Privacy and security policy

PRIVACY AND SECURITY POLICY

1. General Information

This Privacy Policy contains information about how we treat, in whole or in part, whether or not we automatically handle the personal data of users who access our application. Its purpose is to inform interested parties about the types of data that are collected, the reasons for the collection, and how the user may update, manage or delete this information. 

This Privacy Policy has been prepared in accordance with Federal Law no. 12,965 of April 23, 2014 (Marco Civil da Internet), with Federal Law no. 13,709 of August 14, 2018 (Personal Data Protection Act) and with EU Regulation no. 2016/679 of 27 April 2016 (European General Regulation on Personal Data Protection - RGDP).

This Privacy Policy may be updated as a result of any normative update, which is why the user is invited to periodically consult this section.
2. User Rights

The application undertakes to comply with the rules set forth in the RGPD, respecting the following principles:

 - User personal data will be processed lawfully, fairly and transparently (lawfulness, loyalty and transparency); user data will be collected only for specified, explicit and legitimate purposes and may not be further processed in a manner that is incompatible with those purposes (purpose limitation)

- User personal data will be collected in a manner that is appropriate, relevant and limited to the purposes of the purpose. which they are processed (data minimization)

- the user's personal data will be accurate and updated as necessary so that inaccurate data will be deleted or rectified when possible (accuracy)

- the user's personal data will be retained in such a way that data subjects can be identified only for the necessary period of time. for the purposes for which it is processed (conservation limitation)

- The user's personal data will be treated securely, protected from unauthorized or unlawful treatment and against accidental loss, destruction or damage by taking technical or organizational measures. integrity (confidentiality).

The user of the application has the following rights, conferred by the Personal Data Protection Act and the RGPD:

- Right of confirmation and access: it is the user's right to obtain from the application confirmation that the data personal data concerning you are or are not processed and, where appropriate, the right to access your personal data

- Right of rectification: is the user's right to obtain from the application without undue delay the rectification of the inaccurate personal data concerning you

- Right to delete data (right to forget): the right of the user to have his data deleted.

- Right to data processing limitation: It is the user's right to limit the processing of his personal data, which can be obtained when disputing the accuracy of the data, when the processing is illegal, when the application no longer needs of the data for the proposed purposes and when you have opposed the processing of the data and in the event of unnecessary data processing

- Right of opposition: it is the user's right to object at any time on grounds relating to his particular situation , the processing of personal data concerning you, and may also oppose the use of your personal data to define your marketing profile (profiling)

- Right to data portability: is the user's right to receive personal data concern and which has given the application, in a structured format, in common use and automatic reading, and the right to transmit this data to another application; 

Not to be subjected to automated decisions: It is the user's right not to be subject to any decision made solely on the basis of automated processing, including profiling, which has effects in its legal sphere or that significantly affects it. similar.The user may exercise their rights by means of written communication sent to the application with the subject "RGDP"; specifying:

- Full name or company name, CPF (Taxpayer Registration Number), or CNPJ (National Register of Legal Entities, Federal Revenue of Brazil) and email address of the user and, if applicable, of his representative

- Right to exercise with the application

- Date of request and signature of the user ;

- Any document that can demonstrate or justify the exercise of your right.The request must be sent to the email: contato1@pointware.com.br, or by mail to the following address:

Pointware Informatica Ltda Rua Domingos de Morais, n. 2441 - 1. andar, Vila Mariana, São Paulo-SP 
Zip Code: 04035-000
The user will be informed in case of rectification or deletion of their data.
3. Duty Not to Provide Third Party Data

During the use of the site, in order to safeguard and protect the rights of third parties, the user of the application should provide only their personal data, not those of third parties.


4. Information Collected

The collection of user data will be in accordance with the provisions of this Privacy Policy and will depend on the consent of the user, which is not necessary only in the circumstances provided for in art. 11, item II, of the Personal Data Protection Act.


4.1. Types of data collected

4.1.1. Data Entered in the Contact Form

The data eventually provided by the user who uses the contact form provided in the application, including the content of the message sent, will be collected and stored.


4.1.2. Sensitive data

Sensitive data will not be collected from users, as defined in arts. 9 and 10 of the RGPD and in arts. 11 et seq. Of the Personal Data Protection Act. Thus, among others, there will be no collection of the following data:

- data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or user union membership

- genetic data

- biometric data to identify a person unequivocally

- data relating to the health of the user

- data relating to the sexual life or sexual orientation of the user

- data relating to criminal convictions or infringements or related safety measures.


4.1.3. Collection of Data Not Expressly Provided

Eventually, other types of data not expressly provided for in this Privacy Policy may be collected, provided that it is provided with your consent, or that collection is permitted or enforced by law.


4.2. Legal basis for the processing of personal data 

By using the services of the application, you are consenting to this Privacy Policy. 

You have the right to withdraw your consent at any time by not compromising the lawfulness of the processing of your personal data prior to withdrawal. Withdrawal of consent may be made by e-mail: contato1@pointware.com.br, or by mail sent to the following address: 

Rua Domingos de Morais, n. 2441 - 1. andar, Vila Mariana, São Paulo-SP Zip Code: 04035-000

The consent of the relatively or absolutely disabled, especially children under 16 (sixteen) years old, can only be done, respectively, if properly assisted or represented.

The processing of personal data without the consent of the user will only be carried out for reasons of legitimate interest or for the purposes provided by law, namely, among others:

- for compliance with the legal or regulatory obligation by the controller; conducting studies by a research body, ensuring, where possible, anonymisation of personal data,

- when necessary to perform contract or preliminary contract-related procedures to which the user is party, at the request of the data subject; for the regular exercise of rights in judicial, administrative or arbitral proceedings, the latter pursuant to Law No. 9,307, of September 23, 1996 (Law of Arbitration)

- for the protection of the data subject's or third party's life or physical safety

- for the protection of health, in a procedure carried out by healthcare professionals or health authorities,

- when necessary to meet legitimate interests controller or third party, except where the fundamental rights and freedoms of the data subject requiring the protection of personal data prevail,

- for the protection of credit, including the provisions of the relevant legislation.


4.3. Purposes of the processing of personal data

The user's personal data collected by the application is intended to facilitate, expedite and fulfill the commitments made with the user and to enforce requests made by completing forms.

Personal data may also be used for commercial purposes to personalize the content offered to the user, as well as to subsidize the application to improve the quality and operation of its services.

The processing of personal data for purposes not provided for in this Policy. 

Privacy will only occur upon prior notice to the user, and in any event the rights and obligations set forth herein will remain applicable.


4.4. Personal data retention period

The user's personal data will be retained for a maximum period of: 90 days, unless the user requests its deletion before the end of this period. Users' personal data can only be stored after their processing ends.

- to comply with the legal or regulatory obligation of the controller

- to study by a research body, ensuring, where possible, anonymization of personal data

- to transfer to a third party, provided that the data processing requirements are met data provided for in the legislation

- for the controller's exclusive use, its access by a third party is forbidden, provided the data is anonymised.


4.5. Recipients and transfer of personal data

User's personal data will not be shared with third parties. They will therefore be treated only by this application.
5. Processing of personal data

5.1. Data controller The controller, 

the controller of the user's personal data, is the natural or legal person, public authority, agency or other body that, individually or in conjunction with others, determines the purposes and the means of processing personal data.

In this application, the person responsible for processing the personal data collected is Pointware Informatica Ltda, represented by Sergio Gomes Sardinha, who can be contacted at sergio.sardinha@pointware.combr or at : 

Rua Domingos de Morais, 2.441 - 1. Floor, Vila Mariana - Sao Paulo-SP, Zip Code: 04035-000

The controller will directly deal with the processing of user's personal data. 

Data protection officer The data protection officer is the professional in charge of informing, advising and controlling the data controller, as well as the data processing workers, of the data protection officer. of the application's obligations under the RGDP, the Personal Data Protection Act and other data protection provisions of national and international law, in cooperation with the competent control authority.

In this application the data protection officer (date protection officer) is Sergio Gomes Sardinha, who can be contacted at sergio.sardinha@pointware.com.br.


5.2. From the data protection officer

The data protection officer is the professional in charge of informing, advising and controlling the data controller, as well as the data processing workers, about the application's obligations under the RGDP, Law Personal Data Protection and other data protection provisions of national and international law, in cooperation with the competent control authority.

In this application the data protection officer is Sergio Gomes Sardinha, who can be contacted at sergio.sardinha@pointware.com.br.



6. Security in the processing of personal data of the user

The application undertakes to apply the technical and organizational measures to protect personal data from unauthorized access and from situations of destruction, loss, alteration, communication or dissemination of such data.

To ensure safety, solutions will be adopted that take into consideration: the appropriate techniques; application costs; the nature, scope, context and purposes of the treatment; and risks to user rights and freedoms.

The application uses SSL (Secure Socket Layer) certificate which ensures that personal data is transmitted securely and confidentially, so that data transmission between the server and the user, and in feedback, takes place in a completely encrypted or encrypted manner.

However, the application disclaims liability for the sole liability of a third party, such as a hacker or cracker attack, or the sole liability of the user, such as the case where he transfers his data to a third party. The application also undertakes to communicate the user in a timely manner in case of any breach of the security of their personal data that could cause a high risk to their rights and personal freedoms.


A breach of personal data is a security breach that accidentally or unlawfully causes unauthorized destruction, loss, alteration, disclosure, or access to personal data transmitted, retained, or otherwise processed.

Finally, the application undertakes to treat the user's personal data confidentially, within legal limits.


7. Complaint to a supervisory authority

Without prejudice to any other administrative or judicial remedy, all data subjects are entitled to lodge a complaint with a supervisory authority. The complaint may be made to the authority of the application's headquarters, the user's country of habitual residence, their place of business or the place where the infringement was allegedly committed.


8. Amendments

This version of this Privacy Policy was last updated on: 10/07/2019.

The publisher reserves the right at any time to modify the application to these standards, especially to adapt them to the evolution of Easy Inventory, Pw.Ponto and Pw.Acesso applications, either by making new features available, either by deleting or modifying them. existing ones.

The user will be explicitly notified if this policy is changed.

By using the service after any modifications, the user demonstrates their agreement with the new standards. If you disagree with any of the modifications, you must immediately stop access to the application and submit your disclaimer to the customer service if you wish.


9. Applicable law and venue

For the settlement of disputes arising from this instrument, Brazilian law shall be fully applied.

Any disputes should be filed in the district court where the publisher of the application is located.

Needing help?

REQUEST CONTACT
Share by: