Privacy Policy and GDPR
ATTENTION: It is recommended that you read this Privacy Policy before providing any personal data to Vendemmia.
Vendemmia, committed to protecting the privacy of customer data and other people who access our digital platforms (hereinafter referred to as “user/users”), as well as protecting the personal data of anyone, presents this Privacy Policy Privacy.
This Privacy Policy aims to provide clear and precise information about the processing of personal data of users who access our website, clarifying interested parties about the types of data that are collected, the reasons and purpose of the collection and how the The user will be able to update, manage or request the deletion of this information, and, given its publicity, it is not liable to claim that any user is unaware of its content.
This Privacy Policy is supported by and was prepared in accordance with the Data Protection Laws, namely: Federal Law n. 12,965 of April 23, 2014 (Marco Civil da Internet), Federal Law n. 13,709, of August 14, 2018 (Personal Data Protection Law) and EU Regulation n. 2016/679 of April 27, 2016 (General European Regulation for the Protection of Personal Data – RGDP), and may be updated as a result of any regulatory update, which is why the user is invited to periodically consult this section.
In this way, any user who uses our website declares, in turn, that he consents to the Terms and Conditions set forth in this Policy and the principles that govern it. Acceptance of this Privacy Policy is necessary for the user to make full use of the site’s tools.
1. DEFINITIONS
For the purposes of this Privacy Policy:
“Personal Data” means information that allows the identification, directly or indirectly, of natural persons;
“Sensitive Personal Data” means information about racial or ethnic origin, religious conviction, political opinion, union membership or organization of a religious, philosophical or political nature, data regarding health or sex life, genetic or biometric data, when linked to a natural person;
“Processing of Personal Data” means any operation carried out with Personal Data, such as: collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification , communication, transfer, diffusion or extraction; It is
“Data Protection Laws” means all legislation applicable to the Processing of Personal Data, which includes, without limitation, Federal Law n. 13,709/2018 (“LGPD-General Data Protection Law”).
2. PERSONAL DATA PROCESSING CONTROLLER
The controller, responsible for processing the user’s personal data, is Vendemmia, through its CNPJs: Vendemmia Comércio Internacional Ltda., registered under CNPJ/MF No. 13.631.538/0001-46, headquartered at Avenida Nossa Senhora da Penha, No. 1495 – BT Room 11080- BT Tower, Vitória/ES, CEP: 29.056-905 and Vendemmia Armazém e Logística Integrada Ltda., registered with CNPJ/MF No. 25.211.082/0001-44, headquartered on BR-470 highway, no. 6.800, neighborhood Volta Grande, Navegantes/SC, CEP: 88371-890.
Vendemmia will process the personal data provided through the website: www.vendemmia.com.br
3. PERSON IN CHARGE OF DATA PROCESSING
(DPO – Data Protection Officer)
The Data Protection Officer is the professional who acts as a communication channel between the Controller, the data subjects and the National Data Protection Authority (ANPD), being in charge of receiving communications and adopting measures, as well as informing, advising and control the data controller and the collaborators who process the data, regarding the site’s obligations under the terms of the RGDP, the Personal Data Protection Law and other data protection provisions present in national and international legislation, in cooperation with the competent supervisory authority.
For the purposes of this Policy, the Data Protection Officer is Mr. André Renato Riva and can be contacted by the following email: dpo@vendemmia.com.br
4. USER/DATA HOLDER RIGHTS
The user of this site has the following rights, conferred by the LGPD-General Law for the Protection of Personal Data and by the GDPR:
Right of access: obtain access to which of your personal data are stored in the database corresponding to the Vendemmia Controller website; Right of rectification/update: rectification and/or update of personal data concerning you; Right to delete data or right to be forgotten: is the user’s right to have their data deleted from the website; Right to limit the processing of data: it is the user’s right to limit the processing of their personal data, being able to obtain it when contesting the accuracy of the data, when the processing is unlawful, when the website no longer needs the data for the purposes proposals and when you have expressed opposition to the processing of your data and in case of unnecessary data processing; Right of opposition: it is the user’s right, at any time, to object, for reasons related to their particular situation, to the processing of personal data concerning them, and may also oppose the use of their personal data to define a profile of marketing; Right to data portability: is the user’s right to receive personal data concerning him and that he has provided to the website; Right not to be subjected to automated decisions: it is the user’s right not to be subject to any decision made exclusively based on automated treatment.
5. HOW USERS EXERCISE THEIR RIGHTS
The user may exercise their rights by means of written communication to Vendemmia specifying:
Full name or Company name;
CPF number (Individual Taxpayer Registry, Federal Revenue of Brazil) or CNPJ
(National Register of Legal Entities, Federal Revenue Service of Brazil);
E-mail address of the user and, if applicable, of his representative;
Right you wish to exercise, as well as a document that demonstrates or justifies the exercise of the right;
Order date and user signature.
The user has the right to withdraw his consent at any time, not compromising the lawfulness of the processing of his personal data before the withdrawal. The withdrawal of consent may be done by email: dpo@vendemmia.com.br or by mail sent to the following address: Rua Funchal, 129, 13th floor, Vila Olímpia, São Paulo/SP, CEP: 04551-060 .
The user will be informed in case of rectification or deletion of his data.
6. INFORMATION COLLECTED
The collection of user data by Vendemmia will take place in accordance with the provisions of this Privacy Policy and will depend on the user’s consent, which is expendable only in the cases provided for in art. 11, item II, of the Personal Data Protection Law.
6.1 Types of data collected
6.1.a. Data provided in the contact form
The use, by the user, of certain functionalities of the site will depend on filling out a form, and, in these cases, the following user data will be collected and stored:
– Full name, email address, telephone number, CPF number, full Company name, position in which the user works, CNPJ number, postal address.
Any data eventually informed by the user who uses the contact form available on the website, including the content of the message sent, will be collected and stored.
6.1.b. access logs
In compliance with the provisions of art. 15, caput and paragraphs, of Federal Law n. 12.965/2014 (Marco Civil da Internet), user access records will be collected and stored for at least six months.
6.1.c. Newsletter/News Clipping
The e-mail address registered by the user who chooses to subscribe to our Newsletter/News Clipping will be collected and stored until the user requests his unsubscription, if he so wishes.
6.1.d. sensitive data
User sensitive data will not be collected, as defined in Articles 9 and 10 of the RGPD and Articles 11 and following of the General Law for the Protection of Personal Data.
6.1.e. Collection of data not expressly provided for
Eventually, other types of data not expressly provided for in this Privacy Policy may be collected, provided that they are provided with the user’s consent, or that the collection is permitted or imposed by law.
7. LEGAL BASIS FOR PROCESSING PERSONAL DATA
By using the website’s services, the user is consenting to this Privacy Policy.
The user has the right to withdraw his consent at any time, not compromising the lawfulness of the processing of his personal data before the withdrawal. Withdrawal of consent may be done by email: dpo@vendemmia.com.br, or by mail sent to the following address: Rua Funchal, nº 129 13º Andar, 13A and 13B, São Paulo, SP, CEP: 04551- 060.
The consent of users who are relatively or absolutely incapable, especially children under 16 (sixteen) years of age, can only be given, respectively, if they are duly assisted or represented.
Personal data necessary for the execution and fulfillment of the services contracted by the user on the website may also be collected.
The processing of personal data without the user’s consent will only be carried out due to legitimate interest or for the cases provided for by law, that is, those provided for in item II of article 11 of Law 13,709 of 2018.
8. PURPOSES OF PROCESSING PERSONAL DATA
The user’s personal data collected by the site are intended to facilitate, expedite and fulfill the commitments established with the user, as well as to enforce requests made by filling in forms.
Personal data may also be used for a commercial purpose, to customize the content offered to the user, as well as to support the website to improve the quality and operation of its services.
The collection of data related to or necessary for the execution of a purchase and sale or service provision agreement, eventually signed between Vendemmia and a user, will have the purpose of giving the parties legal certainty, in addition to facilitating and enabling the conclusion of the business .
The processing of personal data for purposes not provided for in this Privacy Policy will only occur upon prior notice to the user, and, in any case, the rights and obligations set forth herein will remain applicable.
9. TERM OF CONSERVATION OF PERSONAL DATA
The user’s personal data processed for the purposes determined above will be kept in accordance with the principles of purpose, adequacy and necessity, until the purposes of the treatment are achieved.
The hypothesis of Personal Data being kept for periods longer than those initially foreseen is excepted, in compliance with regulatory obligations or for defense in judicial, administrative or arbitration proceedings.
10. RECIPIENTS AND TRANSFER OF PERSONAL DATA
There will be no data sharing with other sites.
The personal data collected may be accessed by Vendemmia employees, providers and service providers, these people being directly authorized by the Controller for the respective treatment and being aware of the personal data protection and privacy guidelines implemented in the company’s corporate environment, under penalty of legal measures applicable in the event of any non-compliance and/or violation, when necessary.
The transfer of data can only be made to another country if the country or territory in question, or the international organization in question, ensures an adequate level of protection of the user’s data.
If there is no adequate level of protection, the website is committed to guaranteeing the protection of your data in accordance with the strictest rules, through specific contractual clauses for a given transfer, standard contractual clauses, global corporate standards or seals, certificates and regularly issued codes of conduct.
11. SECURITY IN THE TREATMENT OF THE USER’S PERSONAL DATA
For the Processing of Personal Data collected directly from the user or by other means mentioned above, we adopt physical and administrative measures capable of safeguarding the security of the information collected and processed, that is, solutions that take into account: the appropriate techniques; application costs; the nature, scope, context and purposes of the processing; and the risks to user rights and freedoms.
All information will be kept in our Database for the time necessary or relevant to Vendemmia’s corporate purpose, under the terms of applicable legislation in force, as well as to resolve disputes and comply with legal obligations.
However, the site disclaims responsibility for the sole fault of third parties, as in the case of hackers or crackers, or the sole fault of the user, as in the case where he himself transfers his data to a third party. The website also undertakes to notify the user within an adequate period of time in the event of any type of violation of the security of their personal data that may cause a high risk to their personal rights and freedoms, as well as to the National Data Protection Authority ( ANPD) and any other authority that applies to the violation and the measures we adopt to resolve it.
A breach of personal data is considered to be a breach of security that causes, accidentally or unlawfully, the destruction, loss, alteration, disclosure or unauthorized access to personal data transmitted, stored or subject to any other type of treatment.
Although Vendemmia makes the best efforts to preserve the privacy and protect the Personal Data of its users, no transmission of information is completely inviolable, so we cannot fully guarantee that all information sent and received will not be the target of unauthorized access. perpetrated through methods developed to improperly and unlawfully obtain information. For this reason, we encourage users to also take the appropriate measures to protect themselves, such as, for example, keeping confidential all Owner names and access logins/passwords, being certain that such information is personal, non-transferable and the sole responsibility of the user. .
Furthermore, all those who process the Personal Data collected, based on Vendemmia’s instructions, are subject to a duty of confidentiality and are required to prove compliance with the LGPD and other data protection laws.
Finally, the website undertakes to apply the technical and organizational measures capable of protecting personal data from unauthorized access and situations of destruction, loss, alteration, communication or dissemination of such data, as well as, it undertakes to treat the data data of its users with confidentiality, within legal limits.
12. NAVIGATION DATA (COOKIES)
Cookies are small text files sent by the website to the user’s computer and which are stored there, with information related to the navigation of the website.
Through cookies, small amounts of information are stored by the user’s browser so that our server can read them later. For example, data about the device used by the user, as well as the location and time of access to the website, may be stored.
Cookies do not allow any file or information to be extracted from the user’s hard drive, and it is not possible, through them, to have access to personal information that did not come from the user or the way he uses the website’s resources. .
It is important to emphasize that not every cookie contains information that allows the identification of the user, and certain types of cookies can be used simply for the website to load correctly or for its functionalities to work as expected.
Any information stored in cookies that allow identifying a user is considered personal data. In this way, all the rules provided for in this Privacy Policy are also applicable to them.
13. SITE COOKIES
Website cookies are those sent to the user and administrator’s computer or device exclusively by the website.
The information collected through these cookies is used to improve and personalize the user experience, and some cookies may, for example, be used to remember user preferences and choices, as well as to offer personalized content.
This navigation data may also be shared with any partners of the site, seeking to improve the products and services offered to the user.
14. SOCIAL NETWORK COOKIES
The website uses social media plugins, which allow you to access them from the website. Thus, in doing so, the cookies used by them may be stored in the user’s browser.
Each social network has its own privacy and personal data protection policy, and the individuals or legal entities that hold them responsible for the data collected and the privacy practices adopted.
The user can search, along with social networks, information on how their personal data is treated. For information purposes, we provide the following links, from which the privacy and cookies policies adopted by some of the main social networks can be consulted:
Instagram: help.instagram.com/1896641480634370?ref=ig
Youtube: policies.google.com/privacy?hl=pt-BR&gl=pt
Google+: policies.google.com/technologies/cookies?hl=pt
LinkedIn: www.linkedin.com/legal/cookie-policy?trk=hp-cookies
15. MANAGEMENT OF COOKIES AND BROWSER SETTINGS
The user may oppose the registration of cookies by the website, simply by deactivating this option in their own browser or device.
Disabling cookies, however, may affect the availability of some tools and features of the website, compromising its correct and expected functioning. Another possible consequence is the removal of user preferences that may have been saved, harming your experience.
16. AMENDMENTS
This version of this Privacy Policy was last updated on July 7, 2022.
Vendemmia reserves the right to modify these rules at any time, especially to adapt them to the evolution of the website (www.vendemmia.com.br), either by making new functionalities available, or by suppressing or modifying those that already exist. .
The user will be explicitly notified in case of changes to this Policy.
By using the service after any modifications, the user demonstrates his agreement with the new rules. If you disagree with any of the modifications, you must immediately submit your reservation to the customer service or cancel your registration, if you so wish, under the terms mentioned above.
17. COMPLAINT TO A CONTROL AUTHORITY
All data subjects may file a complaint with the National Authority for the Protection of Personal Data – ANDP, as soon as constituted by the competent authorities.
18. APPLICABLE LAW AND JURISDICTION
This Privacy Policy will be governed, interpreted and enforced with the Laws of the Federative Republic of Brazil, especially with Federal Law n. 12,965 of April 23, 2014 (Marco Civil da Internet), with Federal Law n. 13,709, of August 14, 2018 (Personal Data Protection Law) and EU Regulation n. 2016/679 of April 27, 2016 (European General Regulation for the Protection of Personal Data – RGDP)
All disputes, controversies and disagreements between the parties arising out of or related to this privacy policy will have their competent jurisdiction in the jurisdiction of the Controller’s domicile to resolve any doubts arising from this document.
