This site is maintained and operated by Whats/Zapper.
We collect and use some personal data belonging to those who use our site. By doing so, we act as the controller of this data and are subject to the provisions of Federal Law No. 13.709/2018 (General Data Protection Law - LGPD).
We take care of protecting your personal data and, for that reason, we provide this privacy policy, which contains important information about:
Who should use our site;
What data we collect and what we do with it;
Your rights regarding your personal data; and
How to contact us.
1. Data we collect and reasons for collection
Our site collects and uses some personal data from our users, in accordance with the provisions of this section.
1.1 Personal data expressly provided by the user
To register on our site, we only collect the user's Email Address.
For the purchase and use of our services, other data is collected such as:
Name;
ID number;
Phone;
The data provided by our users is collected to enable the use of products and services, for the user to contact our customer service and for us to send updates and news about the contracted services.
1.2 Sensitive data
1.3 Cookies
Cookies are small text files automatically downloaded to your device when you access and browse a site. They basically serve to identify devices, activities, and user preferences.
Cookies do not allow any file or information to be extracted from the user's hard drive, nor can they provide access to personal information that did not originate from the user or how they use the site's resources.
a. Third-party cookies
Some of our partners may set cookies on the devices of users who access our site.
These cookies generally aim to allow our partners to offer their content and services to the user accessing our site in a personalized manner, by obtaining browsing data extracted from their interaction with the site.
The user can obtain more information here about third-party cookies and how the data obtained from them are treated, in addition to having access to the description of the cookies used and their characteristics.
The entities responsible for collecting cookies may share the information obtained with third parties.
b. Cookie management
The user may oppose the registration of cookies by the site, simply by disabling this option in their own browser. More information on how to do this in some of the main browsers used today can be accessed from the following links:
1.4 Collection of non-explicitly foreseen data
Eventually, other types of data not explicitly foreseen in this Privacy Policy may be collected, provided they are provided with the user's consent, or that the collection is permitted based on another legal basis provided by law.
In any case, the collection of data and the subsequent processing activities will be informed to the users of the site.
2. Sharing of personal data with third parties
We do not share your personal data with third parties. However, it is possible that we may do so to comply with any legal or regulatory requirement, or to comply with any order issued by a public authority.
3. How long will your personal data be stored?
The personal data collected by the site is stored and used for a period of time that corresponds to what is necessary to achieve the purposes set forth in this document and that considers the rights of its holders, the rights of the site's controller, and the applicable legal or regulatory provisions.
Once the retention periods for personal data have expired, they are removed from our databases or anonymized, except in cases where there is a possibility or need for storage due to legal or regulatory provisions.
4. Legal bases for the processing of personal data
Each operation of personal data processing needs to have a legal basis, that is, a legal justification that authorizes it, as provided in the General Personal Data Protection Law.
All our personal data processing activities have a legal basis that supports them, among those permitted by the legislation. More information about the legal bases we use for specific operations of personal data processing can be obtained from our contact channels, provided at the end of this Policy.
5. User rights
The website user has the following rights, granted by the General Data Protection Law:
confirmation of the existence of processing;
access to the data;
correction of incomplete, inaccurate, or outdated data;
anonymization, blocking, or deletion of unnecessary, excessive data, or data processed in violation of the law;
portability of the data to another service or product provider, upon express request, in accordance with the regulations of the national authority, observing commercial and industrial secrets;
deletion of personal data processed with the consent of the data subject, except in cases provided by law;
information about the public and private entities with which the controller has shared data;
information about the possibility of not giving consent and the consequences of refusal;
revocation of consent.
It is important to highlight that, under the terms of the LGPD, there is no right to deletion of data processed under legal bases other than consent, unless the data is unnecessary, excessive, or processed in violation of what is provided by law.
5.1 How the data subject can exercise their rights
To ensure that the user who intends to exercise their rights is indeed the holder of the personal data subject to the request, we may request documents or other information that may assist in their accurate identification, in order to protect our rights and the rights of third parties. This will only be done, however, if absolutely necessary, and the requester will receive all related information.
6. Security measures in the processing of personal data
The measures we use take into account the nature of the data, the context and purpose of processing, the risks that a possible violation would generate for the rights and freedoms of the user, and the standards currently employed in the market by companies similar to ours.
Among the security measures adopted by us, we highlight the following:
- Password storage using cryptographic hashes
- Access restrictions to the database
- Monitoring of physical access to servers
In any case, if any type of security incident occurs that may pose a risk or significant harm to any of our users, we will notify those affected and the National Data Protection Authority about the occurrence, in accordance with the provisions of the General Data Protection Law.
7. Complaint to a supervisory authority
Without prejudice to any other form of administrative or judicial appeal, data subjects who feel harmed in any way may file a complaint with the National Data Protection Authority.
8. Changes to this policy
This version of the Privacy Policy was last updated on 11/05/2021.
We reserve the right to modify these rules at any time, especially to adapt them to any changes made to our site, whether by making new features available or by removing or modifying those that already exist.
Whenever there is a modification, our users will be notified of the change.
9. How to contact us
To clarify any questions about this Privacy Policy or about the personal data we process, please contact our Personal Data Protection Officer through any of the channels mentioned below:
Person in charge: Frederico Groth Couto
Substitute in charge: Gabriel Almeida
Contact email: juridico@zapper.to
Postal address: Rua Visconde de Pirajá 111/619 , Rio de Janeiro/RJ
