Privacy Policy

Only in English and Portuguese

This page tells you about our policies regarding the collection, use and disclosure of personal data when you visit our website or use our service and the choices you have regarding that data.

 

VITRINE SOCIAL NETWORK

Within the use of the Vitrine.social website and/or the use of its Christian social network platform “vitrine.social” (hereinafter also referred to as “services”), we, as the data controller, collect and store the data that you provided how long and so far this is necessary to fulfill the specified purposes and legal obligations.

Below we will tell you what data is involved, how the data is processed and what rights you have in this regard.

According to article 4 no. 1 General Data Protection Regulation (GDPR) personal data means any information relating to an identified or identifiable natural person (hereafter „interested person or user“).

 

1. Name and contact details of the data controller

This Data Protection Policy covers the processing of data on the website www.vitrine.social by: VITRINE SOCIAL NETWORK, Estrada de Campo Grande, 5000 - Jacareí / SP - Brazil, (in the following , vitrine.social “), E-mail : webmaster@vitrine.social .

The person responsible for the protection of data for showcase.social can be contacted by e-mail at suporte@lmatech.com.br. You can always contact our data protection officer directly if you have any questions about data protection law or your rights as a data subject.

 

2. Collection and storage of personal data and also the nature, purpose and use thereof

We collect and store your data to the extent described below when you visit our website or use our services, in particular to provide and improve our services. We process your data (especially the information you provide us or your user data) exclusively on the specified legal basis (Art. 6 DSGVO) and therefore we can use the service provider if indicated.

a) When visiting the website

You can access the Vitrine.social website or the app without revealing your identity. Your end device's browser automatically sends information to our website's server (for example, the IP address of the computer making the query, date and time of access, name and URL of the accessed file, browser type and version, as well as other information sent by the browser such as your computer's operating system, the name of your access provider, geographical origin, etc.). When you access the Service on or through a mobile device, information such as your mobile device type, mobile device unique ID, mobile device IP address, mobile operating system, mobile Internet browser type, and identifiers from devices may also be uploaded to our website server.

This information, which also includes your IP address, is temporarily stored in a log file. The following information is collected without any action on your part and is automatically deleted after 4 weeks.

We process this data to ensure a smooth connection to the website, comfortable use of our website and its services, to assess system security and stability, and also for other administrative purposes.

The legal basis for data processing is Art. 6 subs. 1 sentence 1 lit. b and f GDPR. Our legitimate interest stems from the above purposes for data collection, especially our economic interest in making our offer available on this website, as well as in the secure processing of data.

Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

In this context we use the following service provider:

 

Web hosting

Website offering requires commissioning from a web hosting service.

For the provision of this website, we use the hosting service at LOCAWEB SERVIÇOS DE INTERNET S.A., R. Itapaiúna, 2434 - Parque do Morumbi, São Paulo - SP, 05707-001 / Brazil (hereinafter “Localweb”).

In connection with the hosting, Localweb collects data on our behalf, which is accumulated during the use of the website. We have concluded a data processing agreement with Locaweb. Through this agreement, the service provider guarantees that it processes the data in accordance with the General Data Protection Regulation and ensures the protection of the data subject's rights.

 

Live Streaming of Videos (Lives)

Agora.io

When you do a video broadcast (commonly known as streaming or live), we use Agora.io services

The company Agora Lab, Inc., known as Agora.io (https://www.agora.io) is located in the USA at the address: 2804 Mission College Blvd. Santa Clara, CA, USA 95054. So when a live video transmission is made you agree that your name or nickname and email address is communicated to this provider through secure aps rest and ssl certificates, then information is transmitted and processed and returned to Brazil to be stored when the transmission ends. We have concluded a data processing agreement with Agora Lab, Inc. Through this agreement, the service provider guarantees that it processes the data in accordance with the General Data Protection Regulation and ensures the protection of the data subject's rights. Agora Lab, Inc. provides us with 10,000 minutes of video each month for free with the maximum resolution of 720p and, at the moment, it is satisfactory. For more information on how Agora.io handles data, visit its privacy policy page: https://www.agora.io/en/privacy-policy 

 

Audio and video calls between platform users

Twilio LLC

When you make a voice or video conference call, we use Twillo to handle this data. You then agree that your name or nickname, your email or mobile number is transferred to twillo so that the other party you want to communicate with is contacted and the communication is actually established. Twilio LLC (www.twilio.com), is located: 101 Spear St, San Francisco, California 94105, USA. We have concluded a data processing agreement with Twilio LLc. Through this agreement, the service provider guarantees that it processes the data in accordance with the General Data Protection Regulation and ensures the protection of the data subject's rights. For more information on how Twilio LLC handles data, visit its privacy policy page: https://www.twilio.com/legal/privacy

 

JSDLIVR

We use jQuery using the JSDELIVR CDN so that scripts are opened faster, as we know the closer the data is to the client, the faster the data is provided, and jsDelivr has a cdn in Brazil.

jsDelivr is a public and open source CDN (Content Delivery Network) developed by Dmitriy Akulov and Prospect One, with a focus on performance, reliability and security. It's free for everyone with no bandwidth caps.

Safety

We're focused on production use, which also means we take security very seriously.

All jsDelivr services support HTTPS.

All jsDelivr related accounts are protected by strong passwords, 2FA and IP whitelisting where possible.

Our critical code has been carefully reviewed by us and several other independent experts.
We also have safeguards in place to prevent people from using jsDelivr to deliver malicious files, but if you find something that doesn't look right, please report it on our issue tracker.

For more information, visit the company's privacy policy: https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net

 

CLOUDFLARE

We use a Javascript function using CLOUDFLARE with the name: html2pdf.js

Cloudflare is a global network designed to make everything you connect to the internet safer, more private, faster and more reliable.

Secure your websites, APIs and internet applications.
Protect your corporate networks, employees and devices.
Write and deploy code to run at the network edge.

For more information, see Cloudflare's privacy policy:
https://www.cloudflare.com/privacypolicy

 

Google fonts

Our website uses so-called web fonts provided by Google for the uniform display of fonts.

More information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and Google's privacy policy: https://policies.google.com/privacy?hl=us .

 

b) By using our services

When using our services, we will collect and store your data as follows, depending on which service you use. Therefore, we may use the services of a service provider if indicated.

 

A) When entering the page or through the app

When registering on our platform, we will ask you to provide us with the following information:

  • Name
  • email
  • cell phone (if registered using cell phone and not email)

These data are collected

to display your name and, if applicable, your photo to other users within the digital space and services of the showcase.social.

The data is processed upon your inquiry and pursuant to art. 6 subs. 1 sentence 1 lit. b GDPR is required for the stated purposes of contract enforcement and pre-contractual measures.

This data is optional as a registered user, we collect the following information:

  • City
  • love situation
  • Country

This data is collected and stored, for the sole purpose of presenting your profile and other participants in your newsfeeds as "you may know".

The data is processed upon your inquiry and pursuant to art. 6 subs. 1 sentence 1 lit. b GDPR is required for the stated purposes of contract enforcement and pre-contractual measures.

 

B) When setting up a user account

You can set up a password protected user account with us in which we save your personal data. The aim is to provide you with the greatest possible comfort through an easier, faster and more personal use of the website and its services.

If you would like to set up a password protected user account with us, we need the following information from you:

  • User name,
  • a valid email address.
  • Also, to open a user account, you must enter a password of your choice. Along with your email address, this provides access to your user account.

In addition, we ask that you provide us with a photo of yourself to be displayed to other users within the digital space of the showcase.social.
The provision of this data is voluntary.

The data is processed upon your inquiry and pursuant to art. 6 subs. 1 sentence 1 lit. b GDPR and is necessary for the stated purposes of contract enforcement and pre-contractual measures.

It is not necessary to create a user account to use our website and its services. We also offer the possibility to use the platform as a guest. In this case, however, you are limited to data that registered users have made public.

Once your user account is deleted, your personal data is automatically deleted, unless we are obliged to longer storage under legal documentation obligations or you have consented to an extended period in accordance with art. 6 subs. 1 sentence 1 lit. a GDPR.

If you create your own digital room through our services, we will additionally process your data as indicated in the following section no. 3 “On receiving automated emails”.

 

C) When receiving automated emails

We send automated confirmation emails on the legal basis of art. 6 subs. 1 sentence 1 lit. a DSGVO using Locaweb's own service. The email addresses of our email recipients are stored on Locaweb's servers in Brazil on our behalf.

Locaweb uses this information to send and evaluate automated emails on our behalf. We have concluded a Data Protection Agreement with Locaweb for this purpose. Through this contract, Locaweb ensures that it processes data in accordance with the General Data Protection Regulation and ensures the protection of the data subject's rights. Locaweb guarantees that personal data are fully protected against unauthorized access. Locaweeb itself does not use the data of our e-mail recipients to write to them or pass on the data to third parties.

The information generated about the use of our website is transmitted to Locaweb's servers in Brazil and processed there. We have concluded a contract with Locaweb incorporating EU standard contract clauses. This ensures a level of protection comparable to the EU (see also section 3c on data transfer to the US).

 

D) By registering for a newsletter

When registering for our newsletter, you will receive a registration notification by e-mail, which you must confirm in order to receive the newsletter (so-called double opt-in). This serves as proof to us that the registration was indeed initiated by you.

We use your email address to send you a newsletter on the legal basis of art. 6 Subs.1 1 Phrase 1 lit. a DSGVO (consent).

You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your unsubscribe request at any time to webmaster@vitrine.social. Your email address will be deleted immediately after you withdraw your consent to receive your newsletter, unless we are entitled to continue to store your email address based on other legal grounds.

We are currently not using this service.

 

E) By using our contact form

We give you the option of contacting us using a form on our website. If you do, the following data is required:

  • email address,
  • your query is a matter of query and
    (optional) attachments.

The listed information is processed for the purpose of responding to your query.

To process your inquiry, we use our own portal. We process this information to provide you with customer support. We conclude a data protection agreement for this purpose. Through this contract, we ensure that the data is processed in accordance with the GDPR and ensures the protection of the data subject's rights. We ensure that personal data is fully protected from unauthorized access. It does not use your data to contact you for its own purposes or to pass it on to third parties.

The legal basis for data processing is Art. 6 subs. 1 sentence 1 lit. f GDPR based on our legitimate interests to provide our users with excellent customer service and to help you use our services appropriately.

The personal data we collect to use the contact form will be automatically deleted after processing your inquiry.

 

F) By subscribing to a paid plan

You can use all functions of the portal for free, but you have the option to sign up for a paid plan for public highlighting or people verification, the following details may be required depending on the chosen payment method:

  • email address,
  • First and last name
  • company address
  • bank account details: PIX , C/C, etc.
  • phone number

The listed information is processed for the purpose of processing your payment and managing your account.

For this purpose, we work with Banco Inter (www.bancointer.com.br), of which our parent company LMATECH is a customer. We offer payment options via pix, boleto or bank transfer. Banco Inter, CNPJ: 00.416.968/0001-01, Address: Av. Barbacena, 1219 - Santo Agostinho, Belo Horizonte - MG, 30190-924 / Brazil.

Banco Inter processes this information to provide its service as a new means of payment. Banco Inter does not process any data, but acts as a data controller. More information can be found here https://www.bancointer.com.br/privacidade-de-dados.

 

G) When creating a new community/page

The following details are required when creating an account on the platform.

  • First and last name
  • Email address,
  • Phone number
  • Information about the company you work for

During the creation of the space and its further use, we track user behavior and non-identifying device information. We may use this data to determine usage patterns and conduct market and user research in order to improve our Services and troubleshoot product and feature issues.

 

H) Tools and other service providers

We use other tools and service providers as indicated below to provide and improve our services based on art. 6 subs. 1 sentence 1 lit. b and/or f GDPR (performance of a contract and/or legitimate interest). We have concluded a contract with all service providers listed below, incorporating EU standard contract clauses. This ensures a level of protection comparable to the EU (see also section 3c on data transfer to the US).

Our Service may contain plug-ins or links to other websites that are not operated by us. Plug-ins do not establish direct contact between the user's browser and the provider's service. By clicking on the respective plug-in, the user is redirected to the provider's website. We have no influence on the processing of personal data on third-party websites.

 

3. Data transfer

Your personal data will not be transferred to third parties for purposes other than those specified below.

 

a) For the performance of the contract

To the extent that this is legally permissible and in accordance with art. 6 subs. 1 S. 1 lit. b GDPR necessary to execute contractual relations with you, your personal data may be communicated to third parties. This covers the transfer to provide IT services. The transferred data may be used by third parties exclusively for the stated purposes.

 

b) For other purposes

In addition, we only transfer your personal data to third parties if:

you have expressly given your consent pursuant to Art. 6 Paragraph. 1 S. 1 lit. a GDPR;
in cases where the transfer of your data is necessary for the fulfillment of a legal obligation pursuant to art. 6 Sub. 1 sentence 1 lit. GDPR;
c) Data transfers from third countries
A transfer of personal data to a third country or an international organization only takes place if we inform you about it and the prerequisites of Art. 44 et seq. DSGVO is data.

A third country is a country outside the European Economic Area (EEA) to which the GDPR is not directly applicable. A third country is considered unsafe if the EU Commission has not issued an adequacy decision for that country in accordance with Article 45 (1) of the GDPR, confirming that there is adequate protection for personal data in the country.

The US is a so-called unsafe third country. This means that the US does not offer a level of data protection comparable to the EU. The following risks exist when personal data is transferred to the US. There is a risk that US authorities may gain access to personal data based on PRISM and UPSTREAM surveillance programs based on FISA Section 702 (Foreign Intelligence Surveillance Act) as well as on the basis of Executive Order 12333 or Presidential Police Directive 28. EU citizens have no effective legal protection against such access in the US or the EU.

That's why we tell you in this privacy information when and how we transfer personal data to the US or other unsecured third countries. We only transfer your personal data if

The recipient provides sufficient guarantees in accordance with art. 46 DSGVO for the protection of personal data, you have expressly consented to the transfer, after which we inform you of the risks in accordance with art. 49 Para. 1 lit. a) DSGVO,
the transfer is necessary for the fulfillment of contractual obligations between you and us,
or if another exception of art. 49 DSGVO applies.

Guarantees in accordance with art. 46 of the GDPR can be so-called standard contractual clauses. In these standard contractual clauses, the recipient guarantees to sufficiently protect the data and thus guarantee a level of protection comparable to the GDPR.

 

4. Cookies and pixels

a) Cookies

We use cookies and similar tracking technologies on our website. Cookies are small files that your browser automatically creates and saves on your end device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do no harm to your computer and do not contain viruses, trojans or other malware.

The cookie stores information that arises in conjunction with the end device specifically used. This does not mean, however, that this gives us direct knowledge of his identity.

Cookies are used, on the one hand, so that we can make the use of our services more pleasant for you. Therefore, we use session cookies to recognize that you have already visited individual pages on our website.

In addition, we use temporary cookies saved on your end device for a defined period of time to optimize ease of use. If you visit our website again to use our services, it is automatically recognized that you have been here before and what entries and settings you have made so that you do not have to repeat them.

On the other hand, we use cookies to compile statistics about the use of our website and to evaluate the optimization of our offers for you. These cookies allow us to automatically recognize that you've been here before the next time you visit our website. These cookies are automatically deleted after a set period of time.

The data processed by cookies is necessary for the stated purposes to protect our justified interests and also those of third parties pursuant to art. 6 subs. 1 sentence 1 lit. GDPR.

Most browsers automatically accept cookies. You can configure your browser, however, so that no cookies are saved on your computer or a message always appears before a new cookie is created. Completely deactivating cookies may, however, prevent you from being able to use all the functions of our website.

 

b) pixel

Tracking pixels are small 1×1 pixel GIF files that may be hidden in graphics when you visit our website. Pixels also does not cause any harm to your end device, it does not contain viruses, trojans or other malware.

The pixels send your IP address, the referring URL of the website visited, the time the pixel was viewed, the browser used, as well as previously set cookie information to a web server. This allows us to carry out reach measurements and other statistical evaluations, which serve to optimize our platform and offer.

 

c) Consent management tool

We use self-management service on our website. In this context, the date and time of the visit, browser information, consent information, device information and the IP address of the requesting device are processed. Obtaining and managing legally required consents should be considered a legitimate interest within the meaning of the above provision, as interference with users' rights as a result of the use of anonymous IP addresses and the involvement of a service provider based in Brazil is very low. We store these consents and revocations on our behalf and under our instructions. The legal basis is our legitimate interest in accordance with art. 6 paragraph 1 pg. 1. lit. f DSGVO. Be able to fulfill the obligation of accountability pursuant to art. 5 (2) DSGVO is also a legitimate interest.

Any tracking and targeting measures we use are carried out on the basis of Art. 6 subs. 1 sentence 1 lit. a GDPR (consent).

With the tracking measures in place, we want to ensure proper design and ongoing optimization of our website and apps. On the other hand, we use tracking measures to compile statistics about the use of our website and app in order to evaluate the optimization of our offers for you.

Through the targeting measures implemented, we want to ensure that you only see advertising tailored to your real or perceived interests on your end devices.

These interests must be considered justified within the meaning of that Regulation.

The relevant data processing purposes and data categories can be found in the corresponding tracking and targeting tools.

5. Rights of the data subject

You have the right:

pursuant to art. 7 subs. 3 GDPR to withdraw your consent with us at any time. This means that we can no longer continue processing data based on this consent for the future;

pursuant to art. 15 GDPR to demand information about your personal data that we process. In particular, you can demand information about the purposes of processing, the category of personal data, the categories of recipients to which your data have been or will be disclosed, the planned period of storage, the existence of a right to rectification, deletion, restriction or revocation of processing, the existence of a right to lodge a complaint, the origin of your data as long as it is not collected by us, and also about the existence of automated decision-making, including profiling and, where appropriate, meaningful information about details of this ;

pursuant to art. 16 GDPR to require immediate rectification of inaccuracy or completeness of your personal data saved with us;

pursuant to art. 17 GDPR to require the deletion of your personal data stored with us, insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest or to establish, exercise or defend legal claims;

pursuant to art. 18 GDPR to require the restriction of the processing of your personal data, to the extent that you contest the accuracy of the data, the processing is unlawful, but you object to deletion and we no longer need the data, but you need it to establish, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR;

pursuant to art. 20 GDPR to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to require transmission to another controller;

pursuant to art. 77 GDPR to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual residence or place of work or our registered offices.

 

6. Right of opposition pursuant to art. 21 GDPR

To the extent that your personal data is processed on the basis of legitimate interests in accordance with art. 6 subs. 1 sentence 1 lit. and and Art. 6 subs. 1 sentence 1 lit. f GDPR, you have the right pursuant to Art. 21 RGPD, to oppose the processing of your personal data, insofar as there are reasons arising from your particular situation or related to the opposition to direct marketing. In the latter case, you have the general right to object, which we will comply with without declaring a particular situation; This also applies to the creation of profiles based on the provisions defined in art. 4 not 4 GDPR.

If you submit an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or the processing is necessary for the establishment, exercise or defense of legal claims .

If your objection is to data processing for direct marketing purposes, we will cease processing immediately. In this case, it is not necessary for you to state a particular situation. This also applies to profiling in so far as it relates to such direct marketing.

If you wish to exercise your right of opposition, simply send an email to webmaster@vitrine.social.

 

6. Right of opposition pursuant to art. 21 GDPR

To the extent that your personal data is processed on the basis of legitimate interests in accordance with art. 6 subs. 1 sentence 1 lit. and and Art. 6 subs. 1 sentence 1 lit. f GDPR, you have the right pursuant to Art. 21 RGPD, to oppose the processing of your personal data, insofar as there are reasons arising from your particular situation or related to the opposition to direct marketing. In the latter case, you have the general right to object, which we will comply with without declaring a particular situation; This also applies to the creation of profiles based on the provisions defined in art. 4 not 4 GDPR.

If you submit an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or the processing is necessary for the establishment, exercise or defense of legal claims .

If your objection is to data processing for direct marketing purposes, we will cease processing immediately. In this case, it is not necessary for you to state a particular situation. This also applies to profiling in so far as it relates to such direct marketing.

If you wish to exercise your right of opposition, simply send an email to webmaster@vitrine.social.

 

7. Data security

All data you personally transfer will be sent encrypted with the usual and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard, which is also used for online banking, for example. You can recognize a secure TLS connection by, among others, the "s" appended to http (ie https://..) in your browser's address bar or the padlock symbol at the bottom of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or unauthorized access by third parties. Our security measures are continuously monitored and improved to reflect technological developments.

 

8. Update and amendments to this Data Protection Policy

This Data Protection Policy is the most recent version and was last amended in November 2022.

Further development of our website and offers on it or changes in statutory or public authority requirements may make it necessary to amend this Data Protection Policy. The most recent version of the Data Protection Policy can be downloaded and printed at any time from the website
in

Last update: 11/24/2022.