Privacy Policy for the American Society of São Paulo (Version: 2024.09.11)
This Privacy Policy (“Privacy Policy”) outlines the general terms under which the American Society of São Paulo (“AmSoc”) processes the personal data collected from natural persons who access our website https://www.amsoc.com/, in compliance with applicable laws and regulations, especially the Brazilian General Data Protection Law - Law No. 13,709/2018 ("LGPD").
1. Types of Personal Data Collected
Personal Data: Various types of personal data are collected, including but not limited to:
-
Identification Data: Name, email address, physical address, phone number, and other contact information provided by you.
-
Browsing Data: Information such as Internet Protocol (IP) address, browser type, visited pages, visit duration, and browsing behavior, automatically collected through cookies and other tracking technologies.
-
Payment Data: Partial credit card information, purchase history, and other data necessary to securely process financial transactions.
-
Preferences and Interests Data: Communication preferences, interaction history with our services, and information voluntarily provided in surveys or forms.
Sensitive Personal Data: In accordance with the Brazilian General Data Protection Law (LGPD), sensitive personal data includes information that can reveal:
-
Racial or ethnic origin
-
Religious beliefs
-
Political opinions
-
Membership in a trade union or organization of a religious, philosophical, or political nature
-
Health or sexual life information
-
Genetic or biometric data, when linked to a natural person
AmSoc does not collect sensitive personal data. If there is a need to collect such data, it will be done with your explicit consent and for specific purposes, in compliance with the applicable law.
2. How We Collect Data
We collect personal data in different ways, including:
-
Directly from you: When you register on our website, become a member, subscribe to our newsletters, make a transaction and/or join an event, or send us direct communications.
-
Automatically: Using cookies and other tracking technologies that collect information about your use of the site.
3. Purposes for Data Processing
In compliance with the LGPD, we collect and process your personal data only for the following legally permitted purposes:
-
Contract Execution: To provide and operate our services, as agreed with our users.
-
Legal or Regulatory Compliance: To comply with applicable legal and regulatory requirements, including but not limited to tax obligations and consumer protection.
-
Exercise of Rights: To defend our rights in judicial, administrative, or arbitration proceedings, as necessary.
-
Consent of the Data Subject: When data processing requires consent, such as for sending marketing communications, we will do so only with your explicit consent. You may withdraw your consent at any time.
-
Legitimate Interests: To improve our services and user experience, we may use personal data, provided that our legitimate interests do not override the fundamental rights and freedoms of data subjects.
4. Sharing Data with Third Parties
We may share your personal data with:
-
Data hosting and technology platform providers (such as Wix.com and AirTable) that help us operate our website and store data securely.
-
Payment processors, in compliance with PCI-DSS standards to protect payment information.
-
Business partners, for conducting analysis and developing our activities and purpose.
-
Due to legal requirements, requests, requisitions, or court orders, with competent judicial, administrative, or governmental authorities, as well as for the protection of AmSoc's rights in any type of dispute, including judicial matters.
Your personal data may be subject to international transfer in certain situations, such as for storage in cloud computing servers. Whenever the personal data of users is transmitted to another country, AmSoc will take measures to protect them, in compliance with applicable laws and regulations.
5. Data Storage and Security
We use the Wix.com platform to host our website and enable the sale of products and services. The personal data you provide may be stored through Wix.com’s databases, data storage, and general applications, which ensure the security of this data on secure servers, protected by firewalls and other appropriate security measures. Additionally, we may use other platforms and relationship management tools, such as Airtable, as backup storage. These platforms employ security and data protection measures to ensure the privacy and integrity of the information stored on them.
All direct payment gateways offered by the Wix.com platform and used by AmSoc follow the security standards established by PCI-DSS (Payment Card Industry Data Security Standard). These standards are managed by the PCI Security Standards Council, a joint initiative of major brands like Visa, MasterCard, American Express, and Discover, ensuring the secure handling of credit card information by both our store and the service providers we work with.
Furthermore, only authorized personnel have access to your personal information, and we have adopted appropriate technical and organizational measures to protect your data against unauthorized access, misuse, or improper disclosure.
Personal data will be stored and processed for the necessary period to fulfill its intended purposes, as described in this policy. Once these purposes are fulfilled, the data will be securely deleted, except in cases where legal obligations or regulatory requirements demand their retention for a specific period.
6. Your Rights and Preferences
You have the right to (i) obtain confirmation that your data is being processed and access such data, being able to request a copy of all personal information that the organization holds about you; (ii) request the correction of incomplete, inaccurate, or outdated data; (iii) request that your data be anonymized, meaning that it can no longer be linked to you; (iv) request the blocking or deletion of unnecessary, excessive, or unlawfully processed data in accordance with the LGPD; (v) request the deletion of your personal data, especially if consent is the legal basis for processing; (vi) be informed about the public and private entities with which your personal data has been shared; (vii) revoke the consent previously given for the processing of your data at any time, without affecting the processing carried out based on consent before its revocation; and (viii) demand that your information be treated securely and confidentially, with appropriate technical and organizational measures to protect the data from unauthorized access, leaks, or data breaches.
7. Cookies and Tracking Technologies
We use cookies to enhance the user experience on our website. You may choose to disable cookies in your browser, but this may affect site functionality.
8. Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. Any significant changes will be notified to users through our website or other appropriate communication channels. We recommend that you review it often.
9. DPO Contact
If you have any questions or concerns about our Privacy Policy, please contact us via email at lgpd@amsoc.com.br.
****