Menu

Privacy Policy

Privacy Policy - Bioenergy Society
General Personal Data Protection Law (LGPD) - LAW No. 13.709/181
Last update date: 11/16/2021 
Dear User. The Bioenergy Society (henceforth referred to as SBE2) committed to safeguarding your privacy and protecting your Personal Data, wishes to explain to you more about the way we handled your personal data.

Why does SBE store my data?

When we perform a registration for an enrollment, it is necessary to collect some Personal Data to validate the process. Your Data is necessary to enable payments, send confirmations, notices and validate the truthfulness and existence of those who wish to use our Products, Services and Experiences. It is a way to protect us, as service providers, protect other users and provide you a more pleasant experience using any systems provided. These are some examples that show how these activities need to use your Personal Data.

We take compliance very seriously with laws that protect your privacy and this Policy describes how SBE collects, uses, shares and stores your Personal Data. After reading this Policy, if you still have questions, please feel free to contact us through our Data Protection Officer, available in the item 10 of this Privacy Policy.

1) Basic concepts needed to understand SBE's privacy policy

User: all private individuals who will use the Application(s) or visit the Site(s) over 18 (eighteen) years old or emancipated and fully capable of performing acts of civil life or relatively or absolutely disabled persons properly represented or assisted. 
Legal basis: These are the legal hypotheses that authorize us to Handle Personal Data: it could be with your consent, the need to fulfill a contract we have with you, or the fulfillment of a legal obligation, for example. 
Consent: Refers to the hypothesis that authorizes the Handling of Personal Data based on the free will, informed and unambiguous expression of the holder when agreeing to the Handling of Personal Data for a specific purpose, informed by SBE. 
Cookies: These are small files for storing information, which allow, among other things, to know if you are logged in (with an open session). These files are transferred to your browser or device (such as mobile phone or tablet). They can be useful, for example, to make the Platforms fit your screen, better understand your preferences and offer you more efficient Products, Businesses and Experiences. 
Personal Data: Means any information provided and/or collected by the system or web form or Application, by any means, even public, which: (I) identify when used in combination with other information handled by SBE to identify an individual; or (II) by which an individual's identification or contact information may be derived. Personal Data can be in any medium or format, including electronic or computer records, as well as paper-based files. Personal Data, however, does not include business phone number, business mobile number, business address, business email. 
Sensitive Data: Refers to any information on racial or ethnic origin, religious conviction, political opinion, membership in a union or organization of a religious, philosophical or political nature, Data referring to health or sexual life, Genetic or biometric data, when linked to a private individual. 
Purpose: the objective, the purpose you want to achieve from each act of handling personal information. 
Necessity: justification why it is strictly necessary to collect personal data, to achieve the purpose, avoiding excessive collection. 
Legal basis: legal basis that makes the handling of personal data legitimate for a prior given purpose by SBE. 
Supervisor: He is our Personal Data Protection Officer, who acts as a communication channel between the SBE, the Data Owners and the National Data Protection Authority (ANPD3), when it comes to protection of your Personal Data. 
SBE: For the purposes of this Policy, SBE is considered a Scientific Society based on Rua Cora Coralina, 330 Sala 27 – Campus UNICAMP, 13083-896 Campinas, SP, Brazil. Registered with the CNPJ4 under No. 19.977.491/0001-53, as responsible for the storage and protection of data, enrollment provision, notification and data generation services, in the form of technology services provision.  
Legitimate Interest: Refers to another hypothesis that allows Handling of Personal Data to be handled. Whenever the use of such Data is necessary to meet SBE's legitimate interests, such as in the context of service, in which it may be necessary for you to provide some confirmations of your Personal Data so that we can be sure that we are talking to you and that it is not a fraud. The Law defines those interests will only be considered legitimate if the way in which your Data is used is not contrary to Brazilian law, and provided that effective transparency of such uses is given, as well as their rights are respected. 
Platforms: These are the websites, e-commerce, systems, applications owned and developed by SBE. 
Technologies: These are all personal identification tools, augmented reality and similar technology, access to wi-fi and others offered due to the use of our Products, Businesses and Experiences and/or a visit to one of the Sites. 
Data Subject: You, the private individual to whom the Personal Data refers. Whether as a consumer; loyalty customer; user of our products, services and experiences; website visitor, platforms and applications. 
Treatments: These are the uses we make of your Personal Data, including, but not limited to, the following activities: collecting, storing, consulting, using, sharing, transmitting, sorting, reproducing, deleting, inactivating, enriching and evaluating them.

2) Who does this policy apply to?

This policy applies, in general, to all Users and potential Users of the services offered by SBE, including website users, services, publications (magazines, books, etc.), or other means provided by SBE, which may collect, produce, receive, classify, use, access, reproduce, transmit, distribute, process, archive, store, delete, evaluate or control the information, modify, communicate, transfer, disseminate or extract the collected data, including personal identifiable information, in accordance with applicable legal bases and all applicable privacy and data protection laws.

3) How do we collect your data and what types of data?

The types of Personal Data and the way we collect it depends on how you interact with our platforms. For example, the Personal Data collected will be different, if you use our application, if you are registered in our system, if you make a payment on some Platforms, if you use the “contact us” channels through the contacts available on the Platforms.

Data may be collected directly from you, through forms that you fill out, through signed contracts with us, through the use and interaction of our Products, Services and Experiences, by website, system, desktop software and applications and/ or automatically, through Cookies or similar Technologies related to these Platforms.

The Data and respective purposes, as well as the main Personal Data Treatment activities can be summarized in a practical way as follows:

  • • We collect the Data when you provide it to us through registration in one of the Systems, Technologies and/or Platforms.
  • • We collect the Data you provide us through registration on Platforms and/or Institutes, in addition to other interactions you have with us, such as interaction with our Products, Services and Experiences, evaluation of our products and use of the Platforms.
  • • We collect Data when you actively contact us, such as through our customer service, whether by phone, email, chat or in person.
  • • We automatically collect, through Cookies, some Data relating to your navigation and the device you use to access the Platforms.

4) What personal data do we use?

The User is aware that he provides information consciously and voluntarily through Forms, Website usage, Contact, Payments and Interactions through the websites and systems used by SBE.
When the User registers and/or fills in the forms offered by SBE, including on the websites operated by them, certain Personal Data requested will be kept confidential and will be used only for the purpose that motivated the registration, according to the Table of Purposes. 

Table of Purposes

Personal Data Category

Goal

Legal base

Legal basis
Name, CPF5, Gender, E-mail, City, State, Phone, Mobile, Academic Education, Institution, Date of Birth and Occupational Category In order to access content and receive promotional material, the User will need to provide the User Name, CPF, Gender, E-mail, Password, City, State, Phone, Mobile, Academic Education, Institution, Date of Birth and Occupational Category. SBE will send marketing emails to users who provide this information. The Personal Data Collected as follows, Name, E-mail, Phone and City, may be shared with SBE sponsors, partners and supporters listed on the website / application / platform. The data will not be used to send any type of SPAM. Consent I agree to provide my Name, E-mail and which Company I work for to access the material available on the website, in addition to receiving the SBE Newsletter and other marketing emails. I am aware that my data provided will be used internally for SBE's promotional purposes and I agree to receive emails from SBE.
  If the User wants to contact SBE through the “Contact Us” area available on the website, SBE will need to collect the User's Name, Email and Phone number in order to contact the User. Consent I agree to provide my Name, CPF, Gender, E-mail, Password, City, State, Phone, Mobile, Academic Education, Institution, Date of Birth and Professional Status so that SBE can contact me, as well as being aware that these data will be used by SBE's Marketing and Commercial areas to send emails.

5) SBE's responsibilities with my personal data

Our responsibility is to take care of your Personal Data and use it exclusively for the purposes described in this Policy. To ensure your privacy and the protection of your Personal Data, we adopt security and governance practices that are adequate for our region, including the use of data encryption and information security systems. We have a governance and privacy program, best practices and governance, internal policies and procedures that establish the conditions of an organization, operating regime, educational activities, supervision and risk mitigation mechanisms and other aspects related to Personal Data Handling. We provide training to secure contractual obligations for information security and Personal Data protection with those involved, in order to minimize risks for you, the Data Subject.

We work to protect your privacy and your Personal Data, but unfortunately absolute Data Security is something that doesn't just depend on our actions and processes. Unauthorized third-party entry or use of your account, hardware or software failure that is not under the control of SBE or the suppliers, and other factors may compromise the security of your Personal Data. Therefore, its performance is essential to maintain a safe environment for everyone.
You can help us by adopting good security practices in relation to your account and your data (such as not sharing your password with third parties), and if you identify or become aware of anything that compromises the security of your data, for Please get in touch through the Privacy Portal or directly with the Supervisor (Data Protection Officer), whose contact channels are found in the item below.

6) Legal reasons for disclosing your data

In certain circumstances, SBE may disclose Personal Data, considered necessary or appropriate, to government agencies, consultants and other third parties for the purpose of complying with applicable law or with a court order or subpoena, or if SBE believes in good faith that such action is necessary to:

  1. Comply with legislation that requires such disclosure;
  2. Investigate, prevent or take action related to suspected or actual illegal activities or to cooperate with public bodies or to protect national security;
  3. Execution of your contracts;
  4. Investigate and defend against any claims or allegations of third parties;
  5. Protect the security or integrity of services (eg sharing with companies that are experiencing similar threats);
  6. Exercising or protecting the rights, property and safety of SBE and its related companies;
  7. Protect the rights and personal safety of its employees, users or the public;
  8. In case of sale, purchase, merger, reorganization, liquidation or dissolution of SBE.

SBE will inform the respective Users of any legal demands that result in disclosure of personal information, in accordance with what has been set out in this policy, unless such awareness is prohibited by law or prohibited by court order, or if the request is an emergency  SBE may challenge these claims if it deems that the requests are excessive, vague or made by incompetent authorities.

7) Who we share your data with

So that we can dedicate ourselves to create an excellent experience using the systems, we work in partnership with a number of other companies to offer our Products, Services and Experiences. In this way, we may share your Personal Data with these companies, always seeking to preserve your privacy as much as possible and, whenever possible, anonymously. Here we describe situations in which we will share your Personal Data:

Our Suppliers and Partners: We rely on the help of suppliers who may handle the Personal Data we collect. We always seek to carefully evaluate our suppliers and secure contractual obligations with them for information security and protection of Personal Data, in order to minimize risks for the Data Subject. Among these providers are, for example, companies operating in the following areas: (i) Data hosting activities; (ii) private individual and property security, such as image monitoring and data sending to insurance companies to trigger a claim; (iii) registration authentication and validation; (iv) Advertising, marketing, digital and social media data and tools; (v) logistics and product delivery; (vi) service to the data subject and research conducting (vi) advisory services for collection, anti-fraud and default registration; (vi) operation and feasibility of certain Products, Businesses and Experiences for you, such as a Marketplace, tickets issuing and transport and action requirements fulfillment; (vii) payment and processing options; and (viii) advisory analysis and audit reviews. 
Data Companies: Some of our Suppliers are Data Companies, popularly known as bureaus, with which we may share Personal Data for some important purposes, such as choosing the most effective means of contacting you to send important communications and exclusive brand benefits of the Group; understand how you use the Platforms, as a way to direct the information we send you; enrich, keep updated and sanitize your contact details; validate a particular profile to prevent fraud; Prevent any type of illegal, fraudulent or suspicious activities, or to carry out other commercial and business transactions that imply financial risk. We always seek to carefully evaluate these companies and sign contractual obligations with them for information security and protection of Personal Data, with the objective of minimizing risks for the Owners. 
Public Authorities: We will comply with the law. Thus, if a judge or a legally competent authority requires SBE to share certain Personal Data for, for example, an investigation, we will have to share it, unless we understand there is an abuse of power. We will always defend the privacy of the Owners. 

8) What are your rights as the Owner of personal data

Personal Data is yours and Brazilian law guarantees that you have a series of rights related to them. We are committed to fulfilling these rights and, in this section, we will explain how you can exercise them with SBE. Brazilian law grants you the following rights:

Confirmation and Access: Allows you to verify that SBE handles your Personal Data and, if so, request a copy of the Personal Data we hold about you. 
Correction: Allows you to request correction of your incomplete, inaccurate or outdated Personal Data. 
Anonymization, blocking or deletion: Allows you to ask us to: (a) anonymize your data so that it can no longer be related to you and therefore is no longer Personal Data; (b) block your Data, temporarily suspending your ability to Process it; and (c) delete your Data, in which case we will delete all your Data with no possibility of reversal, except as provided by law. 
Portability: You have the right to request, upon express request, that SBE provide you, or any third party you choose, with your Personal Data in a structured and interoperable format, for transfer to another supplier, that it does not violate intellectual property or business secrets. Likewise, you can ask other companies to send SBE your Personal Data to facilitate the hiring of our Products, Business and Experiences, for example. 
Sharing Information: You have the right to know the public and private entities with which SBE makes data sharing. We will keep in the item “Who do we share your Personal Data with?” of this Policy, an indication of the modalities and activities that may involve Data sharing with third parties. In any case, if you have questions or want further details, you have the right to ask us for this information. 
Possibility of not consenting information: Allows you to have a clear and complete information about the possibility and consequences of not providing consent. Your consent, when necessary, must be free and informed. Therefore, whenever we ask for your consent, you are free to deny it – although in those cases we may have to limit our Products, Services and Experiences. 
Consent Withdrawal: You have the right to withdraw your consent in relation to the Treatment activities that are based on this Legal Basis. However, this will not affect the legality of any Treatment carried out previously. If you withdraw your consent, we may not be able to provide certain products and experiences, but we will notify you when this occurs. 
Opposition: The law authorizes the Handling of Personal Data even without your consent or a contract with us. In this case, it is necessary to demonstrate that there are legitimate reasons to Store your Data, such as, for example, to prevent fraud or to improve our communication with you. If you do not agree with this Treatment, you may object to it, by requesting its interruption. Whenever you exercise your rights, SBE may request some additional information for the purpose of proving your identity, seeking to prevent fraud. We do this to ensure the security and privacy of our supporters, partners and suppliers. Also, some requests may not be responded to immediately, but SBE undertakes to respond to all requests within a reasonable time and always in accordance with applicable law. If you have any questions about these issues or about how you can exercise these rights, please feel free to contact us through the channels mentioned in item 10 of this Policy. 

9) How long will the data be stored

SBE has an Information Security Policy with rules on the retention and disposal of Personal Data, which defines the guidelines to determine the appropriate retention period for each type of Personal Data collected, considering its nature, need for collection and purpose for which it will be treated. Personal Data will be stored for as long as necessary to comply with the purposes for which they were collected, unless there is any other reason for its maintenance, for example, compliance with any legal, regulatory, contractual, among others, obligations, provided that substantiated with a Legal Basis. You have the right to request the deletion of the Data, according to the item "What are your rights as a Personal Data Subject?".

10) How to talk about personal data with SBE

SBE is the company responsible for the online platform and data handling. The SBE Secretariat is accessible by email This email address is being protected from spambots. You need JavaScript enabled to view it.. The systems and platforms referred to in this document are linked to the SBE (19.977.491/0001-53)6. This company is granted the role of Supervisor (Data Protection Officer - DPO).

If you believe that your Personal Data has been used in a way that is incompatible with this Privacy Policy or with your choices as the Owner of this Personal Data, or if you have any questions, comments or suggestions related to this Policy, please contact us. We have a Privacy Portal and a Data Protection Officer (DPO), who are available at the following contact addresses:

DPO (Supervisor):

Sociedade de Bioenergia (SBE)
Correspondence address:
Rua Cora Coralina, 330 Room 27 – UNICAMP Campus 
13083-896 Campinas, SP, Brazil.
Contact email: This email address is being protected from spambots. You need JavaScript enabled to view it.
 
11) Mediation and forum of election

This policy is subject to the Law of the Federative Republic of Brazil and the Forum of the District of Campinas - SP is listed as competent and priority to settle any dispute in relation to it.

12) Changes to the Privacy Policy

As we are always looking to improve our Products and Experiences, this Privacy Policy may be updated to reflect the improvements made. Therefore, we recommend that you visit this page periodically so that you are aware of possible changes made.

 

1 LGPD stands for GDPR (General Data Protection Regulation) in the US.
2 SBE means “Sociedade de Bioenergia” (Bioenergy Society in English).
3 ANPD stands for “Autoridade Nacional de Proteção de Dados” (National Data Protection Authority in english).
4 CNPJ is the registry number of a company in Brazil.
5 CPF is a Brazilian document with a unique number. Similar to the US Social Security number.
6 This number is the CNPJ number of SBE.