1. General information
This Privacy Policy contains information about how we treat, in whole or in part, automated or not, the personal data
of users who access our website. Its purpose is to inform interested parties about the types of data that are collected, the
reasons for collecting them and how the user can update, manage or delete this information.
This Privacy Policy was prepared in accordance with Federal Law n. 12.965 of April 23, 2014 (Marco Civil da Internet),
with Federal Law n. 13.709, of August 14, 2018 (Personal Data Protection Law) and with EU Regulation no. 2016/679 of 27 April
2016 (European General Regulation for the Protection of Personal Data – RGDP).
This Privacy Policy may be updated as a result of any regulatory update, which is why the user is invited to periodically
consult this section.
2. User rights
The site is committed to complying with the rules provided for in the RGPD, in respect of the following principles:
determined, explicit and legitimate, and cannot be further processed in a way that is incompatible with these purposes
(purpose limitation);
– The user's personal data will be collected in an appropriate, relevant and limited way to the needs of the purpose
for which they are processed (data minimization);
necessary, so that inaccurate data is erased or rectified when possible (accuracy);
– The user's personal data will be kept in a way that allows the identification of the data subjects only for the
period necessary for the purposes for which they are processed (retention limitation);
– The user's personal data will be treated securely, protected from unauthorized or unlawful processing and against
accidental loss, destruction or damage, adopting the appropriate technical or organizational measures (integrity and confidentiality).
The website user has the following rights, granted by the Personal Data Protection Law and by the RGPD:
– Right of confirmation and access: it is the user's right to obtain from the website the
confirmation that the personal data concerning you are or are not the object of processing and, if so, the right to access
your personal data;
– Right of rectification: it is the user's right to obtain from the website, without undue delay, the rectification
of inaccurate personal data concerning him;
– Right to data deletion (right to oblivion): it is the user's right to have their data deleted from the website;
– Right to limit the processing of data: it is the user's right to limit the processing of their personal data,
being able to obtain it when they dispute the accuracy of the data, when the processing is unlawful, when the website no longer
needs the data for the proposed purposes and when you have opposed the processing of data and in case of unnecessary data
processing;
– Right of opposition: it is the user's right, at any time, to object, for reasons related to his particular situation,
to the processing of personal data concerning him, and may also object to the use of his personal data to define marketing
profile (profiling);
– Right of data portability: it is the user's right to receive the personal data concerning him/her that he/she
has provided to the website, in a structured format, commonly used and automatically read, and the right to transmit this
data to another website ;
– Right not to be subjected to automated decisions: it is the user's right not to be subject to any decision taken
solely on the basis of automated processing, including the definition of profiles (profiling), that produce effects in their
legal sphere or that affect them significantly in a similar way.
– Full name or company name, CPF number (Individual Taxpayer Registry, Federal Revenue of Brazil) or CNPJ (National
Legal Entity Registry, Federal Revenue Service of Brazil) and e-mail address of the user and, if applicable, case, from your
representative;
– Any document that can demonstrate or justify the exercise of their right.
The request must be sent to the e-mail: lgpd.request@thomas.org.br, or by mail, to the following address:
The user will be informed in case of rectification or deletion of their data.
you.
3. Duty not to provide third party data
During the use of the website, in order to safeguard and protect the rights of third parties, the website user must provide
only their personal data, not those of third parties.
4. Information collected
The collection of user data will be in accordance with the provisions of this Privacy Policy and will depend on the user's
consent, which is dispensable only in the cases provided for in art. 11, item II, of the Personal Data Protection Law.
4.1. Types of data collected
4.1.1. User identification data for registration
The use, by the user, of certain features of the website will depend on registration, and in these cases, the following
user data will be collected and stored:
- Name
- birth date
- email address
- Postal code
– social media details
- phone number
– CPF number
– CNPJ number
4.1.2. Data entered in the contact form
Any data eventually informed by the user who uses the contact form available on the website, including the content of
the message sent, will be collected and stored.
4.1.3. Data related to the execution of contracts signed with the user
For the execution of a purchase and sale agreement or provision of services
eventually signed between the website and the user, other data related to or necessary for its execution may be collected
and stored, including the content of any communications with the user.
4.1.4. access records
In compliance with the provisions of art. 15, caput and paragraphs, of Federal Law n.12.965/2014 (Marco Civil da Internet),
user access records will be collected and stored for at least six months.
4.1.5. sensitive data
The website may collect the following sensitive data from users:
– location, age
4.1.6. Data collection not expressly provided
Occasionally, other types of data not expressly provided for in this Privacy Policy may be collected, provided they are
provided with the user's consent, or even if the collection is permitted or imposed by law.
4.2. Legal basis for the processing of personal data
By using the services on the website, the user is consenting to this Privacy Policy.
The user has the right to withdraw his consent at any time, without compromising the lawfulness of the processing of
his personal data before the withdrawal. The withdrawal of consent can be done by e-mail: lgpd.request@thomas.org.br, or by
mail sent to the following address:
SEPS 706/906, block B, South Wing
70390-065 Brasilia DF
Brazil
The consent of the relatively or absolutely incapable, especially of children under 16 (sixteen) years old, can only
be done, respectively, if properly assisted or represented. Personal data necessary for the execution and
fulfillment of the services contracted by the user on the website.
The processing of personal data without the user's consent will only be carried out due to legitimate interest or for
the cases provided for by law, that is, among others, the following:
– for compliance with a legal or regulatory obligation by the controller;
– to carry out studies by a research body, ensuring, whenever possible, the anonymization of personal data;
– when necessary for the execution of a contract or preliminary procedures related to a contract to which the user
is a party, at the request of the data subject;
– for the regular exercise of rights in judicial, administrative or arbitration proceedings, the latter pursuant
to Law No. 9,307, of September 23, 1996 (Arbitration Law);
– for the protection of the life or physical safety of the data subject or third party;
– for the protection of health, in a procedure carried out by health professionals or health entities;
– when necessary to meet the legitimate interests of the controller or third party, except where fundamental rights
and freedoms of the data subject that require the protection of personal data prevail;
– for credit protection, including the provisions of relevant legislation.
4.3. Purposes of processing personal data
The user's personal data collected by the website are intended to facilitate, expedite and fulfill the commitments established
with the user and to enforce requests made by filling out forms.
Personal data may also be used for commercial purposes, to personalize the content offered to the user, as well as to
provide the site with a subsidy to improve the quality and functioning of its services.
The site collects user data so that profiling is carried out, that is, automated processing of personal data that consists
of using this data to assess certain personal aspects of the user, principal
to analyze or predict characteristics related to your professional performance, your economic situation, health, personal
preferences, interests, reliability, behavior, location or displacement.
The registration data will be used to allow the user access to certain contents of the website, exclusive to registered
users.
The collection of data related or necessary to the execution of a purchase and sale contract or service provision that
may be signed with the user will have the purpose of providing the parties with legal security, in addition to facilitating
and enabling the conclusion of the business.
The processing of personal data for purposes not provided for in this Privacy Policy will only occur upon prior notice
to the user, and, in any case, the rights and obligations set forth herein will remain applicable.
4.4. Period of retention of personal data
The user's personal data will be kept for a maximum period of: 9 months, unless the user requests its deletion before
the end of this period.
The personal data of users can only be saved after the end of their treatment in the following cases:
– for compliance with a legal or regulatory obligation by the controller;
– for study by a research body, ensuring, whenever possible, the anonymization of personal data;
– for the transfer to a third party, provided that the data processing requirements laid down in the legislation
are complied with;
– for the exclusive use of the controller, its access by a third party being prohibited, and provided that the
data is anonymized.
4.5. Recipients and transfer of personal data
The user's personal data may be shared with the following people or companies:
-Google Analytics
The transfer can only be made to another country if the country or territory in question or the international organization
in question ensure an adequate level of protection of the user's data.
If there is no adequate level of protection, the website undertakes to guarantee the protection of your data in accordance
with the strictest rules, through specific contractual clauses for a given transfer, standard contractual clauses, global
corporate standards or seals, certificates and codes of conduct issued regularly.
5. The processing of personal data
5.1. The data controller (data controller)
The controller, responsible for the processing of the user's personal data, is the natural or legal person, the public
authority, the agency or other body that, individually or together with others, determines the purposes and means of processing
personal data.
On this website, the person responsible for the processing of personal data collected is the Thomas Jefferson Cultural
Council, which can be contacted by e-mail:
lgpd.site@thomas.org.br or at the address:
SEPS 706/906, block B, South Wing
70390-065 Brasilia DF
Brazil
The website also has the person responsible for the processing of data who will be directly responsible for the processing
of the user's personal data.
5.2. Data protection officer
The data protection officer is the professional in charge of informing, advising and controlling the data controller,
as well as the workers who process the data, regarding the website's obligations under the terms of the RGDP, of the Law of
Personal Data Protection and other data protection provisions in national and international law, in cooperation with the competent
supervisory authority.
On this site, the person in charge of can be contacted by e-mail:
lgpd.dpo@thomas.org.br.
6. Security in the processing of the user's personal data
The website undertakes to apply technical and organizational measures to protect personal data from unauthorized access
and from situations of destruction, loss, alteration, communication or dissemination of such data.
To guarantee safety, solutions will be adopted that take into account: the appropriate techniques; application costs;
the nature, scope, context and purposes of the treatment; and the risks to the user's rights and freedoms.
The site uses SSL (Secure Socket Layer) certificate that guarantees the data
are transmitted in a secure and confidential way, so that the transmission of data between the server and the user, and
in feedback, occurs in a totally encrypted or encrypted way.
However, the website is exempt from liability for the sole fault of a third party, as in the case of a hacker or cracker
attack, or the sole fault of the user, as in the case where he himself transfers his data to a third party. The website also
undertakes to notify the user within an adequate period of time in the event of any type of violation of the security of their
personal data that could pose a high risk to their personal rights and freedoms.
A breach of personal data is a security breach that causes
accidental or unlawful destruction, loss, alteration, disclosure or unauthorized access to personal data transmitted,
stored or subject to any other type of processing.
Finally, the website undertakes to treat the user's personal data with
confidentiality, within legal limits.
7. Navigation data (cookies)
Cookies are small text files sent by the website to the user's computer and stored on it, with information related to
browsing the website.
Through cookies, small amounts of information are stored by the user's browser so that our server can read them later.
Data can be stored, for example, about the device used by the user, as well as their location and time of access to the website.
Cookies do not allow any file or information to be extracted from the user's hard drive, and it is not possible, through
them, to access personal information that did not come from the user or from the way he uses the website's resources .
It is important to emphasize that not every cookie contains information that allows the identification of the user, and
certain types of cookies can be used simply for the website to load correctly or for its functionalities to work as expected.
Information eventually stored in cookies that allow the identification of a user is considered personal data. Thus, all
rules provided for in this Privacy Policy are also applicable to them.
7.1. third party cookies
Some of our partners may set cookies on the devices of users who access our website.
These cookies, in general, are intended to enable our partners to offer their content and services to the user who accesses
our website in a personalized way, by obtaining navigation data extracted from their interaction with the website.
The user can obtain more information about third-party cookies and how the data obtained from them are treated, in addition
to having access to the description of the cookies used and their characteristics, by accessing the following link:
– Google Analytics
The entities in charge of collecting cookies may transfer the information obtained to third parties.
7.2. social network cookies
The site uses social media plugins, which allow you to access them from the site. Thus, by doing so, the cookies used
by them may be stored in the user's browser.
Each social network has its own privacy and personal data protection policy, with the individuals or legal entities that
hold them responsible for the data collected and for the privacy practices adopted.
Users can search, along social networks, for information on how their personal data are handled. For information purposes,
we provide the following links, from which the privacy and cookie policies adopted by some of the main social networks can
be consulted:
7.3. Management of cookies and browser settings
The user may object to the registration of cookies by the website, simply by disabling this option in their own browser
or device.
Disabling cookies, however, can affect the availability of some tools and features of the website, compromising their
correct and expected functioning. Another possible consequence is the removal of user preferences that were eventually saved,
damaging your experience.
Below, there are some links to the help and support pages of the most used browsers, which can be accessed by the user
interested in obtaining more information about the management of cookies in his browser:
8. Complaint to a control authority
Without prejudice to any other means of administrative or judicial recourse, all data subjects are entitled to file a
complaint with a supervisory authority. The complaint may be made to the authority of the site's headquarters, the user's
country of habitual residence, their place of work or location
Mais sobre este texto de partidaÉ necessário o texto de partida para obter informações de
tradução adicionais
l where the infringement was allegedly committed.
9. Changes
This version of this Privacy Policy was last updated on:
09/17/2020.
The editor reserves the right to modify the present norms at any time, especially to adapt them to the evolution of the
Casa Thomas Jefferson website, either by making new functionalities available, or by suppressing or modifying existing ones.
The user will be explicitly notified if this policy changes.
By using the service after any modifications, the user demonstrates their
compliance with the new standards. If you disagree with any of the changes, you must immediately request the cancellation
of your account and present your reservation to the customer service, if you so wish.
10. Applicable law and jurisdiction
For the settlement of disputes arising from this instrument, Brazilian law will be fully applied.
Any disputes must be filed in the court of the region where the site editor's headquarters are located.