1.1. For the purposes of this policy, the following definitions, concepts and descriptions should be considered:
Users: Natural or Legal Persons who interact with and access Elsys’ information systems, devices, applications and other means and information resources and who provide their personal and identification data during this interaction and/or access.
Beacons: These are small devices that use Bluetooth Low Energy (BLE) technology, which emit signals that can be captured by technological resources, enabling interaction between USERS and the technological resource. Web Beacons are programs whose purpose is to collect data from a USER’s navigation on a page on the Internet.
CLOUD COMPUTING: Or cloud computing, is a service virtualization technology built from the interconnection of more than one server through a common information network (eg the Internet), in order to reduce technological and ownership costs increase the availability of sustained services.
Cookies: Files sent by the PLATFORM server to the USERS’ computer, in order to identify the computer and collect data on browsing habits, such as browsed pages or accessed links, thus allowing to customize the USERS navigation on the Platform, from according to your profile.
Access Account: Credential of a USER necessary to use applications or access areas with restricted content and exclusive features of the PLATFORM and/or ELSYS PRODUCTS and Services.
IP Address: Abbreviation for Internet Protocol. It is an alphanumeric set that identifies USERS’ devices when connected to a network or the Internet.
PLATFORM: Computer Programs or Applications used to provide the Remote Management Service for Elsys devices and equipment, including User Interaction Applications with Elsys equipment.
PRODUCTS: Devices, Equipment, Applications, Software and Applications developed and/or made available by ELSYS for Users to interact and benefit from the desired functionalities offered by the Services provided by Elsys.
CORPORATE SYSTEMS: Software developed and/or acquired and maintained by ELSYS and which are used to process, store, transmit and make available data used by Elsys’ Business and Administrative Processes.
ELSYS Content: Videos, presentations and other instructional and/or educational materials generated by professionals hired and supervised by ELSYS that detail and clarify USERS’ doubts about the operation of ELSYS Products and Services, including Youtube video curation services, developed by ELSYS.
PERSONAL DATA: Data collected on the individual characteristics of a natural person that relate to their identification and/or unique characterization as an individual, whether this individual is a customer, a supplier, an employee, a third party, a visitor or simply a user.
2.1. This policy applies to all types of data collected, stored, processed, made available, transmitted, accessed, disposed of and eliminated by Elsys, in all administrative, management and business processes that it performs and that present any type of activity for the treatment of data pursuant to Law 13.709/2018 (Brazilian LGPD). It also covers the entire data exchange relationship carried out by Elsys involving the supply and/or reception of data with partners, suppliers and contractors, regardless of whether the processing of this data is carried out in a technological, physical or virtual environment.
3. MOTIVATORS AND PURPOSE OF THE COLLECTION AND PROCESSING OF DATA AND PERSONAL DATA
3.1. Elsys only performs the collection and processing of USERS’ Data and Personal Data in its Corporate Systems, in the PLATFORM and/or in the PRODUCTS it makes available for the following purposes:
a) Identify and Authenticate Users properly, providing the functionalities and access they need and appropriate to the Access profile;
b) Administer, provide the services and comply with the obligations related to the use of the services, the PLATFORM and/or contracted PRODUCTS;
c) Properly respond to specific requests and queries from users;
d) Establish and maintain personalized contact through instant communication applications, email, direct mail and/or other means of communication indicated by the Users;
e) Improve the use and experience of the PLATFORM services and/or Elsys PRODUCTS;
f) Carry out statistical analyses, studies, research and surveys relevant to the activities and behavior of Users in the use of the PLATFORM and/or PRODUCTS;
g) Promote services and products of interest to users and in accordance with behaviors in the interaction with the Platform and Products.;
h) Comply with contractual, legal, civil, criminal and labor obligations existing in the federal, state and municipal order where Elsys operates and/or makes available its Products and the Platform.
i) Inform about news, features, content, news and events relevant to the maintenance and improvement of the User experience;
j) Safeguard rights and obligations related to the use of Corporate Systems, PLATFORM and/or Elsys PRODUCTS;
k) For identification of the parties and formation of evidence in questions, doubts and legal demands involving the products, services and data processing performed by ELSYS.
l) Share with partners and contractors so that the obligations assumed by Elsys in the execution of business processes and in the provision of services and products to users can be fulfilled;
3.2. Data processing may also be used and shared according to the following reasons:
a) Compliance with the demands of competent judicial, administrative or governmental authorities, whenever there is a request, requisition or court order;
b) To comply with obligations related to corporate transactions, such as mergers, acquisitions and incorporation of companies, maintaining the main purpose established by Elsys for the processing of data;
c) To enable the execution of contracts with partners and third parties that supply technologies to ELSYS.
d) To meet the requests of the holders of personal data and regulatory agents of the privacy law;
e) To meet security, fraud prevention and credit verification requirements, in accordance with the terms and conditions defined by credit legislation and law 13.709/2018 (LGPD).
3.3. Aiming at the security and protection of Users and ELSYS itself, there may be validation, authentication and confirmation of personal data informed by USERS through consultation with public agencies, reputable companies specialized in the provision of this type of service, with the information obtained by ELSYS classified and treated confidentially and with restricted access.
3.4. Elsys undertakes to handle the database formed by collecting and storing data and personal data provided by users in the interaction with corporate systems, on the PLATFORM and/or PRODUCTS with responsibility and restricting the treatment to the minimum necessary and only when necessary, within the limits and purposes of ELSYS business and meeting the interests of users, being able to make such databases available for consultation by its business partners, suppliers and authorities.
3.4.1. Elsys informs that the USERS’ access credentials and password are for individual use and must be kept confidential and there must not be any type of access or sharing with Elsys or third parties. The sharing of access credential data and/or access password makes the USER co-responsible for any acts of breach of security and privacy.
3.5. All processing of USERS’ data and personal data will be done by duly authorized professionals and with a relationship of confidentiality and secrecy with ELSYS, who are obliged to respect in all their acts the principles of proportionality, necessity and relevance to the business objectives of the ELSYS and safeguarding the rights of the holder of personal data.
4. COLLECTION OF BEHAVIORS, DATA AND PERSONAL DATA
4.1. Elsys explicitly collects data and Personal Data from USERS mainly in the interactions of USERS with the Corporate Systems, with the PLATFORM and/or in the use of the PRODUCTS, especially at the time of the creation of the Access Credential to the corporate systems and platform of ELSYS, browsing internet sites and accessing watched videos and educational content. Data on the behavior of products, receivers used and activities performed by the USER on the PLATFORM are also collected.
4.2. Among the data and personal data that ELSYS needs to collect for processing include, but are not limited to:
i. Registration data: Full name, CPF number, contact email, date of birth, gender, address, state, city and contact telephone number;
ii. Navigation data: Date and time of entry and exit on the PLATFORM, receiver used, operating system and user interactions in corporate systems, PLATFORM and/or PRODUCTS.
iii. Location information: geolocation and geospatial positioning coordinates (Satellite).
iv. IP Address and Logical Port of Origin of USER data;
v. Cookies, it is up to the USER to configure their Internet browser if they wish to block them, being aware that some features of the PLATFORM may be limited with this action;
saw. Web Beacons to collect usage behavior data by the USER when accessing the pages;
vii. Other technologies for obtaining data on browsing habits by the USER.
4.3. Elsys recognizes the rights of holders of personal data provided for in the legislation and responds to questions and requests on this matter by sending an e-mail to firstname.lastname@example.org.
4.4. The accuracy, outdated, veracity or lack thereof in the data provided by the USER is the sole and exclusive responsibility of the USER, who must provide them to Elsys accurately when required and keep them updated on the Platform and on corporate systems made available by Elsys whenever they are modified .
5. COLLECTION OF CONSENT FOR DATA PROCESSING
5.1. Some products and services provided by Elsys to users are only enabled and made available through the provision of Personal Data, in order to meet legal obligations and so that the service contracted by the USER can be performed, therefore, when contracting such services and Products, the USER provides consent for Elsys to process such data for the period in which the provision of such services and products remains and for the period necessary to comply with legal obligations.
5.2. Other consents for Elsys to carry out the necessary processing of data and personal data collected from users will be collected when necessary, at the time of collection of such data, whether this action is automated or manual by Elsys and its partners.
5.3. The USER must be aware that the failure to provide or revoke consent for the treatment of some of their data and personal data may make it unfeasible or disruptive in the use and interaction with corporate systems, the PLATFORM and/or PRODUCTS of Elsys, which in this in case it exempts itself from the responsibility and obligation to reimburse the USER for any repair action related to this matter.
6. DATA STORAGE
6.1. The data and personal data collected and processed by Elsys are stored in a secure and controlled environment and are kept in custody for a minimum period of 1 (one) year or longer, considering both the obligations defined in the Marco Civil da Internet and other obligations and commitments tax and legal taxes for the processing activity performed by Elsys.
6.2. Elsys employs the best efforts and technologies available and accessible in the Brazilian market to protect and ensure control over the access and use of the data and personal data it collects and stores, maintaining its corporate systems, platform, products and technological environments, including Cloud environments Computing within the standards of good data security practices practiced in the Brazilian market by companies of equal size and purpose.
7. DISPLAY, CORRECT, RATIFICATION AND DELETION OF DATA
7.1. The USER may request the display, rectification or ratification of their personal data, using the service channels, the Access credentials and/or the USER service tools provided by ELSYS.
7.2. The USER may request the deletion of their personal data as soon as the contract for the provision of services and/or use of products between the USER and ELSYS has ended, and the minimum legal period for retaining these data has expired.
7.3. . Disposal and/or destruction of data and personal data of users who already have expired legal retention periods will be carried out using irrecoverable data deletion techniques according to the technology available at the time of such action.
8. COMMUNICATIONS BY E-MAIL
8.1. ELSYS never sends e-mails requesting confirmation of personal data, bank passwords or personal registration data; Email communications from Elsys do not have any download or executable file attachments (files with .exe, .com, .scr, .bat, .zip, .rar, .clp extensions, for example).
8.2. All promotional emails originating from Elsys have the address email@example.com as sender, and their links lead directly to ELSYS electronic environments.
8.3. E-mails will only be sent to USERS who choose to receive them and the cancellation of this communication option is a user option and can be done through Elsys service channels.
9. GENERAL PROVISIONS
9.1. In the event of significant updates to this document, ELSYS will notify the USER to become aware of Elsys’ privacy provisions and commitments in the treatment of personal data and data.
9.3. Elsys does not sell or acquire personal data of illicit, doubtful or unknown origin and discourages access and processing of personal data that it holds for different purposes and that are not related to the services it provides and the products it sells.
10. APPLICABLE LAW AND JURISDICTION