PRIVACY POLICY
(30/10/24 updated)
1. WHAT DO YOU NEED TO KNOW
BEFORE READING THE SEVENTH PRIVACY POLICY?
In the course of
this policy, we have adopted the terms listed below with their respective
meanings:
National Data Protection Authority (ANPD) - It is the
body that will supervise and guide the application of the LGPD, as well as
being responsible for applying administrative sanctions in case of violation of
the law.
Legal Basis for Processing – The processing of Personal
Data is permitted by the LGPD in accordance with the legal bases provided for,
such as the consent of the Holder, compliance with legal and/or regulatory
obligations by Seventh, the existence of a contract between Seventh and the
Holder, analysis for credit protection, as well as legitimate interests of Seventh
or the Holder.
Biometrics - A measurable physical characteristic or personal behavioral trait
used to recognize or verify a person's identity. Facial images, fingerprints
and iris samples are examples of biometrics.
Privacy Commission - Means the Seventh people
commission composed of representatives of the Legal, Information Security and
Quality Department, responsible for representing Seventh before the holders and
the ANPD, as well as being responsible for general guidance regarding the
processing of Personal Data at Seventh.
Consent - It is the free, informed and unequivocal manifestation by which the
Holder agrees with the processing of his Personal Data for a specific purpose.
Personal Data - Any data related to an
identified or identifiable natural person, such as: IP, geolocation, name, RG,
CPF, address, telephone, bank account, vehicle data, among others.
Sensitive Personal Data - It is Personal Data that
presents racial or ethnic origin, religious conviction, political opinion,
union affiliation, data referring to health or sex life, genetic or biometric
data.
Purpose - This is the reason or motivation for processing Personal Data.
Legitimate Interest - Processing of data carried
out by the Controller, due to his interest, that of other companies or society,
without the treatment affecting the individual rights and freedoms of the
Holder.
General Data Protection Law (LGPD) - Law No.
13,709, of August 14, 2018.
Opposition - It is the Holder's right not to want their data to be processed. This
right can be exercised in certain specific situations.
Security - Means the use of technical and administrative measures able to
protect Personal Data from unauthorized access and accidental or illegal
situations of destruction, loss, alteration, communication or dissemination.
Treatment - It is every operation carried out with Personal Data, such as:
collection, production, reception, classification, use, access, reproduction,
transmission, distribution, processing, archiving, storage, elimination,
evaluation, information control, communication, transfer, diffusion or
extraction.
Holder - Natural person to whom the Personal Data that are subject to
processing refer.
Transparency - It is the guarantee, to the Holders, of clear, precise and easily
accessible information about the performance of the treatment and respective
treatment agents, observing the commercial and industrial secrets.
Summary of
Privacy Policy Rights
data minimization |
Collects only personal data
necessary for product functionality |
right of holders |
Right guaranteed to the user
of access, correction and deletion of processed data |
retention period |
The personal data we process
will only be kept for the period necessary for the purpose of the treatment
and/or under the appropriate legal basis. |
Third-party data collection |
The data collection tools
are those indicated in this Policy |
2. HOW DO WE USE YOUR DATA?
We may process
data relating to the use of our websites, products, cloud services and
applications and through the use of these (“Services”). Usage Data may include
your IP address, geographic location, browser type and version, operating
system, time of visit to our websites (“Use Data”), number of uses of the
Services, date of visit, among others. The source of Data Usage is Google
Analytics. The Use of Data may be carried out for the purpose of analyzing the
use of Seventh Services, products and services. The legal basis for processing
such data is the legitimate interest of Seventh, as a means of guaranteeing the
full execution and functionality of the Services.
We may process
your registration data on the Services (“Registration Data”). Registrations may
include name, email address, address, CPF, telephone, image, photo, audio,
among others. Registration Data may be processed for the purposes of operating
the Services, providing products and services, guaranteeing the security of our
Services, products and services, maintaining backup databases and communicating
with our customers, including providing and accessing all functionality of the
Services. The legal basis for processing such data is consent.
We may process
data captured in the environment ("Environment Data"). Data may
include facial images, recordings, audio, which may be classified as personal
data, protected by law. Responsibility for the protection of third-party data,
captured from Seventh products, is the responsibility of the User, being within
its competence, to apply all necessary means for the effective protection of
data, in particular, the configuration and network products for which standards
security minimums are guaranteed. Seventh is not responsible for the illegal
use of data collected through its products, as they are not accessible to its
administration.
We may process data from
inquiries sent to us in relation to customer service (“Consumer Relationship
Data”). Consumer Inquiry Data may include details about your questions and
problems with products and/or services and may be processed for the purposes of
offering new products and/or services, marketing, updating response processes
and improving customer service. The legal basis for processing such data is the
legitimate interest of Seventh and its customers and compliance with legal
obligations.
We may process
your data obtained from financial transactions carried out through our
Services, including the purchase of products and/or services (“Transaction
Data”). Transaction Data may include your address, CPF, financial and bank
details and credit card number, among others, and are processed for the
provision of products and/or services, file maintenance, compliance with tax
obligations. The legal basis for processing such data is compliance with legal
obligations, specifically tax legislation.
We may process
your Personal Data to send advertisements, for the purposes of registration and
participation in the selection process, advertisements and direct marketing,
related to the customer's interests according to their preferences. The legal
basis for the processing of such data is the consent, as well as the legitimate
interest of the controller.
We may process
your Personal Data based on authorized remote access to the holder's device, by
registering a service with our Call Center or After Sales. For access, Seventh
uses the Anydesk tool ,
which meets the legal requirements for data protection, as defined
on the institutional website: www.anydesk.com. The data accessed are of
exclusive need to solve the problem, and no unnecessary data is treated beyond
the fulfillment of the solution. The legal basis for data processing is consent
through prior acceptance of Remote Access and also compliance with a legal
obligation, since Seventh provides technical assistance during the warranty
period of Seventh products.
We may process
your Personal Data, such as name, email, telephone, from accessing our customer
service channels, via CHATBOT, through third-party platforms, such as WhatsApp,
which meets the legal requirements for the protection of data, as defined on the
institutional website: https://www.whatsapp.com/legal/. The legal basis for
data processing is consent upon prior acceptance of this Policy by the user and
also compliance with a legal obligation, since Seventh provides technical
assistance during the warranty period of Seventh products via these service
channels.
In some cases,
the Seventh Product may collect data from third parties from the environment
(“Third Party Data”). Data may include facial images, recordings, audio, which
may be classified as personal data, protected by law. Responsibility for the
protection of third-party data captured from Seventh products is the sole
responsibility of the User, and it is up to the User to apply all necessary
means for the effective protection of data, especially the configuration of
products and network to that minimum safety standards are guaranteed. Seventh
is not responsible for the illegal use of data collected through its products,
as their management is inaccessible.
In some cases,
we may use a third-party platform to manage the consent of the holder of
personal data, such as WSO2, which meets the legal requirements for data
protection, as defined on the institutional website: https://wso2.com/privacy
-policy. The legal basis for processing data from the use of the consent
management tool is the fulfillment of a legal obligation, pursuant to Law No.
13,709/2018.
3. WITH WHOM DO WE SHARE YOUR
DATA?
We may disclose
your personal data to any member of our group of companies (this means our subsidiaries,
our controllers and all of their controlled companies), to the extent
reasonably necessary for the stated purposes and in accordance with applicable
law, as well as observing the bases treatment laws informed in this policy.
We may disclose
your personal data to our insurers and/or professional advisors, to the extent
reasonably necessary for the purposes of obtaining or maintaining insurance
coverage, managing risks, obtaining professional advice or entering, exercising
or defending administrative, arbitration and/or cool. Furthermore, we may
disclose your data to our suppliers to the extent reasonably necessary to
provide you with our products and/or services and to ensure security in the use
of our Services and in the use of your personal data, such as suppliers,
marketing services and customer service. consumer, network and cloud service
providers.
Financial
transactions related to our Services and the purchase of our products and/or
services are handled by our payment service providers, and we share transaction
data with our payment service providers only to the extent necessary for the
purposes of processing your payments, refund amounts, and handle complaints and
queries related to these matters.
In addition to
the specific disclosures of personal data established in this Clause 4, we may
disclose your personal data whenever such disclosure is necessary to comply
with a legal and/or regulatory obligation to which Seventh is subject, as well
as to protect its vital interests or the vital interests of another data
subject.
Seventh and
other companies in its group have offices and facilities in other countries, as
well as suppliers in other countries (website hosting, cloud services, payment
gateways, technical support, development, modeling, customization, among
others). In this way, we may transmit your data outside Brazil for the purposes
indicated above. Seventh adopts all appropriate measures and enters into the
necessary contracts with its suppliers and foreign offices to ensure that the
processing of personal data outside Brazil is carried out in accordance with
the LGPD and in compliance with Seventh policies.
You acknowledge
that the personal data you provide to Seventh through the Services or our
products and/or services may be available to operators worldwide.
You acknowledge
that the personal data you provide to Seventh through the Services or our
products and/or services may be available to operators around the world.
4. HOW LONG DO WE RETAIN AND
WHEN DO WE DELETE YOUR DATA?
The personal
data we process will only be kept for the period necessary for the purpose of
the treatment and/or under the appropriate legal basis.
We take
appropriate steps to ensure that we process and retain information, including
personal information, for as long as any of the following circumstances apply:
A.
The duration for which the information is used to provide a support or
service;
B.
As required by law, contract or regulatory obligations;
C.
As long as an account or subscription is active;
D.
On products, to ensure required functionality and performance, including
responsibilities under warranties;
E.
To comply with applicable laws, including for tax and audit purposes;
F.
To enforce our rights, including litigation and collections;
5. WHEN CAN WE CHANGE THE
PRIVACY POLICY?
Seventh may
change this policy at any time, and such updates are published on our Services
and can be checked at any time.
We recommend
that you periodically check our Services for any changes to this Privacy
Policy.
In case of
significant changes to this privacy policy, if necessary, we can notify you by
e-mail about such changes or by means of specific messages in our Services, and
the updated version will appear on the official website of Seventh.
6. WHAT ARE YOUR RIGHTS
REGARDING DATA PROTECTION?
Your main rights
under data protection legislation are:
a)
right of access;
b)
right of rectification;
c)
right to object to processing;
d)
right to data portability;
e)
right of claim before the competent authorities;
f)
right to withdraw consent.
You have the
right to confirm whether or not we process your personal data and where we do,
and you have the right to access such personal data together with certain
additional information. This additional information includes details of the
processing purposes, the categories of personal data concerned and the
recipients of the personal data. If the rights and freedoms of third parties
are not affected, we will provide you with a copy of your personal data.
In some
circumstances, you have the right to have your personal data erased without
undue delay. These circumstances include: (i) the
personal data is no longer necessary in relation to the purposes for which it
was collected or processed; ( ii ) you withdraw
consent to consent-based processing; ( iii ) you object to the processing; ( iv
) processing is for marketing purposes; and (v) the personal data was processed
illegally. However, there are exclusions to your right to object to processing,
such as when it is necessary to exercise the right to freedom of expression and
information, to comply with legal and/or regulatory obligations, to exercise
rights in proceedings, or even for the legitimate interest of Seventh.
The holder has
the right to object to the processing of his personal data, except for
situations in which the legal basis of the treatment is necessary to meet the
public interest or the exercise of any official authority vested in Seventh, or
even, in the face of interests legitimate third parties. Furthermore, Seventh is careful to process data to meet its legitimate
interest, to exercise the defense of administrative, legal or arbitration
claims, safeguarding the interest of the holder, rights and freedoms.
You have the
right to object to the processing of your personal data for direct marketing
purposes. If you make such an objection, we will no longer process your
personal data for this purpose.
If you consider
that the treatment of your personal information violates data protection
legislation, you have the right to request that Seventh immediately stop the
treatment in question.
Insofar as the
legal basis for the processing of your personal data is consent, you have the
right to withdraw this consent at any time. The withdrawal will not affect the
legality of the treatment before such withdrawal.
In accordance
with the Services you have contracted with Seventh, you may, at your own
expense, audit Seventh' compliance with the terms of this Privacy Policy, by
sending Seventh a written request, including a detailed audit plan, at least
six weeks before the proposed audit. You and Seventh will work cooperatively to
reach a final agreement on the audit plan.
The audit must
be performed no more than once during a twelve-month period, during normal
business hours, subject to Seventh' local policies and regulations, and may not
interfere with Seventh' activities. If you wish to use a third party to conduct
the audit, such third party must be mutually approved by you and Seventh,
subject to the execution of a confidentiality agreement approved by Seventh.
Upon completion of the audit, you will provide Seventh with a copy of the audit
report, which is classified as confidential information under the terms of your
contract with Seventh.
7. COOKIES, IDENTIFIERS,
TRACKERS AND THIRD-PARTY INFORMATION
A cookie is a
file containing an identifier (a string of letters and numbers) that is sent by
a web server to a web browser and is stored by the browser.
The identifier
is then sent back to the server every time the browser requests a page from
that server.
Cookies can be
either “persistent” cookies or “session” cookies. A persistent cookie will be
stored by a web browser and will remain valid until the defined expiration
date, unless deleted by the user before the expiration date. A session cookie,
on the other hand, will expire at the end of the user's session, when the web
browser is closed.
Cookies
typically do not contain any information that personally identifies a user, but
the personal information we store about you may be linked to information stored
in and obtained from cookies.
We use cookies
for the following purposes:
a)
authentication - we use cookies to identify you when you use our
Services;
b)
status - we use cookies to help us determine whether you are logged in
to our Services;
c)
personalization - we use cookies to store information about your
preferences and customize Services for you;
d)
security - we use cookies as an element of security measures used to
protect user accounts, including preventing fraudulent use of login credentials
and to protect our Services and services generally;
e)
advertising - we use cookies to help us display advertisements that will
be relevant to you;
f)
analytics - we use cookies to help us analyze the use and performance of
our website and services;
g)
Cookie Consent - We use cookies to store your preferences regarding the
use of cookies more generally.
Our service
providers use cookies and these cookies may be stored on your computer when you
use the Services.
We use Google
Analytics to analyze the use of our website. Google Analytics gathers
information about website usage through cookies. Information collected in
connection with our website is used to create reports on the use of our
website. Google's privacy policy is available at:
https://policies.google.com/privacy.
We serve
interest-based ads from Google AdSense on our Services. They are personalized
by Google to reflect your interests. To determine your interests, Google will
track your behavior on our Services and on other websites using cookies.
We use Google
Tag Manager on our Sites to create and update Google tags .
You can view this service provider's privacy policy at
https://policies.google.com/privacy.
Most browsers
allow you to refuse to accept cookies and to delete cookies. Methods for doing
this vary from browser to browser and versions.
Blocking all
cookies will have a negative impact on the usability of many websites. If you
block cookies, you may not be able to use all features on our Services.
We also use
mobile device identifiers that are stored on your mobile device and track
certain data and activities that occur on or through your device. Mobile device
identifiers allow the collection of personal data (such as media access
controls) as well as non-personally identifiable information (such as usage and
traffic data).
In addition to
identifiers, we also use Web Beacons that help us better manage the content on
our Sites by letting you know what content is effective. Web Beacons are
embedded in or associated with certain emails or other communications you
receive from Seventh or Our partners. Web Beacons help us track your responses
and interests and provide content and services that are relevant to you. For
example, they may let us know when you take action
based on emails we send them. Web Beacons also allow us to enhance our
behavioral advertising (defined below).
Some parts of
our Services may include social media features, such as the Facebook “like”
button, and widgets, such as the “share” button. These social media features
are either hosted by a third party or hosted directly on our Services. When you
use these tools, the party providing the tool, the third party operating the
social media services and/or Seventh may receive personal data about you. By
using these tools, you recognize that some information, including personal
data, from your social media services will be transmitted to Seventh and,
therefore, this information is covered by this Privacy Policy, and also by the
privacy policies of third parties.
We may use
third-party services, such as open search tools and social media, to obtain
information about you (such as your name or company) and enrich your personal
data by obtaining publicly available information about you, such as your title,
employment history and contact.
8. ONLINE BEHAVIORAL ADVERTISING
Some of our
advertising (“Behavioral Advertising”) involves the use of Tracking Tools to
collect information about a user's online activities over time and across
unaffiliated websites and applications, and to provide advertisements to the
user based on such user's interests (as inferred from the user's online
activity) or use of our Services. Behavioral advertising may appear on our
Services. We work with third parties to deliver behavioral advertising, such as
advertising networks, data exchanges, traffic measurement service providers,
marketing analytics service providers and other third party
service providers. Such advertising service providers perform services such as
facilitating ad targeting and measuring and analyzing the effectiveness of
advertising on the Services. Such targeting services help us to display
behavioral advertising tailored to your profile and prevent you from showing
repeated advertisements, as well as allowing you to research the usefulness of
advertisements.
09. PRIVACY COMMITTEE
You can exercise any of your rights in relation to your personal data here or for clarification and questioning about this Privacy Policy by email privacidade@seventh.com.br.
Data Protection Officer: Erico Jurua Kappel
10. INCIDENTS
Seventh promptly
evaluates and responds to the occurrence of incidents that may compromise your
Personal Data.
If Seventh becomes aware of any incident involving the Personal
Data of users of the Services, Seventh will notify you and the competent
authorities.
11. OUR DATA
The Services are
owned and operated by Seventh.
Seventh is
registered with the CNPJ/MF under nº 04.374.350/0001-79, having its
headquarters in the City of Florianópolis, State of
Santa Catarina, at José Carlos Daux, nº 8600,
Bloco 4, sala 101, Santo Antonio de Lisboa, CEP 88.050-000.