.

To assure you will have the best experience when using POSTGRAIN,  please make sure you read our Privacy Policy and any other above mentioned terms carefully. We have tried our best to explain things in this document simply and clearly.

CHAPTER 1 - INTRODUCTION

CLAUSE 1 - GENERAL INFO

1. In this section, you will find information about how POSTGRAIN treats your whole or partial personal data - which may (or may not) be automated or stored.

1.1.  Our objective is to provide you the guidelines regarding the collected info, the reasons why we collect it, and how you will be able to update, manage, export, or even delete the stored info.

1.2.  The pursuant of the General Data Protection Law (Brazilian Federal Law No. 13,709 of August 14, 2018) defines personal data treatment as any operation performed with personal data, such as those relating to its collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, erasure, information control or evaluation, modification, communication, transfer, dissemination or extraction;

1.3.  POSTGRAIN privacy policy is following the Brazilian Civil Framework of the Internet (Brazilian Federal Law No. 12,965 of April 23, 2014); the Brazilian General Law of Data Protection (Brazilian Federal Law No. 13,709 of August 14, 2018); and the EU General Data Protection Regulation (Law No. 2016/678 of April 27, 2016).

1.4.   This Privacy Policy may be amended from time to time with changes, additions, and deletions. Make sure you check this page regularly to be aware of any sort of change.

CHAPTER TWO - USER RIGHTS AND PREFERENCES

CLAUSE 2 - USER RIGHTS

2. POSTGRAIN is committed to following the below-mentioned principles set by the EU General Data Protection Regulation principles, as such:

  1. Your data are treated in a licit, loyal, and transparent manner according to predefined, legitimate, and explicit purposes. (‘lawfulness, fairness and transparency’)
  2. The data we collect is only used for specific, explicit, and legitimate purposes previously set out in this policy, and it won’t be stored nor used longer than necessary. (‘purpose limitation’)
  3. The data we collect is used in an adequate, relevant way, and are limited to what is necessary concerning the purposes for which they are processed. (‘data minimization’)
  4. Your data are accurate and are kept up to date where it is necessary. All inaccurate data will be deleted or rectified without any delay. (‘accuracy’)
  5. Your data are kept in a way that makes it possible to identify data subjects for no longer than is necessary for the processing. (‘storage limitation’)
  6. Your data are processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction, or damage, using appropriate technical or organizational measures. (‘integrity’ and ‘confidentiality’)

2.1. In addition to strictly following the EU General Data Protection Regulation principles mentioned above, the general principles of protection of personal data, properly described in Art. 2 and 6 of the EU General Data Protection Regulation, are duly guaranteed.

2.2. Following the regulations regarding the processing of personal data (which are: the Brazilian General Law of Data Protection - Brazilian Federal Law No. 13,709 of August 14, 2018; and the EU General Data Protection Regulation - Law No. 2016/678 of April 27, 2016), the POSTGRAIN USER has the following rights:

  1. The right of confirmation and access: the USER has the right to obtain information from POSTGRAIN as to whether or not personal data concerning you is being processed. Also, the USER has the right to obtain from POSTGRAIN free information about their personal data stored at any time and a copy of this information (which is available on the POSTGRAIN User Data tab).
  2. Right to Rectification: the USER has the right to ask POSTGRAIN, without undue delay, to rectify inaccurate data or to complete any incomplete personal data that POSTGRAIN holds.
  3. Right to Erasure (or Right to be Forgotten), anonymize or block data: the USER has the right to have their data erased, anonymized, or blocked by the app without undue delay.
  4. Right of Data Portability: the USER has the right to request a copy of their personal data in a structured and commonly used electronic format, and the right to easily transmit that personal data for use in another data controller.
  5. Right to Informed Consent: the USER has the right to obtain information from the third parties (private bodies and public enterprises) with whom the data controller share their data, as well as the right to receive information on the possibility of not giving consent to share their data and the consequences of the consent refusal.
  6. Right to Refuse to Consent: the USER has the right to refuse consent,  regarding their personal data treatment, at the express request of the data subject; for any reason, at any time. The proceeds are easily taken without any incurred charges.

2.3.  The rights outlined in Item 2.2 above shall be exercised at the express request of the data subject or of legally appointed representatives, as stated in Art. 18 paragraph 3 of the Brazilian General Law of Data Protection. To do this, the USER must send an email to support@postgrain.com or correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).

2.4.  The USER may exercise their rights through written communication  titled "LGPD - _____" to the app, providing the following information:

  1. A proof of identity (name or corporate name; a valid ID or corporate registration number; user’s - and, if necessary, their legal representative’s - e-mail address)
  2. a precise description of the rights they want to exercise
  3. order date and user signature
  4. Their POSTGRAIN’s user plan.

2.5.  The request shall be sent by e-mail to support@postgrain.com or by correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).

2.6.   In face of the USER’s request, POSTGRAIN reserves the right to send them a response within 30 calendar days.

2.7.   The USER will also be informed in case of rectification or erasure of their data.

CHAPTER THREE -  THE TREATMENT OF DATA

CLAUSE 3 - TYPES OF COLLECTED DATA

3. When you use our services, POSTGRAIN collects some information about you while using the app, as set out below:

3.1.   When the USER creates an account, sends us an e-mail, or even insert any sort of data content, POSTGRAIN collects some personal data when you are signing up, which may include name, profile picture, email address, phone number, gender, birth date, and zip code.

3.2.   When you are using the app, POSTGRAIN automatically collects as well some certain technical data, such as your GPS location (if you enable this function), your unique device ID, your MAC address, your IP address, your operating system, your browser type and your activity on POSTGRAIN.

3.3. When using POSTGRAIN, the USER may enable or disable the GPS localization services on the browser settings at any time.

3.4.   This information (as provided in item 3.3) is not treated as personal data unless the USER combines or links this info with any personally identifiable data aforementioned.

3.5.   POSTGRAIN may automatically collect certain information through the use of cookies. Cookies are small pieces of information that are stored by your browser on your computer's hard drive.

3.6.  To better understand how you interact with our services, monitor our users' aggregate usage and web traffic routing on our Services, or to customize and improve our Services, we may use both “session” cookies and “persistent” cookies.

3.7.  Most browsers automatically accept cookies by default. But you can refuse cookies or selectively accept them by adjusting the preferences in your browser.

3.8.  Personal data necessary for the execution and fulfillment of the services contracted by the POSTGRAIN USER may also be collected.

3.9.   Other types of data may eventually be collected provided user’s consent, or due to legitimate interests or other reasons permitted by law.

3.10.  The USER undertakes to provide only their personal data and not those of third parties.

PARAGRAPH ONE

As previously described in items 3.1, 3.3. and 3.4., the non-identified data collected by POSTGRAIN are classified (according to art. 5 item 3 in EU General Data Protection Regulation) as anonymized data, in which such information is not linked to a specific holder due to the use of technical means of treatment provided by POSTGRAIN.

Thus, such information cannot be characterized as personal data, since they are collected only to improve the users’ experiences when using the app.

They will only be characterized as personal data if the USER themself combine or link them with any personally identifiable information provided to the app.

CLAUSE FOUR -  CONSENT AND REVOCATION

4. When using POSTGRAIN services, the USER consents to the General Terms and Conditions of Use, to this privacy policy, and the refund policy.

        

4.1. POSTGRAIN collects the USER’s consent in written form or in any other means that explicitly expresses the holder’s will.

        

4.2. Persons who are relatively or absolutely incapable (i.e. children over 13 and under 16) will only be able of giving informed consent if they are properly assisted or represented.

        

4.3. The USER has the right to revoke consent at any time without affecting the lawfulness of the processing based on consent carried out until such revocation.

        

4.4. By the time the USER requests and confirms their revocation of consent, they will no longer be able to use the POSTGRAIN app. Also, their account will be canceled and their data will be deleted.

        

4.5. The user can request their revocation of consent by sending an e-mail to support@postgrain.com or correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).

        

4.6. POSTGRAIN reserves the right to send a response to the USER’s request of revocation of consent, as well as the arrangements concerning the account’s cancelation and termination, within 30 days.

        

4.7. Once the USER’s consent has been revoked and their account eventually terminated, they will be able to purchase the services again (including the available free service in the platform) SINCE they accept the general terms and conditions of use and other attachments, consenting POSTGRAIN to treat their personal data once again.

        

4.8. In some jurisdictions, the data controller may be authorized to process personal data without the user’s consent will only be carried out due to legitimate interest or other legal bases specified below:

                a)  the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;

                b) the processing is necessary for studies to be developed by a research entity, in which it must be ensured, whenever possible, the anonymization of personal data;

                c) the processing is necessary for the execution of a contract with the USER and/or the execution of pre-contractual measures;

           d) the processing is necessary for the regular exercise of rights in judicial, administrative, and arbitral proceedings, the latter under the terms of Brazilian Law 9,307 of September 23, 1996 (The Brazilian Arbitration Law).

                e) the processing is necessary for the protection of life or physical security of the holder or third party;

                f) the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties;

                g) the processing is necessary for credit protection purposes, including in what regards the specific legislation.

        

4.9. The need for the holder’s consent to process personal data is waived, regarding the data made public by the holder, safeguarding the holder's right and the principles established in this Law

CLAUSE FIVE - PURPOSES OF THE PROCESSING OF COLLECTED DATA

How we use the information we collect

5. The USER’s personal data collected by POSTGRAIN is intended to facilitate, expedite, and fulfill the commitments made with the user.

        5.1. Personal data may also be used for commercial purposes to personalize the content offered to the user, as well as to subsidize the application to improve the quality and operation of its services.

        5.2. Further to the above, POSTGRAIN also uses the collected information for the following specific purposes:

                a) to provide our requested information and services, as well as to process and complete all transactions;

                b) to answer your email inquiries and complaints, and to provide customer support.

            c) to monitor and analyze usage and marketing trends; to customize and improve POSTGRAIN’s experiences when you use the app, such as providing content or features that match your profile or interests (including ads); and to increase the functionality and ease of use of our services.

                d) to send you confirmations, updates, security alerts, support, and administrative messages, thus helping to facilitate your use, our management, and the operation of our services.

                e) to allow you to add your location to your posts.

        

5.3. If the app intends to process the user’s personal data for other purposes or to change its purposes for processing personal data that are incompatible with the original consent given by the USER, the holder must be informed about the other purposes by the Data Controller (which must be done in compliance with the same rights and obligations), and they may revoke consent if there is any disagreement with the changes.

CHAPTER FOUR - RECIPIENTS AND TRANSFERS OF PERSONAL DATA

SIXTH CLAUSE - PERSONAL DATA SHARED WITH THIRD PARTIES

What information do we share with third parties?

6. The USER's personal data collected by POSTGRAIN can be shared, through our service, with other social networking services.

6.1. This data sharing is duly consented by the USER when accepting the general terms and conditions of use and its attachments, which can be revoked at any time by the user upon request to POSTGRAIN and due cancellation of the user's account.

6.2. POSTGRAIN will not share personal data collected from the USER with third parties, except as described below:

a) With service providers who work with us in connection with the operation of our website or our services (these service providers have access to your personal information only to perform services on our behalf and are required not to disclose or use it for other purposes).

b) We may share aggregated and non-identifying information with third parties for industry analysis, demographic profiling, and other similar purposes.

c) When you give us consent to share information with third parties, including the notification we send you if the information you provide will be shared in a particular way and you provide such information.

d) When we have a good faith belief that we are legally authorized or required to do or this is reasonably necessary or appropriate to comply with the law, legal processes, respond to legal requests or judicial authorities, including responding to subpoenas, legal orders, or court orders.

e) To comply with or apply our privacy policy, our terms of use, our other policies or agreements; and in connection with, or during the negotiations of any merger, sale of company assets, financing or acquisitions, or in any other situation where personal information may be disclosed or transferred as one of our businesses.

6.3. We are not responsible for the actions of the service provider or third parties, nor any additional information you provide directly to third parties.

6.4. The transfer of USER's personal data may only be made to another country, territory, or international organization that is capable of ensuring an adequate level of protection of the user's data.

6.5. If there is no adequate level of protection, the application undertakes to guarantee the protection of your data in accordance with the strictest rules, through specific contractual clauses for the specific transfer, standard-contractual clauses, global corporate norms or seals, certificates, and regularly issued codes of conduct.

 

CHAPTER 5 - CONSERVATION OF PERSONAL DATA

CLAUSE SEVEN - PERIOD OF CONSERVATION OF PERSONAL DATA

7. The USER's personal data will be kept for the period in which they use POSTGRAIN services.

7.1. If the USER requests the revocation of consent to the treatment of his personal data and his account is duly canceled, the period of conservation of the collected data will be considered to have ended.

7.2. The USER's personal data can only be kept after the end of its processing in the following cases:

a) For the fulfillment of legal or regulatory obligation by the data controller;

b) For studies to be developed by a research entity, in which it must be ensured, whenever possible, the anonymization of personal data;

c) For the transfer to a third party, provided that the data processing requirements provided for in the legislation are respected;

d) For the exclusive use of the controller, access by a third party is prohibited, and provided that personal data are anonymized;

CHAPTER 6 - PERSONAL DATA PROCESSING AGENTS  

CLAUSE EIGHT - THE PERSONAL DATA CONTROLLER

8. The controller of the user's personal data is the natural or legal person, public authority, agency or other body that, individually or in conjunction with others, determines the purposes and the means of processing personal data

8.1. In POSTGRAIN, the person responsible for processing personal data collected, (one of the platform's administrators) can be contacted by the e-mail address support@postgrain.com or by correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020-000).

CLAUSE NINE - PERSONAL DATA PROCESSING OPERATOR

9. The operator is the natural or legal person, whether public or private, who processes personal data on behalf of the controller.

9.1. In POSTGRAIN, the person responsible for processing personal data collected, (one of the platform's administrators) can be contacted by the e-mail address support@postgrain.com or by correspondence to the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).

9.2. The operator will be directly responsible for the processing of the USER's personal data according to the instructions of the controller; by understanding data treatment, as already mentioned, as any operation performed with personal data, such as those referring to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination or extraction;

CHAPTER 7 - PERSONAL DATA PROCESSING

CLAUSE TEN - PERSONAL DATA COMMUNICATION CHARGER

10. The person in charge of the personal data communication is the person indicated by the controller and operator to act as a channel between the controller, the data holders (USERS), and the National Data Protection Authority (ANPD).

10.1. The person in charge of the personal data communication is the professional responsible for informing, advising data processing agents about the application's obligations due to the legislative provisions, besides acting as a POSTGRAIN communication channel, in constant cooperation with the users and with the competent controlling authority.

10.2. In POSTGRAIN, the person in charge of communication regarding the personal data collected is PAULO PEIXOTO, who can be contacted by the e-mail address support@postgrain.com, by the following phone number: +55 81 3072-7745, or by the following address: Avenida Governador Agamenon Magalhães, nº 2.939, Salas 408 / 409, Espinheiro, Recife – PE (Zip Code: 52020 - 000).

CHAPTER 8 - SECURITY PRACTICES IN THE PROCESSING OF USER'S PERSONAL DATA

CLAUSE ELEVEN - SECURITY

11. We are very concerned about maintaining the confidentiality of your personally identifiable information. We have implemented a series of administrative, physical, and electronic security measures to protect your information from unauthorized access.

11.1. POSTGRAIN undertakes to apply the appropriate technical and organizational measures to ensure a level of security for the user, taking into account the security techniques applied, the context, the types of data collected, and their purpose in the treatment, as well as the rights and users' freedoms.

11.2. However, POSTGRAIN disclaims liability for the sole fault of third parties, such as in the event of an attack by hackers or crackers, or the exclusive fault of the user, who, for example, transfers his data to third parties.

11.3. We at POSTGRAIN do not sell, buy, or otherwise transfer your personally identifiable information to third parties.

 

11.4. POSTGRAIN undertakes to notify the USER, in due time, in the event of any type of breach of the security of their personal data, which may cause the user a high risk to their personal rights and freedoms.

11.5. The breach of personal data is a breach of security that causes, accidentally or unlawfully, the destruction, loss, alteration, disclosure, or unauthorized access to transmitted personal data, keeping subjects subject to any other type of treatment.

11.6. POSTGRAIN undertakes to treat the USER's personal data with confidentiality, within the legal limits.

CHAPTER 9 - EXTERNAL LINKS

 

CLAUSE TWELVE - EXTERNAL LINKS

 

12. As also mentioned in the general terms and conditions of use, the POSTGRAIN application contains external links redirecting the USER to other internet pages that do not pertain to POSTGRAIN, over which the administrators have no control.

12.1. The fact that there is a link to a website is not an endorsement/guarantee, authorization or representation of our affiliation with that third party. We do not have control over third party websites.

12.2. Despite the prior and regular checks carried out by the administrators, they disclaim any responsibility for the content found on these sites and services.

12.3. These other sites may place their cookies or other files on your computer, collect data, or request personal information about you.

12.4. These other sites may have different rules regarding the use or disclosure of the personal information you send to them. We encourage you to read the privacy policies or statements of other websites you visit.

12.5. Links may be included in the pages and documents of the POSTGRAIN app by USERS, as long as they respect the specific prohibitions highlighted in clause ten, subparagraph "J" provided in the terms and general conditions of use, as well as the other provisions listed in this term and its attachments.

 

CHAPTER 10 - PRIVACY POLICY CONCERNING CHILDREN AND ADOLESCENTS

 

CLAUSE TWELVE - OUR POLICY CONCERNING CHILDREN AND ADOLESCENTS

 

12. Our services are not directed at children and adolescents under the age of 13; therefore, POSTGRAIN does not collect any personal data from children and adolescents under the aforementioned age group.

12.1. If POSTGRAIN eventually identifies that it has collected personal data and information from children and adolescents under the age of 13, we will take action to delete that data and information from our documents as soon as possible.

12.2. The processing of personal data of adolescents over 13 years of age who have access to the platform will be carried out in their best interest, in respect to Brazilian Law No. 8,069 of July 13, 1990 (The Brazilian Child and Adolescent Rights Act).

12.3. As provided in this privacy policy, the administrators and also the controller of POSTGRAIN will keep public information about the types of data collected, the treatment of the same, and the procedures for the exercise of the rights of the USERS.

 

CHAPTER 11 - NAVIGATION DATA AND COOKIE POLICY  

CLAUSE THIRTEEN - WHAT ARE COOKIES AND HOW DO COOKIES WORK?

 

13. POSTGRAIN uses cookies, which allows it to analyze the statistics and information about the USER's navigation. "Cookies" are small amounts of information that are stored by the user's browser so that the server remembers certain information that later and only the server which implemented it can read.

 

13.1. This collection of information seeks to improve the user’s experience while they navigate through the app, by allowing it to present to the user personalized services according to their preferences.

 

 CLAUSE FOURTEEN - USE OF WEB ANALYTICS

14. The following Web Analytics services are used to improve the user experience on our website.

14.1. POSTGRAIN uses Google Analytics, a website marketing analysis service provided by Google Inc. Google Analytics uses codes that consist of text and numbers, which will be stored on your computer and allows an analysis of the use of the cookie websites.

  • The information generated by cookies about your use of the websites (including your IP address) will be transferred to and stored by a Google server.
  • Google will use this information to evaluate your use of the website, to prepare reports on the activities of the website for the operators of the website, and to provide other services related to the use of websites and the use of the Internet.
  •  Google may transfer this information to third parties if they are legally required to do so or if third parties process such data on behalf of Google.
  •  In no event will Google connect your IP address with other Google data.

14.2. POSTGRAIN also uses Zendesk, a third analysis service provided by Intercom, Inc. to help us understand the use of our services and to communicate with you by sending you service-related notifications in the POSTGRAIN interface.

CHAPTER 12 - POSTULATION BEFORE THE BRAZILIAN DATA PROTECTION AUTHORITY (DPA)

CLAUSE FIFTEEN - POSTULATION BEFORE THE BRAZILIAN DATA PROTECTION AUTHORITY (DPA)

15. Without prejudice to any other means of judicial administrative appeal, all data subjects are entitled to file a petition against the controller to the Brazilian data protection authority (DPA), provided that the data subject has filed a complaint with the controller that has not been resolved within the time stipulated by this privacy policy.

 

CHAPTER 13 - GENERAL PROVISIONS

 

CLAUSE SIXTEEN - CHANGES IN PRIVACY POLICY

 

16. Any information that is collected is subject to the privacy policy in effect at the time that information is collected.

16.1. POSTGRAIN may, however, update and revise our privacy policy from time to time. If we make any material changes to this policy, we will notify you of any such changes by posting them on the website or sending you an email, and we will indicate when such changes will come into effect.

16.2. By continuing to access or use POSTGRAIN after these changes come into effect, you agree to be bound by the revised policy.

 

 CLAUSE SEVENTEEN - VALIDITY

17. The current POSTGRAIN privacy policy and other linked attachments are effective together with the general terms and conditions of use and other attachments, on the following date 03/10/2020 and will have an indefinite expiration date.

 EIGHTEENTH CLAUSE - PREVALENCE OF THIS INSTRUMENT

18. The terms and provisions of this instrument will prevail over any other contracts and other expressed or implied binding attachments previously made between USERS and POSTGRAIN, concerning the conditions established therein.

CLAUSE NINETEEN - NULLITIES

19. If any conditions of this privacy policy are considered partially or wholly null or void, the other conditions shall remain valid and will be interpreted to preserve the validity of the remainder.

CLAUSE TWENTY - ANY QUESTIONS?

20. If YOU have any questions regarding our policy and privacy practices, please direct your doubts or comments to contato@postgrain.com.

Thank you for reading our privacy policy! Welcome to our app!

POSTGRAIN team wishes you an excellent navigation experience!