PRIVACY POLICY
Version updated on 03.04.2023
1. Important Information
a) In the course of this policy, we have adopted the terms listed below with their respective meanings:
· National Data Protection Authority (ANPD) - It is the body that will supervise and guide the application of the LGPD, as well as is responsible for the application of administrative sanctions in case of violation of the law.
· Legal Basis for Processing - The processing of Personal Data is allowed by the LGPD in accordance with the legal bases provided for, such as the consent of the Holder, the fulfillment of legal and/or regulatory obligations by Seventh, the existence of a contract between Seventh and the Holder, analysis for credit protection, as well as legitimate interests of Seventh or the Holder.
· Biometrics - A measurable physical characteristic or a personal behavioral trait used to recognize or verify a person's identity. Facial images, fingerprints and iris samples are examples of biometrics. Facial Recognition Systems are examples of technology based on artificial intelligence in the category of biometric security.
· Privacy Committee - Means the Seventh people committee composed of representatives of the Legal, IT and Quality Department, responsible for the representation of the Seventh before the holders and the ANPD, as well as will be responsible for the general guidance regarding the processing of Personal Data in Seventh.
· Consent - It is the free, informed and unequivocal manifestation by which the Holder agrees to the processing of his Personal Data for a particular purpose.
· Personal Data - It is any data related to the identified or identifiable natural person, such as: IP, geolocation, name, RG, CPF, address, telephone, bank account, vehicle data, among others.
· Sensitive Personal Data - It is the Personal Data that presents racial or ethnic origin, religious conviction, political opinion, union membership, data relating to health or sex life, genetic or biometric data.
· Purpose - This is the reason or motivation for the processing of Personal Data.
· Legitimate Interest - Processing of data carried out by the Controller, due to his interest, other companies or the company, without the processing affecting the individual rights and freedoms of the Holder.
· General Data Protection Law (LGPD) - Law No. 13,709, of August 14, 2018.
· Free Access - Right of the Holder to have access to all information regarding the processing of his Personal Data.
· Opposition - It is the right of the Holder not to want his data to be processed. This right can be exercised in certain specific situations.
· Security - Means the use of technical and administrative measures capable of protecting Personal Data from unauthorized access and from accidental or unlawful situations of destruction, loss, alteration, communication or dissemination.
· Treatment - It is all operations carried out with Personal Data, such as: collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation, control of information, communication, transfer, dissemination or extraction.
· Holder - Natural person to whom the Personal Data that is processed refers.
· Transparency - It is the guarantee, to the Holders, of clear, accurate and easily accessible information about the performance of the treatment and its treatment agents, observing the commercial and industrial secrets.
b) Summary of the rights of the Privacy Policy
|
Data minimization |
Collects only the personal data necessary for the functionality of the product |
|
Right of the holders |
Right guaranteed to the user of access, correction and deletion of the processed data |
|
Retention period |
The data collected is processed for a maximum period of 5 years, and in case of deletion of the user's account, for a maximum period of 1 year |
|
Third-party data collection |
The data collection tools are those indicated in this Policy |
2. Introduction
a) We are committed to protecting the privacy of users of our Services.
b) This policy applies when we act as a data controller in relation to the personal data of users of our Services.
c) Seventh uses cookies on its websites. To the extent that these cookies are not strictly necessary for navigation on our website and/or the provision of our Services, we will ask you to agree to the use of cookies when you visit our website for the first time.
d) Our websites, applications and cloud services incorporate features that allow you to configure your preferences about your Personal Data and your privacy, so-called privacy controls. When using privacy controls, you can specify how you want Seventh to handle your Personal Data.
e) In this policy, "we" and "our" refer to Seventh.
3. Your Personal Data and how we use it
a) We may process data relating to the use of our websites, products, cloud services and applications and through the use of these ("Services"). The Use of Data may include your IP address, geographical location, browser type and version, operating system, time of visit to our websites ("Data Use"), number of uses of the Services, date of visit, among others. The source of Data Use is Google Analytics. The Use of Data may be carried out for the purpose of analyzing the use of Seventh's Services, products and services. The legal basis for the processing of such data is the legitimate interest of Seventh, as a means of ensuring the full execution and functionality of the Services.
b) We may process the data of your registration in the Services ("Registration Data"). Registrations may include name, email address, address, CPF, phone number, image, photo, audio, among others. Registration Data may be processed for the purposes of operating the Services, providing products and services, ensuring the security of our Services, products and services, maintaining database backups and communicating with our customers, including the availability and access to all functionalities of the Services. The legal basis for the processing of such data is consent. We may also process your data through access to the camera, video gallery and photos for upload, as well as the contact list of your device to complete the registration in the Services and also so that you can use extra functions of the Services and Products, such as creating invitations and reserving common areas, sharing audio, video and image messages between users, registering on equipment with facial recognition.
c) We may process data from questions sent to us in relation to customer service ("Consumer Relationship Data"). Consumer Questioning Data may include details about your questions and problems with products and/or services and may be processed for the purposes of offering new products and/or services, marketing, updating response processes and improving customer service. The legal basis for the processing of such data is the legitimate interest of Seventh and its customers and compliance with legal obligation.
d) We may process your data obtained from financial transactions carried out from our Services, including for the purchase of products and/or services ("Transaction Data"). Transaction Data may include your address, CPF, financial, banking data and credit card number, among others, and are processed for the provision of products and/or services, file maintenance, compliance with tax obligations. The legal basis for the processing of such data is compliance with a legal obligation, specifically tax legislation.
e) We may process your Personal Data for the sending of advertisements, advertisements and direct marketing, related to the customer's interests according to their preferences. The legal basis for the processing of such data is consent, as well as the legitimate interest of the controller.
f) We may process your Personal Data from the authorized remote access to the holder's device, by registering service with our Call Center or After Sales. For access, Seventh uses the TeamViewer tool, which meets the legal data protection requirements, according to definitions on the institutional website: www.teamviewer.com. The data accessed is of exclusive necessity to solve the problem, and no unnecessary data is treated beyond the service of the solution. The legal basis for the processing of data is consent upon prior acceptance in Remote Access and also compliance with legal obligation, since Seventh provides technical assistance in the warranty period of Seventh products.
g) In some cases, the Seventh Product may capture data from third parties from the environment ("Third Party Data"). The data may include facial images, recordings, audio, which can be classified as personal data, protected by law. The responsibility for the protection of the data of third parties, captured from the products of Seventh, are the sole responsibility of the User, and it is up to the latter to apply all the necessary means for the effective protection of the data, especially the configuration of the products and network so that the minimum security standards are guaranteed. Seventh is not responsible for the illegal use of the data collected through its products, as the management of the same is inaccessible.
h) We may also process your data by accessing the Geolocation of your device for the operation and activation of functions of the Services, such as the Panic Function and Assisted Entry.
i) We can process your data from the access to the microphone of your device for the use of the telephony function of the Services, thus enabling you to receive calls directly from the call center and concierge.
j) Eventually, we may use your Registration Data to send you Notifications for the best use of Seventh Services and Products, such as Reservation of common areas, registration of people in your Unit or even Notifications sent by the management company of the condominium also using the Services and Products Seventh.
4. Data Transfer to Third Parties
a) We may disclose your personal data to any member of our group of companies (this means our subsidiaries, our controllers and all their subsidiaries), to the extent reasonably necessary for the purposes informed and in accordance with applicable law, as well as subject to the legal bases of processing informed in this policy.
b) We may disclose your personal data to our insurers and/or professional consultants, to the extent reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice or the entry, exercise or defense in administrative, arbitral and/or legal actions. In addition, we may disclose your data to our suppliers to the extent reasonably necessary to provide you with our products and/or services and ensure security in the use of our Services and in the use of your personal data, such as suppliers, marketing and customer service services, network providers and cloud services.
c) Financial transactions related to our Services and the purchase of our products and/or services are handled by our payment service providers, and we share transaction data with our payment service providers only to the extent necessary for the purposes of processing your payments, refunding amounts and dealing with complaints and inquiries related to these issues.
d) In addition to the specific disclosures of personal data set out in this Clause 4, we may disclose your personal data whenever such disclosure is necessary to comply with a legal and/or regulatory obligation to which Seventh is subject, as well as to protect your vital interests or the vital interests of another data subject.
e) Seventh and other companies in its group have offices and facilities in other countries, as well as suppliers in other countries (websites, cloud services, payment gateways, technical support, development, modeling, customization, among others). In this way, we may transmit your data outside Brazil for the purposes indicated above. Seventh adopts all appropriate measures and enters into the necessary contracts with its suppliers and foreign offices to ensure that the processing of personal data outside Brazil is carried out in accordance with the LGPD and in compliance with Seventh's policies.
f) You acknowledge that the personal data you provide to Seventh through the Services or our products and/or services may be available to operators around the world.
g) To the extent that such global access involves a transfer of Personal Data to other countries, such transfers are subject to Seventh's international data transfer policy and appropriate mechanisms that provide an adequate level of protection in accordance with the LGPD.
5. Storage and Deletion of Personal Data
a) The personal data we process will be kept only for the period necessary for the purpose of the processing.
b) We will retain your personal data as follows:
1. Any personal data such as CPF, e-mail, address, telephone number collected will be kept for a maximum period of 5 (five) years after data collection;
2. In case of deletion of the account at the request of the user, we may also retain them for a maximum period of 12 (twelve) months;
3. In some cases, it is not possible to specify in advance the periods for which your personal data will be retained. In these cases, we will determine the retention period based on the following criteria, without prejudice to others: (i) the existence of a specific law or regulation requiring a certain period for data retention; (ii) Seventh's internal policies; (iii) the existence of judicial, administrative or arbitral proceedings; and (iv) requests for information made by government authorities.
6. Changes to the Privacy Policy
a) Seventh may change this policy at any time, and such updates are posted on our Services and can be verified at any time.
b) We recommend that you periodically check our Services for any changes to this Privacy Policy.
c) In case of significant changes to this privacy policy we may communicate to you by e-mail about such changes or through specific messages on our Services.
7. Your Rights
a) Your main rights under data protection legislation are:
I. right of access;
II. right of rectification;
III. right to object to processing;
IV. right to data portability;
V. right of claim before the competent authorities; and
VI. right to withdraw consent.
b) You have the right to confirm whether or not we treat your personal data and where we do it, as well as you have the right to access such personal data, along with certain additional information. This additional information includes details of the purposes of processing, the categories of personal data in question and the recipients of the personal data. If the rights and freedoms of third parties are not affected, we will provide you with a copy of your personal data.
c) You have the right to rectify and update your personal data, upon request to the contact privacidade@seventh.com.br.
d) In some circumstances, you have the right to delete your personal data without undue delay. These circumstances include: (i) the personal data is no longer necessary in relation to the purposes for which it was collected or processed; (ii) you withdraw consent to the processing based on consent; (iii) you object to the processing; (iv) the processing is for marketing purposes; and (v) the personal data has been processed unlawfully. However, there are exclusions to your right to object to processing, such as when it is necessary to exercise the right to freedom of expression and information, for compliance with legal and/or regulatory obligations, for the exercise of rights in proceedings, or even for the legitimate interest of Seventh.
e) You have the right to object to the processing of your personal data for reasons related to your specific situation, but only to the extent that the legal basis of the processing is necessary for the performance of an action carried out for the public interest or in the exercise of any official authority vested in Seventh, or in the face of legitimate interests pursued by us or by third parties. If you make such an objection, we will stop processing your personal data unless we can demonstrate legitimate and compelling reasons for the processing that may supersede your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of administrative, legal or arbitral claims.
f) You have the right to object to the processing of your personal data for direct marketing purposes. If you make such an objection, we will stop processing your personal data for this purpose.
g) If you consider that the processing of your personal information violates data protection legislation, you have the right to lodge a complaint with the competent authority and request that Seventh immediately discontinue the processing in question.
h) To the extent that the legal basis for the processing of your personal data is consent, you have the right to revoke that consent at any time. The withdrawal will not affect the legality of the treatment before such withdrawal.
i) In accordance with the Services you have contracted with Seventh, you may, at your own expense, audit Seventh's compliance with the terms of this Privacy Policy by sending Seventh a written request, including a detailed audit plan, at least six weeks prior to the proposed audit. You and Seventh will work cooperatively to reach a final agreement on the audit plan.
j) The audit must be carried out no more than once during a period of twelve months, during business hours, subject to the policies and regulations at the Seventh site, and may not interfere with Seventh's activities. If you wish to use a third party to conduct the audit, such third party must be mutually approved by you and Seventh, subject to the conclusion of a confidentiality agreement approved by Seventh. Upon completion of the audit, you will provide Seventh with a copy of the audit report, which is classified as confidential information under your contract with Seventh.
k) You may exercise any of your rights in relation to your personal data by written notice to Seventh's address, addressed to the Privacy Committee or by e-mail to privacidade@seventh.com.br.
8. Cookies, Identifiers, Trackers and Third Party Information
a) A cookie is a file that contains an identifier (a sequence of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server every time the browser requests a page from such a server.
b) Cookies can be "persistent" cookies or "session" cookies. A persistent cookie will be stored by a web browser and will remain valid until the set expiration date, unless it is deleted by the user before the expiration date. A session cookie, on the other hand, will expire at the end of the user's session, when the web browser is closed.
c) Cookies usually do not contain any information that personally identifies a user, but the personal information we store about you may be linked to the information stored and obtained from cookies.
d) We use cookies for the following purposes:
I. authentication - we use cookies to identify you when you use our Services;
II. status - we use cookies to help us determine if you are logged in to our Services;
III. personalization - we use cookies to store information about your preferences and customize Services for you;
IV. security - we use cookies as an element of the security measures used to protect user accounts, including the prevention of fraudulent use of login credentials and to protect our Services and services in general;
V. advertising - we use cookies to help us display ads that will be relevant to you;
VI. analysis - we use cookies to help us analyze the use and performance of our website and services; and
VII. cookie consent - we use cookies to store your preferences regarding the use of cookies more generally.
e) Our service providers use cookies and these cookies may be stored on your computer when you use the Services.
f) We use Google Analytics to analyze the use of our website. Google Analytics gathers information about the use of the site through cookies. The information collected related to our website is used to create reports on the use of our website. Google's privacy policy is available at: https://policies.google.com/privacy.
g) We publish Google AdSense interest-based ads on our Services. They are customized by Google to reflect your interests. To determine your interests, Google will track your behavior on our Services and other websites using cookies.
h) We use Google Tag Manager on our Sites to create and update Google tags. You can view the privacy policy of this service provider at https://policies.google.com/privacy.
i) Most browsers allow you to refuse to accept cookies and to delete cookies. The methods to do this vary from browser to browser and their versions.
j) Blocking all cookies will have a negative impact on the usability of many websites. If you block cookies, you will not be able to use all the features on our Services.
k) We also use mobile device identifiers that are stored on your mobile device and track certain data and activities that occur on or through your device. Mobile device identifiers allow the collection of personal data (such as media access controls), as well as non-personally identifiable information (such as usage and traffic data).
l) In addition to identifiers, we also use Web Beacons that help us better manage the content of our Sites, informing which content is effective. Web Beacons are incorporated or associated with certain emails or other communications you receive from Seventh or Our partners. Web Beacons help us track your responses and interests and provide relevant content and services to you. For example, they can tell us when you perform actions based on the emails we send. Web Beacons also allow us to improve our behavioral advertising (defined below).
m) Some parts of our Services may include social media features, such as the Facebook "like" button, and widgets, such as the "share" button. These social media features are hosted by third parties or directly on our Services. When you use these tools, the party that provides the tool, the third party that operates the social media services and/or Seventh may receive personal data about you. By using these tools, you acknowledge that some information, including personal data, from your social media services will be transmitted to Seventh and, therefore, this information is covered by this Privacy Policy, and also by the privacy policies of third parties.
n) We may use third-party services, such as open search tools and social networks, to obtain information about you (such as your name or company) and enrich your personal data by obtaining publicly available information about you, such as your job title, employment history and contact information.
9. Online Behavioral Advertising
a) Some of our advertisements ("Behavioral Advertising") involve the use of Tracking Tools to collect information about a user's online activities over time and on non-affiliated websites and applications, as well as providing advertisements to the user based on such user's interests (as inferred by the user's online activity) or use of our Services. Behavioral advertising may appear on our Services. We work with third parties to provide behavioral advertising, such as advertising networks, data exchanges, traffic measurement service providers, marketing analytics service providers and other third-party service providers. Such advertising service providers perform services such as facilitating ad targeting and measuring and analyzing the effectiveness of advertising on the Services. Such targeting services help us to display behavioral advertising tailored to your profile and prevent the display of repeated ads, as well as allowing us to search for the usefulness of the ads.
b) You have the option to disable behavioral advertising. Please contact us at privacidade@seventh.com.br.
10. Incidents
a) Seventh evaluates and responds promptly to the occurrence of incidents that may compromise your Personal Data.
b) If Seventh becomes aware of any incident involving the Personal Data of users of the Services, Seventh will notify you and the competent authorities.
11. Our Data
a) The Services are owned and operated by Seventh.
b) Seventh is registered with the CNPJ/MF under No. 04.374.350/0001-79, having its registered office in the City of Florianópolis, State of Santa Catarina, at the address Rodovia SC 401, 8600, Room 07 Block 02, CEP 88.050-001.
c) You can contact us at privacy@seventh.com.br.
12. Privacy Committee
a) You can contact our Privacy Committee at privacy@seventh.com.br for clarification and questions about this Privacy Policy.
Seventh Ltda
Headquarters: Rodovia SC 401, 8600, Room 07 Block 02, CEP 88.050-001, Florianópolis, Santa Catarina, Brazil - Phone (48) 3239 0200
Privacy Committee - e-mail: privacidade@seventh.com.br