top of page

BRAZILIAN DATA PRIVACY POLICY

SLF has developed this Data Privacy Policy in order to transparently communicate to its customers, business partners, intermediaries and third parties, the general rules of collection, use, storage, treatment, protection, sharing and deletion of data.

 

If you do not agree with this Policy, you must refrain from using our website and our services.

 

Your acceptance of this Policy characterizes your express, full, unreserved, unreserved consent to the policies and terms set forth, enabling the processing of personal data by SLF for actions related to commercial activities.

 

The LGPD - General Law for the Protection of Personal Data (Law nº 13.709/2018) is a federal law that establishes rules for the use of personal data by public and private entities, and that guarantees rights to data holders and establishes the rule for collection, storage, processing and sharing of data. personal of natural persons.

 

The ANPD - National Authority for the Protection of Personal Data is the federal public administration body responsible for ensuring the protection of personal data and for regulating, standardizing, deliberating, implementing and supervising compliance with the LGPD in Brazil.

 

The SLF, in compliance with Law No. 13,709 and its amendments, presents its Policy below, whose acceptance and formal manifestation can be made directly through the available channels (website, reply to the message via WhatsApp or reply to the message by email).

 

Law No. 14,155, of 5/27/2021, amended the Penal Code and made accountability more stringent for crimes of violation of a computer device, theft and embezzlement committed over the internet or through electronic devices.

SLF PLATFORM DATA PRIVACY POLICY

I. OBJECTIVE

Establish guidelines for Privacy and Data Protection initiatives related to the businesses and products offered by SLF, in compliance with the General Data Protection Law (LGPD).

II. COVERAGE

All products, businesses, data collection sources whether automatic or automated used by our customers.

 

All SLF employees, regardless of hierarchical level.

 

All commercial partners, service providers or representatives who collect and handle our customers' data on behalf of SLF. Everyone covered must be committed to the Security, Privacy and Protection measures of personal data collected, used, stored, processed and shared in the events of interaction with the SLF.

 

The interaction events contained in this policy exclusively cover moments of prospecting, commercial indication, conclusion of commercial proposals, formalization of contracting products or services and the maintenance of this commercial relationship between the client and SLF.

III. GENERAL REGULATION

1. PERSONAL DATA COLLECTED

Personal data is information that allows the identification of our customers in our databases. This information may be collected through various means of interaction: website, prospective telephone contacts, commercial telephone contacts, digital means for updating registration data such as e-mail, WhatsApp or other applications officially used by SLF.

 

Regardless of the form or means of collecting this information, it will be under SLF's Information Security Guidelines and will be used exclusively to deal with matters of commercial interest to our customers.

 

Among the matters of commercial interest, we highlight dealings with how we will communicate with the customer, means by which our customers choose to receive information, sending information related to our current products and services, presenting opportunities related to products or services, or to detail important information about the contracted products or services.

 

Depending on the product or service to be contracted, more specific or comprehensive information may be requested for the execution and acceptance of the contract by the commercial partner. On these occasions, the processing of personal data will have levels of security and data restriction depending on the classification of the type of personal data that will be collected.

2. CLASSIFICATION OF COLLECTED PERSONAL DATA

The personal data collected is necessary for contracting the product or service desired by our customers and is classified according to its content and purpose:

 

• Commercial Data Personal information aimed at customizing the commercial relationship and certifying the legitimacy of our customers. This information is basic and necessary for contracting the desired product or service.

 

• Financial Data Information related to our customers' income, financial capacity or purchasing power.

 

NOT USED BY SLF

 

• Sensitive Data Information related to racial or ethnic origin, religious beliefs, political opinions, trade union affiliation or to organizations of a religious, philosophical or political nature, data referring to health or sex life, genetic or biometric data.

3. USE OF COLLECTED PERSONAL DATA

Due to the characteristics of our business, the vast majority of information we collect from our customers is intended to facilitate commercial relationships, customize information and direct our customers.

 

We restrict processing, storing, maintaining and updating Business Data. However, all information that passes through our means of communication follows SLF's Information Security Guidelines.

 

As for the data we collect:

 

• Data on equipment and accesses on our website are intended to improve the efficiency of our website and evaluate the results of advertising campaigns carried out.

 

• Data on means of contact and e-mails are intended to inform about the deployment of contracted products and services and commercial opportunities related to advertising campaigns.

 

• Other information that may be collected will be exclusively used by the commercial partner that requests it. In this situation, we will only be the intermediary in the information collection process, not retaining in our databases any information that is not directly linked to the commercial relationship foreseen in the activities carried out.

4. EXCLUSION

Data will be stored for the shortest time necessary, observing legal and regulatory requirements.

 

The deletion of data will take place definitively within the period deemed convenient by the SLF, provided that the legal and regulatory requirements are observed.

IV. DIRECT CHANNEL FOR CLARIFICATIONS

SLF has created an exclusive channel so that our customers can request to update their data, clarify their data, how the data is stored, how to use it or even revoke their consent to the use of their information at any time, through email eduardo@shoesluxuryfactory.com, through our contact form and through our WhatsApp +55 11 97437-1218.

 

Information directed to these channels should be named. They will be treated with the utmost secrecy and will receive the attention and intervention of our executives responsible for Information Security and Data Protection.

 

The demands received will be answered within a maximum period of 15 (fifteen) consecutive days, from the receipt of the demand.

INFORMATION SECURITY POLICY

I. OBJECTIVE

Establish guidelines that allow SLF to keep its information assets safe, provide guidelines for the definition of specific rules and procedures for Information Security, in addition to enabling the implementation of controls and procedures to reduce the vulnerability of companies to possible incidents.

II. COVERAGE

All SLF employees, regardless of hierarchical level, service providers and representatives who use information, systems or data.

 

All SLF partner companies in the process of obtaining customer information, marketing products and/or customer service.

 

All entities covered must invest efforts so that their companies and professionals maintain actions in line with the guidelines set forth in this Policy, considering the specific needs and legal and regulatory aspects of the sectors to which they belong.

III. GENERAL REGULATION

1. INFORMATION SECURITY

Information Security for SLF is based on three principles:

 

Confidentiality

Ensure that the information necessary for day-to-day activities will be accessible and exclusive to people authorized to access it;

 

Integrity

Ensure that the information, digital or physical, stored or transacted, will be complete, without any unauthorized modifications, intentional or not;

 

Availability

Ensuring that information is available at the necessary time, whether due to internal or external demands and at an acceptable access speed.

2. INFORMATION ASSETS

All information generated or developed with application to the business carried out by SLF is classified as Information Assets.

 

Information Assets may be arranged in different ways: digital files, electronic equipment, external media, printed documents, systems, mobile devices, databases, recordings and face-to-face or telephone conversations.

 

Regardless of the form or means of access to the Information Assets, for consultation, sharing or storage, they must be used exclusively for the purposes for which they were authorized.

 

The use of Information Assets is permanently monitored, analyzed and audited. Information Assets are classified according to the criteria established in specific standards, with specific storage and protection rules, preventing risks and threats that could compromise the information and, consequently, the SLF business

3. DATA SECURITY GUIDELINES

The SLF adopts general guidelines for Data Security, which will be extensively detailed in the procedures related to specific Procedures and Rules.

GENERAL GUIDELINES

• Permanently protect data against unauthorized access, modification, destruction or unauthorized disclosure.

 

• Classify the data of Information Assets, guarantee the principles of Information Security and the processing of information to achieve corporate objectives.

 

• Associate those responsible for the data according to their classification and access restriction, according to specific rules.

 

• Keep the systems and the data processed therein duly protected and used exclusively for business purposes.

 

• Maintain and care for a technological park, servers, accesses, computers, operating systems, control systems, mechanisms for protecting undue access, databases, among others, suitable for the businesses that the companies propose to do.

 

• Maintaining the integrity of the technological infrastructure, adopting measures to prevent logical threats, such as viruses, harmful programs or other failures that may lead to unauthorized access, manipulation or use.

 

• Maintain a structure of software to protect internal data by keeping the antivirus and firewall installed and updated, and maintaining the programs and applications installed in the computing environment.

PREVENTIVE AND PROTECTIONAL MEASURES

• Prevent, detect and reduce vulnerability to incidents related to the computing environment, networks, servers, computers, telephony and smartphones.

 

• Adopt procedures and controls to reduce companies' vulnerability to incidents.

 

• Meet technological security objectives, including authentication, encryption, use of passwords, intrusion prevention and detection, information leak prevention, vulnerability testing, protection against malicious software, access controls, maintenance of backups of data and information, according to specific internal rules.

 

• Controlling, monitoring and restricting access to information assets to the lowest possible permissions and privileges.

 

• Seek and/or develop secure procedures, controls and information systems.

 

• Have specific controls over information to ensure the security of sensitive information.

 

• Maintain physical and logical structure to control, monitor, maintain and delete sensitive information belonging to customers.

 

• Record, analyze the occurrence, cause and impact of incidents relevant to the business of Martinus Consultoria e Seguros, and adopt measures to neutralize any incidents, including information received from service providers and commercial partners.

 

• Encourage service providers and commercial partners to adopt preventive and protective measures that guarantee security and prevent vulnerabilities associated with the items listed in this Policy.

 

• Carrying out periodic assessments of service providers and commercial partners, which handle information relevant to SLF's business, seeking to improve the level of maturity of its security controls for prevention.

 

• Adopt mechanisms for disseminating the culture of information security and protection of SLF's Information Assets.

IV. CONSEQUENCES MANAGEMENT

SLF has created an exclusive channel for communicating situations related to the Information Security Policy and occasional clarifications on practices that may conflict with it through the e-mail address eduardo@shoesluxuryfactory.com

 

The information directed to this channel must be named and suitable. They will be treated with the utmost confidentiality. They will have the attention and intervention of our executives.

bottom of page