Privacy Statement
This website is maintained and operated by SciELO Brazil.
We collect and use some personal data that belongs to those who use our website. In doing so, we act as the controller of this data and are subject to the provisions of Federal Law n° 13,709/2018 (General Law on Personal Data Protection, Lei Geral de Proteção de Dados Pessoais – LGPD in the Portuguese acronym).
We take care of the protection of your personal data and, therefore, we provide this Privacy Policy, which contains important information about:
- Who should use our website;
- What data we collect and what we do with it;
- Your rights regarding your personal data; and
- How to contact us.
1. Who should use our website
Our website should only be used by people over eighteen years of age. Therefore, children and teenagers should not use it.
2. Data we collect and reasons for collection
Our website collects and uses some personal data from our users, in accordance with the provisions of this section.
1. Sensitive data
Sensitive data from our users will not be collected, thus understood those defined in arts. 11 et seq. of the LGPD. Thus, there will be no data collection on racial or ethnic origin, religious conviction, political opinion, union membership or organization of a religious, philosophical, or political nature, data related to health or sexual life, genetic or biometric data, when linked to a natural person.
2. Cookies
Cookies are small text files automatically downloaded to your device when you access and browse a website. They basically serve to identify devices, activities, and user preferences.
Cookies do not allow any files or information to be extracted from the user’s hard drive, and it is not possible, moreover, to access through them personal information that has not come from the user or the way he/she uses the website’s resources.
a. Website cookies
Website cookies are those sent to the user's and administrator's computer or device exclusively by the website.
The information collected through these cookies is used to improve and personalize the user’s experience, and some cookies may, for example, be used to remember the user’s preferences and choices, as well as to offer personalized content.
b. Cookie management
The user will be able to oppose the registration of cookies through the website if he only deactivates this option in his own browser. More information on how to do this in some of the main browsers can be accessed through the following links:
Internet Explorer:
https://support.microsoft.com/en/help/17442/windows-internet-explorer-delete-manage-cookies
Safari:
https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Google Chrome:
https://support.google.com/chrome/answer/95647
Mozilla Firefox:
https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
Opera:
https://www.opera.com/help/tutorials/security/privacy/
The deactivation of cookies, however, may affect the availability of some tools and functionalities of the website, compromising its correct and expected functioning. Another possible consequence of doing so is removing the user’s preferences that may have been saved, impairing his experience.
3. Collection of data not expressly provided
Occasionally, other types of data, not expressly provided for in this Privacy Policy, may be collected, since they are provided with the user’s consent, or even that the collection is permitted based on another legal ground provided by law.
In any case, data collection and processing activities arising therefrom will be informed to website users.
3. Sharing personal data with third parties
We do not share your personal data with third parties. Despite that, it is possible that we do so to comply with some legal or regulatory determination, or even to comply with an order issued by a public authority.
4. How long your personal data will be stored
The personal data collected by the website are stored and used for a period that corresponds to the time necessary to achieve the purposes listed in this document and that considers the rights of its owners, the rights of the website controller and the applicable legal or regulatory provisions.
Once the periods for storing personal data have expired, they are removed from our databases or anonymized, except in cases where there is the possibility or the need for storage due to legal or regulatory provision.
5. Legal bases for the processing of personal data
Each operation of personal data processing must have a legal basis, which is nothing else than a justification that authorizes it, provided for in the General Law on Personal Data Protection.
All our personal data processing activities have a legal basis supporting them, among those permitted by law. More information about the legal bases we use for specific personal data processing operations can be obtained from our contact channels, informed at the end of this Policy.
6. Users’ rights
The website user has the following rights, conferred by the Personal Data Protection Law:
- Confirmation of the existence of treatment;
- Access to data;
- Correction of incomplete, inaccurate or outdated data;
- Anonymization, blocking or elimination of unnecessary, excessive, or treated data that does not comply with the provisions of the law;
- Data portability to another service or product provider, upon express request, in accordance to the regulations of the national authority, subject to commercial and industrial classified information;
- Elimination of personal data processed with the consent of the holder, except in cases provided for by law;
- Information from public and private entities with which the controller shared data;
- Information about the possibility of not giving consent and about the consequences of the refusal;
- Revocation of consent.
It is important to note that, under the terms of the LGPD, there is no right to delete treated data based on legal grounds other than consent, unless the data is unnecessary, excessive, or treated in non-compliance with the law.
1. How the holder can exercise his rights
To ensure that the user who intends to exercise his rights is, in fact, the holder of the personal data object of the request, we may require documents or other information that may assist in their correct identification, in order to safeguard our rights and the rights of third parties. This will only be done, however, if absolutely necessary, and the applicant will receive all related information.
7. Security measures in the processing of personal data
We employ technical and organizational measures to protect personal data from unauthorized access and situations leading to destruction, loss, or alteration of that data.
The measures we use consider the nature of the data, the context and purpose of the treatment, the risks that an eventual breach would generate for the user's rights and freedoms, and the standards currently used in the market by companies like ours.
Among the security measures we adopt, we highlight the following:
- Password storage using cryptographic hashes;
- Restrictions on access to databases;
- Monitoring physical access to servers.
Even if we adopt everything in our power to avoid security incidents, it is possible that there may be some problem motivated exclusively by a third party - such as in the case of hacker or cracker attacks, or even in the case of the user's exclusive fault, which occurs, for example, when he himself transfers his data to a third party. Thus, although we are generally responsible for the personal data we process, we are exempt from liability in the event of an exceptional situation such as these, over which we have no control whatsoever.
In any case, in the event of any type of security incident that could generate significant risk or damage to any of our users, we will communicate the affected ones and the National Data Protection Authority about what happened, in accordance with the provisions of the Law on Personal Data Protection.
8. Complaint to a supervisory authority
Without prejudice to any other means of administrative or judicial appeal, holders of personal data who feel in any way injured may submit a complaint to the National Data Protection Authority.
9. Changes to this policy
The current version of this Privacy Policy was last updated on April 22, 2021.
We reserve the right to modify these regulations at any time, especially to adapt them to any changes made to our website, either by making new features available, or by deleting or modifying existing ones.
Whenever there is a change, our users will be notified about it.
10. How to contact us
To clarify any doubts regarding this Privacy Policy or the personal data we process, please contact our Personal Data Protection Officer, through any of the channels mentioned below:
E-mail: data.privacy@scielo.org
Postal address: Avenida Onze de Junho, 269 - Vila Clementino
04041-050 São Paulo, SP – Brasil