Your privacy is important to us. It’s the policy of Angélica Flores Natural Perfumery to respect your privacy in regards to any of your information that we may come to collect in the website Angélica Flores Natural Perfumery. You are free to deny our request of personal information, understanding that we may not provide some of the services desired.
The present document has been elaborated in conformity with the “General Data Protection Act” (Lei 13.709/18), the “Civil Rights Framework for the Internet” (Lei 12.965/14) and the General Data Protection Regulation of the European Union (UE n.2016/6790). This document may be updated as result of an eventual normative update. In the case of change the user will be informed through the available communication channels provided by the same.
We request personal information only when we really need it to offer you our services. This is done through just and loyal means, with your awareness and consent. We also inform why we are collecting it and how it will be used.
We only retain the collected information for as long as necessary to provide the requested service. When we store data, we protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification.
1.1 When accessing the website
When accessing our website, certain information (about the browser used, device type, time spent, IP address, operating system, browser language, time zone, local time and approximate location) will be stored on the server while staying on the website.
This information is necessary for the fulfillment of legal obligations, identification of the context of access, and safe use of the service so that we can establish a secure connection using SSL certificates, and protect our users and servers.
1.2 When creating an account and making purchases
When creating an account it is possible we collect the following data, CPF, full name, date of birth, address, e-mail address, telephone number, mobile number.
This information is necessary so that we can verify your identity, avoid possible fraud situations and identify and prevent any security threats.
1.3 Through third parties
We also receive data from third parties, Facebook and Google, when the user logs in or accesses through one of those. The use of this data is previously authorized by users with the third parties in question, using the party-auth system.
The confidentiality of your information is important to us, so the information shall be stored in compliance with the strictest security standards (ISO / IEC 27001). However, it is important for the user to be aware that due to the nature and technical characteristics of the Internet, this protection is not infallible and is subject to violation by diverse malicious practices.
The information referring exclusively to the payment method is not stored on our servers, because they are only necessary in the processing of payments.
All information regarding the user is kept on our servers while the user maintains an active account on our services, at the time of deleting it, the information is deleted from our servers. Another case of data exclusion is at the user’s request, or in other cases provided by Law.
Furthermore, users’ personal data can only be preserved after the end of their handling in the following cases provided for in article 16 of the LGPD (Lei 13.709/18):
Compliance with legal or regulatory obligation by the controller;
Study by a research body, guaranteeing, whenever possible, the anonymization of personal data;
Transfer to a third party, provided that the data processing requirements set forth in this Law are respected;
Exclusive use of the controller, access by a third party is prohibited, and provided the data is anonymized.
Security incident is “a breach of security that causes, accidentally or unlawfully, the destruction, loss, alteration, disclosure or unauthorized access to personal data transmitted, stored or subjected to any other type of handling”.
As mentioned in the previous topic, due to the very nature of the means through which the service is exposed, it is possible that incidents and data leaks occur, in case this happens we’ll immediately get in touch with the data subjects, through the communication methods provided by the same, to inform them of the leak, and actions that the same should take to remedy the case, like changing passwords and others that vary by case.
We undertake to apply technical and organizational measures to protect personal data from unauthorized access and situations of destruction, loss, alteration, communication or dissemination of such data.
The stored personal data is treated with confidentiality, within the legal limits. However, we may disclose your personal information in cases that are necessary to comply with legal or regulatory obligations.
By using this service and accepting this document we share some of your data with other companies, when possible in anonymized form, it is also possible we share your data for the execution of public policies and compliance with legal obligations.
GOOGLE ANALYTICS: The data shared here are: number of users and sessions, session length, operating system, device models, geography, first starts, website openings, website updates and website purchases, all of which are anonymized for purposes of advertising. and advertising of our products.
FACEBOOK PIXEL: The data shared is: completion of a purchase, lead when the user signs up for a test or identifies himself as a lead, items added to the cart, items added to the wish list, content viewed, checkout start, these in a non anonymized form.
PAGSEGURO: With pagseguro, only non-anonymizable data related to the payment method are shared. These are shared only if the user makes a purchase within our website.
By accepting this document through electronic verification, the user guarantees and is responsible for the veracity, accuracy, validity and authenticity, of all the information that he may provide for the use of the service, committing themself to keeping everything updated. Minduim has no responsibility in case of insertion of false data or inaccuracy, which can be used as a criterion to suspend and/or cancel the user’s registration at any time.
In terms of the General Data Protection Law, the user has the rights to:
Confirmation of the existence of processing – The data subject has the right when they deem it necessary to confirm the handling of the data and what is the processing carried out on them, for this the user must get in contact through the contact forms available on the website or email.
Access to data – The data subject can request what data we have about them, through our contact forms on the website or through our e-mails, the maximum period for returning the data is 15 calendar days.
Correction of incomplete, inaccurate or outdated data – If any incorrect, incomplete or outdated datum is identified by the user, they can make the change at any time through the user panel.
Anonymization, blocking or elimination of unnecessary data – If the user deems it necessary, it is possible to request anonymization of the data when this is possible. The elimination of data that the same deems unnecessary (if it is necessary for some system function, the user will be informed and unable to delete the data while maintaining use of the website). It is also possible to block the data by not handling them and only storing them.
Data portability – The data subject also has the right to port the data to any other supplier, this must be done by the expressed request through the contact forms available on the website or directly in our contact emails. The portability of personal data does not include data that has already been anonymized by the controller.
Elimination of personal data – It is the user’s right to delete personal data, and it can be done at any time, by shutting down the account directly on the panel, or by request of shutdown through the contact emails available on our website.
Information on the possibility of not providing consent and on the consequences of denial – Whenever it is possible to not provide consent to the processing of any personal data, the user shall be informed and will have the option to refuse the processing , being aware of the consequences of not accepting electronically.
Angélica Flores natural perfumery may send communications and advertising messages to the User using all available technologies and means of communication, whether by e-mail, SMS, MMS, direct mail and others. All electronic newsletters and advertising messages sent by e-mail shall always bring an option to cancel receiving that type of message. The cancellation will be made in the least time required. Messages and notifications related to the Service cannot be canceled, unless the User registration is canceled itself.
It is the user’s duty to keep updated the personal data provided when using the site.
The commercial use of the expression “Angélica Flores Natural Perfumery” as a brand, business name or domain name, as well as the contents of the screens related to Angélica Flores natural perfumery, as well as the programs, databases, networks and
files, which allow the user to access and use their account. The user is prohibited from distributing and/or making publicly available the digital products and services from this website, with the intention of monetization, this being characterized as piracy. This can lead to loss of access to the platform.
The website may link to other sites, this does not mean that these sites are owned or operated by Angélica Flores natural perfumery. The presence of links to other sites does not imply a relationship of society, supervision, complicity or solidarity of Angélica Flores Natural Perfumery with these sites and their contents.