Data retention policy
The PENCE calculates the retention period of personal data according to the following criteria:
● Period required to fulfill the purpose of collection;
● When the User or third party who granted access to PENCE's services ceases to use these services or requests the revocation of consent;
● The time required to demonstrate compliance with PENCE's duties and obligations ;
● The period required by law, regulations, court decisions, etc.;
● Determination of the National Data Protection Authority;
● Compliance with a legal or regulatory obligation by the controller;
● Perfect performance of the contract;
● Needs related to compliance with the legal system, as well as for any legal disputes;
● Study by a research body, ensuring, whenever possible, the anonymization of personal data;
● Transfer to a third party, provided that the data processing requirements laid down by law are respected; or
● Exclusive use of the controller, its access by a third party prohibited, and as long as the data is anonymized.
Data archiving and removal policy
According to the Brazilian General Data Protection Law, the User will have the following rights regarding the treatment of their personal data:
● Right of Deletion : the User may request the deletion of some data, except those where the law authorizes its conservation;
● Right to Withdraw Consent : The User may cancel any consent previously granted to PENCE to use his personal data. The User is aware that the cancellation will not affect the use or sharing of the data carried out prior to the request to revoke consent.
The rights provided for in this chapter are not absolute, and the User must, whenever he wishes to exercise them, contact PENCE through the channel : firstname.lastname@example.org
Data storage policy
PENCE uses appropriate technologies and procedures to protect any personal data collected (including administrative protection, physical and technical) according to the level of risk and the service provided, having a legally responsible staff to handle the secure management of data in line with legal provisions, regulatory requirements, technology changes, among other relevant factors that may influence the way to protect personal data.
PENCE uses reasonable efforts to market to ensure the security of their systems and the data collected, using providers Internet and database servers and highly qualified and respected storage, and security certificates (SSL) and software protection against unauthorized access to systems, as well as standard methods for encrypting and anonymizing collected data.
This Policy represents PENCE's effort to safeguard User information. However, due to the very nature of the Internet , it is not possible to guarantee that malicious third parties will not succeed in improperly accessing the stored information, which is why, if this occurs, PENCE will be liable within the limits provided for by Law.
App/service has sub-processors