ABOUT THE PRIVACY POLICY
The MECILA Privacy Policy provides information on how the personal data held by the institution is collected, how it is used, and the rights of its holders, following Brazilian Law 13.709 of August 14, 2018, the General Data Protection Law. This Privacy Policy is intended for the audience that accesses and registers in the virtual environments under MECILA’s responsibility (website, social networks, etc.) and should be read carefully. Its content may occasionally be updated. When this happens, registered users will be notified via email.
SCOPE
The Privacy Policy applies to the MECILA website and social networks. Navigating these platforms and virtual environments may lead to links to third-party websites. By accessing these links, the user will leave the coverage sphere of this Privacy Policy. Since MECILA does not monitor or control the information collected by third-party websites, nor their privacy policies, it is not appropriate to assume responsibility for the content and practices of these organizations and their instruments.
WHAT INFORMATION IS COLLECTED AND HOW IT IS USED
In this policy, “personal information” or “personal data” means information related to an identified or identifiable natural person. In the case of MECILA’s website or social networks, this is the information provided to fill out any type of registration or form. By choosing to register on MECILA’s virtual tools to apply for scholarships, use the institution’s services, participate in events, receive updates (mailing), fill out forms, or similar procedures, you may be asked to provide contact information (name, address, personal documents, phone number, email address, among others). MECILA will only use this information to provide the requested services. The collection of information is based on Article 7, clauses I (consent), IV (research), and V (contract execution) for the processing of general personal data, and on Article 11, clauses I (consent) and II, letters “c” (conducting research by a research body) and “d” (contract execution) for the processing of sensitive personal data, both from the General Data Protection Law – LGPD. MECILA may use your contact information to send out information about works, projects, and events, provided that your consent is obtained. If you do not wish to continuously receive this informational material, any person or organization can request the removal of their contact by clicking on the “unsubscribe” or “cancel subscription” option at the end of each promotional email. MECILA may request demographic information (such as location, for example) to understand needs and interests and to offer a more personalized experience on the website, sending more targeted offers, subject to user preferences, if the collection of cookies is accepted. This is because the MECILA website and social networks may automatically collect technical information about visits (such as browser type used, internet service provider, platform type, internet protocol (IP) addresses, referral/exit pages, operating system, date/time stamp). MECILA retains this information in reports to analyze trends, diagnose server problems, and to manage the website and social networks, aiming to monitor their movement and type of use. See “Cookies and other digital markers” below for more information. By law, MECILA may be required to share information with third parties, but only if it receives a court order, subpoena, or warrant. Additionally, the LGPD also authorizes voluntarily providing information to assist in law enforcement investigations or when disclosure is necessary to protect systems, businesses, or the rights of the institution or third parties.
INFORMATION SHARING (NATIONAL TRANSFERS)
MECILA maintains contracts with service providers and third-party suppliers to offer products, services, and complementary solutions to its own, to enhance the experience of those using its digital platforms. Even so, your data are only transferred to third parties for the exclusive purpose of providing the services contracted by the users of these virtual environments, and with express consent. In this case, the recipients of the personal data in question will be asked to properly protect them, using administrative, technical, and security procedures, even if they are also subject to Brazilian data protection legislation. Any person or organization can opt out of receiving communications from MECILA by email by clicking on the “unsubscribe” or “cancel subscription” option at the end of each email.
COOKIES AND OTHER DIGITAL MARKERS
Cookies and digital markers are small text files that can be stored on the hard drive of MECILA website users’ computers or embedded in the website pages. They enable user identification and the tracking of their visit to the site. For example, when a form is filled out or when registering for events, cookies are used in the booking process. MECILA may use its own or third-party services to collect and process personal information through the use of cookies and other digital markers. The use of cookies can be disabled by the user by changing the settings in the preference menu or the options of the browser used. By choosing to disable cookies, access to certain areas of the site may be restricted.
CHILDREN’S PRIVACY
MECILA does not intentionally collect information from individuals under the age of 13 and does not target its websites at children under 13. This would only occur if a child were to lie about their age. MECILA is committed to protecting the privacy of children and adolescents and encourages parents and guardians to play an active role in their children’s online interests and activities.
CANCELLATION
If you no longer wish to receive communications from MECILA, any person or organization can cancel their subscription by clicking on the “unsubscribe” or “cancel subscription” option at the end of each email or by contacting via email at mecila@cebrap.org.br.
ACCESS TO AND ACCURACY OF INFORMATION AND OTHER RIGHTS
Brazilian data protection legislation guarantees any person or organization the right to: request a copy of their personal information at any time; ask to correct, delete, restrict, or cease any active processing of their personal data, and obtain the personal data provided for a contract or with their consent, and request to share (transfer) those data with another data controller; oppose the processing of their personal information under certain circumstances (specifically when it is not necessary to process the data to meet a contractual requirement or other legal requirement, or when the data is being used for direct communication). These rights may be limited, for example, if fulfilling a request would reveal personal data about another person or infringe on the privacy rights of others, or if you ask to delete information that MECILA is required to retain or on which the institution has legitimate interests in retaining. To exercise any of these rights, simply contact us via email at mecila@cebrap.org.br. If there are unresolved concerns, a complaint to the National Data Protection Authority can be made at any time.
KEEPING YOUR INFORMATION SECURE
All precautions and updates within MECILA’s control environment are ensured. However, undesirable situations related to traffic or storage through our website may occur. MECILA follows the strictest technical standards, both during transmission and after reception. When sensitive information (such as personal data) is entered on registration forms or orders, this information is encrypted using secure technology (secured socket layer). Although the most established technologies in the market are used, there is always a risk in data transmission over the Internet. MECILA will retain your data for a maximum of five years (unless a different request is made before this period), taking responsibility for maintaining security measures, technical and administrative, capable of protecting personal data from unauthorized access and accidental or illegal situations of destruction, loss, alteration, communication, or any form of improper or illegal treatment. By Article 48 of Law No. 13.709, MECILA will communicate to the Data Subject and the National Data Protection Authority (ANPD) the occurrence of a security incident that may pose a risk or relevant damage to the Data Subject.
LASTLY
If there are any questions or requests regarding data use, requests can be made at any time by emailing mecila@cebrap.org.br.