Privacy Policy

  1. General information

The present Privacy Policy (PP) contains information on the way we process, totally or partially, in an automated way or not, personal data of users that access our website. It is intended to clarify those interested about the types of data collected, the reason for the collection, and the way the user can update, manage, or exclude such information.

This PP was developed according to Federal Law n. 12.965, of April 23, 2014 (Civil Internet Framework), Federal Law n. 13.709, of August 14, 2018 (Personal Data Protection Law) and EU Regulation n. 2016/679, of April 27, 2016 (General Data Protection Regulation – GDPR), and can be updated in case of eventual regulatory update, reason why the user is invited to periodically consult this section.

  1. User rights
  2. a) Principles

The website undertakes to comply with the standards provided in GDPR, with regard to the following principles:

  • The user’s personal data will be: processed in a lawful, loyal, and transparent way (lawfulness, loyalty, and transparence); collected only for given, explicit, and legitimate purposes, and will not be later processed for purposes other than these (limitation of purposes); collected properly, limited to the needs of the objective of the processing (data minimization); exact and updated whenever necessary, so that inexact data are deleted or rectified where possible (accuracy); retained in a way that will allow identification of the data subjects only during the period necessary to the purposes of the processing (limitation of retention); and processes in a safe way, protected from unauthorized or illegal processing, and protected against their loss, destruction, or accidental damage, by adopting appropriate technical or organizational measures (integrity and confidentiality).
  1. b) Rights

The website user is entitled to the following rights, as provided in the Personal Data Protection Law and GDPR:

  • Right to confirmation and access: right to obtain from the website confirmation that their personal data are or not object of processing, and, if so, the right to access their personal data;
  • Right to rectification: the user right to obtain from the website, without unjustified delay, rectification of their inexact personal data;
  • Right to eliminate data (right to be forgotten): the user right to have their data deleted from the website;
  • Right to limitation of data processing: the user right to limit the processing of their personal data, which may occur when the accuracy of the data is contested, when the processing is illegal, when the website no longer needs the data for the purposes proposed, and when the user is against the data processing, and in case of unnecessary data processing;
  • Right to object: the user right to, at any time, object, for reasons related to their private situation, to the processing of their personal data. The user can also object to the use of their personal data to define marketing profile (profiling);
  • Right to data portability: the user right to receive their personal data, those provided to the website, in a structured format, in current use and automatic reading, and the right to transmit these data to other website;
  • Right to not be subject to automated decisions: the user right to not be subject to any decision exclusively made based on automated processing, including profile definition (profiling), that can produce effects in their legal sphere or significantly affect them similarly.
  1. c) Form of contact

The user can exercise their rights through written communication sent to the website with the subject “RGDP-https://abcp.org.br”, specifying:

  • Full name or corporate name, CPF (Natural Persons Register from the Federal Revenue of Brazil) or CNPJ (National Register of Legal Entities, from the Federal Revenue of Brazil), the user email address, and, where applicable, their representative;
  • The right they wish to exercise with the website;
  • Date of the request, and user signature;
  • All documents demonstrating or justifying the exercise of the right.

The request shall be sent to DPO (person in charge) Kathya Moura de Nicolo – e-mail dpo@abcp.org.br – or by mail, to the following address:

Associação Brasileira de Cimento Portland
Av. Torres de Oliveira, 76 – Bairro Jaguaré – São Paulo/SP – ZIP CODE 05347-902

The user will be informed in case of rectification or elimination of their data.

  1. Duty not to provide third parties’ data

During the website use, in order to safeguard and protect third parties’ rights, the website user shall only provide their personal data, and not those of third parties.

  1. Information collected

Users’ data collection will occur as provided in this Privacy Policy and will depend on the user consent, which is dispensable only in the cases provided in art. 11, item II, of the Personal Data Protection Law.

4.1. Types of data collected

4.1.1. User’s identification data for registration

The use, by the user, of certain features on the website will depend on registration, and in these case, the following user data will be collected and stored:

  • name
  • date of birth
  • email address
  • postal address
  • telephone number
  • mobile number
  • ID number
  • CPF number
  • CNPJ number
  • education

4.1.2. Data informed in the contact form

Data eventually informed by the user that uses the contact form made available on the website, including the content of the message sent, will be collected and stored.

4.1.3. Data related to the execution of contracts entered into with the user

For execution of purchase and sale or service contract eventually entered into between the website and the user, other data related or necessary to its execution can be collected and stored, including the content of eventual communications with the user.

4.1.4. Registrations of access

Compliant with provisions in art. 15, caput and paragraphs, of Federal Law n. 12.965/2014 (Civil Internet Framework), registrations of user access will be collected and stored for at least six months.

4.1.5. Newsletter

The email address registered by the user that opts for enrolling in our Newsletter will be collected and stored until the user requests their unsubscription.

4.1.6. Sensitive data

Users’ sensitive data will not be collected. Sensitive data are those defined in arts. 9 e 10 of GDPR and arts. 11 and subsequent articles of the Personal Data Protection Law. Thus, there will be no collection of the following data:

  • data revealing racial or ethnic origin, political opinion, religious or philosophical beliefs, or the user union affiliation;
  • genetic data;
  • biometric data to unequivocally identify a  person;
  • data referring to the user health;
  • data related to the user sexual life or sexual orientation;
  • data related to criminal convictions or infringements, or associated safety measures.

4.1.7. Collection of data not expressly provided

Eventually, other types of data, not expressly provided in this Privacy Policy, may be collected, as long as they are provided with the user consent, or, also, where such collection is permitted or imposed by law.

4.2. Legal basis for personal data processing

While using the website services, the user consents and agrees with the present Privacy Policy.

The user has the right to withdraw his consent at any time, which will not compromise the lawfulness of their personal data processing before its withdrawal.  The consent withdrawal can be made via email to DPO (person in charge) (dpo@abcp.org.br), or by mail sent to the following address: Av. Torres de Oliveira, 76 – Bairro Jaguaré – São Paulo/SP – ZIP CODE 05347-902.

Consent for those relatively or absolutely incapable, particularly those under sixteen (16), can only be made, respectively, with duly assistance or representation.

Personal data necessary for execution and fulfillment of services hired by the user on the website can also be collected.

  1. a) Personal data processing without user consent

Personal data processing with user consent will only occur due to legitimate interest, or in cases provided by law, which are, among others, the following:

  • for compliance with legal or regulatory obligation by the controller;
  • for studies conducted by research body, with guarantee of personal data anonymization, whenever possible;
  • when necessary for execution of contract of preliminary procedures related to the contract in which the user is party, at the request of the data subject;
  • for the regular exercise of rights in legal, administrative, or arbitration process, the latter under the terms of Law nº 9.307, of September 23, 1996 (Arbitration Law);
  • for protection of the life or physical safety of the data subject or third party’s;
  • for protection of health, in procedure conducted by health professionals or health authorities;
  • where necessary to meet the legitimate rights of the controller or third party, except in case where fundamental rights and freedom of the subject of the data that require personal data protection;
  • for protection of credit, including with regard to provisions in applicable legislation.

4.3. Purposes of personal data processing

The user personal data collected by the website are intended to facilitate, streamline, and fulfill the commitments established with the user and uphold the request made through the completion of forms.  They can also be used for business purpose, to personalize the content offered to the user, and provide subsidy to the website to improve its services’ quality and operation.

Registration data will be used to allow the user access to certain contents of the website, exclusive for registered users.

Collection of data related or necessary to the execution of purchase and sale or service contract eventually entered into with the user is intended to confer to the parties legal security, in addition to facilitating and streamlining the business conclusion.

Personal data processing for purposes not provided in this Privacy Policy can only occur upon previous communication to the user, and, in any case, the rights and obligations herein provided will remain applicable.

4.4. Personal data retention period

The user’s personal data will be retained for a period that will not exceed the period required to fulfill the objectives for which they are processed.

The data retention period is defined according to the following criteria:

  1. enrollment in course and certificate issue – the period is indefinite, and the registration remains available for enrollment in other courses, and to receive communications, newsletter, didactic material and advertising of next groups, as long as so requested.
  2. purchase in bookstore – – the period is indefinite, and the registration remains available for next purchases and to receive advertising, as long as so requested.
  3. download of technical publications – – the period is indefinite, and the registration remains available for other downloads, as long as so requested.

Users’ personal data can only be retained, after the end of their processing, in the  following situations:

  • for compliance with legal or regulatory obligation by the controller;
  • for study by research body, with guarantee of personal data anonymization, whenever possible;
  • for transfer to third party, as long as the requirements for data processing provided in the legislation are respected;
  • for exclusive use of the controller, with access by third party prohibited, and as long as the data are anonymized.

4.5. Recipients and transfer of personal data

The user’s personal data can be shared with the following persons or companies:

  • Google Analytics, located at Av. Brigadeiro Faria Lima, 3477, Itaim Bibi, São Paulo/SP

Transfer to other country can only occur if the country or territory, or the international organization ensures appropriate level of protection of the user data.

In case there is no appropriate level of protection, the website undertakes to guarantee protection to their data according to the strictest rules, through contractual clauses specific for a given transfer, standard contractual clauses, global corporate standards or seals, certifications, and codes of conduct regularly issued.

  1. Processing of personal data

5.1. Responsible for data processing (data controller)

The controller, responsible for the user’s personal data processing, is the legal entity, public authority, agency or other body that, individually or jointly with others, determines the purposes and the means of processing personal data.

In this website, the entity responsible for processing personal data collected is the Associação Brasileira de Cimento Portland (Brazilian Association of Portland Cement), represented by the Communication Area, which can be contacted via email: comunicacao@abcp.org.br or at the address: Av. Torres de Oliveira, 76 – Bairro Jaguaré – São Paulo/SP – ZIP CODE 05347-902.

The officer responsible for the data processing will be directly in charge of the user personal data processing.

5.2. The person in charge of data protection (data protection officer)

The data protection office is the professional in charge of informing, advising, and control the entity responsible for data processing, as well as workers that process data, with regard to the website obligations under the terms of GDPR, Personal Data Protection Law, and other provisions on data protection present in national and international legislation, in cooperation with relevant control authority.

In this website, the person responsible for data protection, data protection officer, is Kathya Moura de Nicolo, Information Security coordinator, and she can be contact via email: dpo@abcp.org.br.

  1. Security in the user’s personal data processing

The website undertakes to apply technical and organizational measures to protect personal data from unauthorized accesses and situations of destruction, loss, change, communication or dissemination of such data.

To ensure security, solutions will be adopted that consider appropriate techniques, costs of application, nature, ambit, context and purposes of the processing, and risks to the user’s rights and freedom.

The website uses SSL (Secure Socket Layer) certification, which guarantees that the personal data are transmitted in a safe and confidential way, so that the transmission of data between server and user, and in feedback, will occur in a fully ciphered and encrypted way.

However, the website is exempt from responsibility in case of exclusive fault of a third party, as in the case of attack of hackers or crackers, or exclusive fault of the user, as when he himself transfers his data to a third party. The website also undertakes to inform the user, within appropriate term, in case some type of violation of the security of his personal data occurs that may cause high risk to his personal rights and freedom.

Personal data violation is a security violation that causes, accidentally or illegally, destruction, loss, change, dissemination or unauthorized access to personal data transmitted, retained, or subject to any other type of processing.

Finally, the website undertakes to deal with the user personal data with confidentiality, within legal limits.

  1. Browsing data (cookies)

Cookies are small text files sent by the website to the user’s computer, where they are stored with information related to the website browsing.

Through cookies, small amounts of information are stored by the user browser so that our server can read them later. For example, data on the device used by the user, as well as its location and time of access to the website can be stored.

Cookies do not allow extraction of any file or information from the user hard disk, and it is not possible, through them, to access personal information that was not originated from the user or the way he uses the website features.

It is worth highlighting that not every cookie contains information that permit identification of the user, and some types of cookies can be used only for the website to be correctly loaded or to have their features operating as expected.

Information eventually stored in cookies that permit the identification of a user is considered personal data. So, all rules provided in this Privacy Policy are applicable.

7.1. Third parties’ cookies

Some of our partners may set cookies in devices of users that access our website.

These cookies, in general, aim at enabling our partners to offer their contents and services to the user that accesses our website in a personalized way, by obtaining browsing data extracted from his interaction with the website.

The user can obtain more information on third party’s cookies and how the data obtained from them are processed, in addition to having access to the description of the cookies used and their characteristics, by accessing the following link:

Google Analytics: https://developers.google.com/analytics/devguides/collection/gajs/cookie-usage

The entities responsible for the collection of cookies can provide the information obtained to third parties.

7.2. Social media cookies

The website uses plug-ins from social media that can be accessed from the website.  So, while doing it, the cookies used by them can be stored in the user’s browser.

Each social network has its own privacy and personal data protection policy, and the natural persons or entities that keep them are responsible for the data collected and the privacy practices adopted.

The user can search, on the social media, information on how their personal data are processed.  For informational purposes, we make available the following links, where privacy and cookies policies adopted by some of the main social networks can be consulted:

Facebook: https://www.facebook.com/policies/cookies/

Twitter: https://twitter.com/pt/privacy

Instagram: https://help.instagram.com/1896641480634370?ref=ig

Youtube: https://policies.google.com/privacy?hl=pt-BR&gl=pt

Google+: https://policies.google.com/technologies/cookies?hl=pt

Pinterest: https://policy.pinterest.com/pt-br/privacy-policy

LinkedIn: https://www.linkedin.com/legal/cookie-policy?trk=hp-cookies

7.3. Management of cookies and browser settings

The user can object to the registration of cookies by the website by disabling this option in their own browser or device.

The disablement of cookies, however, may affect the availability of some tools and features of the website, compromising its correct and expected operation.  Another possible consequence is the removal of the user preferences that were eventually saved, thus impairing the experience.

 

  1. a) Support to users

Next, some links to help and support pages of the most used browsers are made available that can be accessed by the user interested in obtaining further information on the management of cookies in their browser.

Internet Explorer:
https://support.microsoft.com/pt-br/help/17442/windows-internet-explorer-delete-manage-cookies

Safari:
https://support.apple.com/pt-br/guide/safari/sfri11471/mac

Google Chrome:
https://support.google.com/chrome/answer/95647?hl=pt-BR&hlrm=pt

Mozila Firefox:
https://support.mozilla.org/pt-BR/kb/ative-e-desative-os-cookies-que-os-sites-usam

Opera:
https://www.opera.com/help/tutorials/security/privacy/

  1. Complaint to a control authority

Without prejudice to any via of administrative or legal appeal, all subjects of data have the right to present complaint to a control authority. The complaint can be made to the website seat authority, the country of habitual residence of the user, his workplace or the place where the infraction was allegedly practiced.

  1. Changes

The present version of this Privacy Policy was updated for the last time on 10/04/2019.

The editor reserves the right to change, at any time and without previous notice, the website, the present standards, particularly to adapt them to the   Associação Brasileira de Cimento Portland website, for making available new features, or suppression or change of the existing ones.

Thus, the user is invited to periodically consult this page to check updates.

While using the service after eventual changes, the user demonstrates his agreement with the new standards. In case he disagrees with any change, he shall immediately request cancellation of his account and present his objection to the service, if he so wishes.

  1. Copyrights and Intellectual Property

The whole content displayed on our website is protected by copyrights or other intellectual property rights. Such rights belong to ABCP or to third parties that granted to APCP the due authorizations and licenses to freely exhibit such contents.

Reproduction, in whole or in part, for any reason, of the website contents is expressly prohibited, except upon previous and express authorization, in writing, by ABCP, under applicable civil and criminal legislation (particularly Law nº 9.610/1998).

  1. Applicable right and jurisdiction

To solve controversies resulting from the present instrument, the Brazilian Law will be fully applied.

Eventual litigations must be presented in the jurisdiction of the district where the website editor is seated.

Instagram Facebook Linkedin
© Copyright 2024 ABCP – All rights reserved.
Privacy Policy | DPO (Kathya Moura de Nicolo)
Scroll to Top