This application is maintained and operated by ELPO App.
We collect and use some personal data that belongs to those who use our app. In doing so, we act as the controller of this data and are subject to the provisions of Brazilian Federal Law no. 13,709 / 2018 (General Law on Protection of Personal Data).
We take care of the protection of your personal data and, therefore, we provide this privacy policy, which contains important information about:
- Who should use our app;
- What data we collect and what we do with it;
- Your rights in relation to your personal data;e
- How to contact us.
1. Who should use our app
Our application should only be used by people over eighteen years of age. Therefore, children and adolescents should not use it.
2. Data we collect and reasons for collection
Our application collects and uses some personal data from our users, in accordance with the provisions of this section.
1. Personal data provided expressly by the user
We collect the following personal data that our users expressly provide to us when using our application:
Full name, month and year of birth, address and Institution to which you are linked.
The collection of this data occurs in the following moments:
Only the first time you use the application.
The data provided by our users is collected for the following purposes:
The information will be used for user registration and the possibility of sending information and updates about ELPO and support surfaces and their indications. The handling of information will be carried out globally, only for the characterization of users.
2. Sensitive data
Sensitive data will not be collected from our users, thus understood those defined in arts. 11 et seq. Of the Personal Data Protection Law. Thus, there will be no data collection on racial or ethnic origin, religious conviction, political opinion, union membership or organization of a religious, philosophical or political nature, data related to health or sexual life, genetic or biometric data, when linked to a natural person.
3. Collection of data not expressly provided
Eventually, other types of data not expressly provided for in this Privacy Policy may be collected, provided that they are provided with the user's consent, or even that the collection is permitted on the basis of another legal basis provided for by law. In any case, the data collection and the resulting processing activities will be informed to the users of the application.
3. Sharing personal data with others
We do not share your personal data with others. Despite this, it is possible that we do so to comply with some legal or regulatory determination, or, still, to comply with some order issued by public authority.
4. How long your personal data will be stored
The personal data collected by the application are stored and used for a period of time that corresponds to what is necessary to achieve the purposes listed in this document and that considers the rights of its holders, the rights of the application controller and the applicable legal or regulatory provisions.
Once the periods for storing personal data have expired, they are removed from our databases or anonymized, except in cases where there is the possibility or the need for storage due to legal or regulatory provision.
5. Legal bases for the processing of personal data\n\nEach operation of personal data processing must have a legal basis, that is, a legal basis, which is nothing more than a justification that authorizes it, provided for in the General Law for the Protection of Personal Data.
All of our personal data processing activities have a legal basis that supports them, among those permitted by law. More information about the legal bases we use for specific personal data processing operations can be obtained from our contact channels, informed at the end of this Policy
6. User rights
The user of the application has the following rights, conferred by the Personal Data Protection Law:
- confirmation of the existence of treatment;
- data access;
- correction of incomplete, inaccurate or outdated data;
- anonymizing, blocking or deleting unnecessary, excessive or treated data in non-compliance with the provisions of the law;
- portability of data to another service or product provider, upon express request, in accordance with the regulations of the national authority, subject to commercial and industrial secrets;
- elimination of personal data processed with the consent of the holder, except in cases provided for by law;
- information from public and private entities with which the controller shared data use;
- information about the possibility of not providing consent on the negative consequences
- withdrawal of consent.
It is important to note that, under the terms of the Data Protection Act, there is no right to delete data processed on the basis of legal bases other than consent, unless the data is unnecessary, excessive or treated in non-compliance with the law.
1. How the holder can exercise his rights
To ensure that the user who wants to exercise their rights is indeed the holder of personal data object of the request, we may request documents or other information that can assist in the correct identification in order to protect our rights and the rights of others. This will only be done, however, if absolutely necessary, and the applicant will receive all related information.
7. Security measures in the processing of personal data \n\nWe employ technical and organizational measures able to protect personal data from unauthorized access and situations of destruction, loss, loss or alteration of such data.
The security measures we use take into account the nature of the data, the context and purpose of the processing, the risk that any violation would lead to the user rights and freedoms, and standards currently used in the market for similar companies to ours.
Among the security measures adopted by us, we highlight the following:
During the use of the ELPO App, there is neither the request nor the storage of any data from the user or the patients analyzed
Even if it adopts everything in its power to avoid security incidents, it is possible that there may be a problem motivated exclusively by a third party - such as in the case of attacks by hackers or crackers or, even in the case of the user's exclusive fault, that it occurs, for example, when he himself transfers his data to a third party. Thus, although we are generally responsible for the personal data that we treat, we disclaim liability in the event of an exceptional situation as those on which we have no control.
In any case, in the event of any type of security incident that may generate significant risk or damage to any of our users, we will inform those affected and the National Data Protection Authority about the incident, in accordance with the provisions of the General Protection Law of Data.
8. Complaint to a control authority
Without prejudice to any other means of administrative or judicial appeal, the holders of personal data who feel, in any way, injured, may submit a complaint to the National Data Protection Authority.
9. Changes to this policy
This version of this Privacy Policy was last updated on: 03/20/2021.
We reserve the right to modify at any time, these standards, especially to adapt them to any changes made in our application, either by providing new features, either by deletion or modification of those already existing.
Whenever there is a change, our users will be notified of the change.
10. How to contact us
To clarify any doubts about this Privacy Policy or the personal data we process, please contact our Personal Data Protection Officer, through any of the channels mentioned below:
Phone: +55 (22) 98149-9496
Postal address: Professor Camila Mendonca de Moraes, Ph.D., RN.
Dona Noemia Costa Monteiro Street 97
Nova Floresta
Guaxupe - Minas Gerais
37800-000