At SÃO PAULO SURGICAL we comply with current Brazilian legislation on the protection of personal data.
Our Policy reaffirms our commitment to security, privacy and transparency in our processes for processing personal data and describes how we collect and process visitor data when they access our Site.
This Policy tells you what personal data we collect about users, what we use it for, how and where we store it, and with whom we share it. It also defines users’ rights in relation to their personal data and the contact details for further information or clarification on this subject.
1. LEGAL BASES
The right to privacy of individual data is provided for in the Federal Constitution, in general legislations – in the civil framework for the Internet and its regulating decree, in the Consumer Defense Code – and in Law 13.709/2018, known as the General Law of Personal Data Protection (“LGPD”).
2.1 PERSONAL DATA is the information that allows the identification of natural persons (for example, name, identity number, CPF, address, bank details, location).
2. 2 SENSITIVE PERSONAL DATA is personal data that reflects more intimate aspects and needs to be further protected. For example, data about health, political opinion and religious conviction are sensitive personal data.
2.3 Data Owner is the person to whom the data refer. The user of the site is, in this case, the holder of the personal data.
2.4 DATA PROCESSING is any action that may be carried out with the user’s data. It includes, for example, access, collection, processing, storage and deletion.
2.5 ANONIMIZATION is the technical procedure used to prevent certain data from being linked to a certain person. Anonymized information is not considered personal data.
2.6 COOKIES are files or information that may be stored on devices (computer or cell phone) when the user visits the websites or uses the online services, containing, as a rule, the name of the website that originated it, your time of visit to the website and a numbering, which is randomly generated. COOKIES basically reflect your browsing history and interests on the internet.
2.7 CONTROLLER is the company, individual or regulatory entity responsible for the processing of the personal data.
2.8 OPERATOR is a company or individual contracted to process personal data on behalf of and according to the orders of the Controller, for example, a company contracted only to store information.
3. DATA TO BE PROCESSED
3.1 Data collected automatically as a result of your browsing on the site.
3.2 Data provided by the user such as full name, email, cell phone number when filling out the form (Contact and Work with Us).
4. PURPOSE OF DATA PROCESSING
SÃO PAULO SURGICAL processes data for legitimate and specific purposes, such as:
4.1 obtaining user identification to enable response, through express authorization (consent).
4.2 to develop and improve the resources and functionalities of the site, to provide a better experience for the user.
5. SHARING OF DATA
SÃO PAULO SURGICAL may share your data in specific cases, always in a transparent manner and aligned with the guidelines contained in this Policy. The sharing of your data may be done with:
5.1 authorities and government agencies in function of obligations imposed in laws or regulation.
6. PROTECTION OF YOUR PERSONAL DATA
Your personal data is protected in the SÃO PAULO SURGICAL environment through the following measures:
6.1 Restricted control over access to data, through passwords for personal use, exclusive to employees with defined responsibility for this.
6.2 Password policy, with standardization of strong passwords and the obligation to change passwords periodically, preventing the reuse of previous passwords and blocking for unsuccessful attempts
6.3 The environments where we handle your data are monitored by means of a detailed inventory of accesses to connection and application access records.
7. DATA RETENTION PERIOD
Once the purpose for processing the user’s data has been achieved, they will be deleted from our internal databases or will undergo the anonymization procedure.
8. IMPERMISSIBLE TREATMENTS
SÃO PAULO SURGICAL does not sell, transfer or give access to user data to third parties, except to comply with the provisions of item 5 of this Policy.
9. TYPES OF COOKIES USED
9.1 Those essential to allow navigation on the site, allowing the page environments to load correctly.
9.2 Those that allow a better navigation experience, allowing the use of all available functionalities.
By accessing our site you agree to the COOKIES used by SÃO PAULO SURGICAL.
10. RIGHTS OF DATA SUBJECTS
The rights in relation to the user’s personal data can be exercised at any time, free of charge, by registered request to the Data Officer/DPO, via email: firstname.lastname@example.org
The user may request:
- Update their personal data or the correction of data that they consider to be incorrect or incomplete;
- Obtain information about the possibility of not giving consent, where applicable, and the consequences in case of refusal;
- To withdraw the consent given for the processing of your personal data, as well as to request its deletion (to the extent that such processing is based on consent);
- Obtain information on with whom we carry out shared use of your data;
- Request that personal data that the user considers unnecessary, excessive or treated in non-compliance with the LGPD, be anonymized, blocked or deleted;
- Request a review of decisions made uniquely on the basis of automated processing of personal data;
- Request data portability upon express request.
If you have any questions about this Privacy and Personal Data Protection Policy, please contact our Data Protection Officer/DPO at email@example.com .
11. UPDATES AND/OR ALTERATIONS TO THIS POLICY
SÃO PAULO SURGICAL may revise, alter or update this policy whenever it deems necessary. We assure that any update and/or alteration will be promptly disclosed on the site, always making it possible to consult the latest revision.
12. FINAL CONSIDERATIONS
This policy applies to São Paulo Surgical Comércio de Material Hospitalar Ltda., company registered in the CNPJ under the number 28.537.797/0001-80, located at Av. Engenheiro Luiz Carlos Berrini, 105 – Grupo 1201 – Cidade Monções – São Paulo – SP – Brazil.
São Paulo Surgical adopts preventive mechanisms against information security incidents, as well as remediation and crisis management techniques.