• Home
  • Terms of Consent

Terms of consent for the processing of personal data

This document aims to record the free, informed and unequivocal statement by which the Holder agrees with the processing of his personal data for a specific purpose, in accordance with Law nº 13.709/2018 – General Personal Data Protection Law (LGPD).

By expressing his acceptance of this term, the Holder consents and agrees that INSTITUTO DARA, a non-profit civil association, headquartered in the City of Rio de Janeiro, State of Rio de Janeiro, at Rua das Palmeiras, nº 65, Part, Botafogo, Rio de Janeiro, CEP 22.270-070, registered with CNPJ/MF under No. 40.358.848/0001-01, through HubEP, hereinafter referred to as CONTROLLER, make decisions regarding the processing of your personal data, as well as carry out the processing of your personal data, involving operations such as those referring to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storing, deleting, evaluating or controlling information, modifying, communicating, transferring, disseminating or extracting.

1. PROCESSED PERSONAL DATA

1.1. The CONTROLLER is authorized to carry out the treatment and to make decisions regarding the treatment of the following personal data of the Holder, in the use of HubEP:
– Full name;
– Email address;
– Organization you work for (if applicable)
– Occupation area;
– Phone number;
– City and state where you live;

2. PURPOSES OF DATA PROCESSING

The processing of the data listed in this term has the following purposes:
(i) Enable the CONTROLLER to use such data to register the Holder on the platform and allow access and download of materials such as ebooks, booklets, infographics, etc., made available by the CONTROLLER.
(ii) Enable the CONTROLLER to use such data to monitor the intellectual property of the contents made available and downloaded by the Holder, in addition to monitoring impact, scope and research.
(iii) Enable the CONTROLLER to store such data and information on its own server for due treatment for the duration of the relationship with the Holder.
(iv) Enable the CONTROLLER to comply with legal and regulatory obligations.

3. DATA SHARING

3.1 The CONTROLLER is authorized to share the Holder’s personal data with other data processing agents, for the strict purposes listed in this term, subject to the principles and guarantees established by Law No. 13,709/2018.

4. DATA STORAGE

4.1. Personal data may be stored in a digital file, by the CONTROLLER’s institutional server, in addition to the Google Drive Platform, through the CONTROLLER’s private account.

5. DATA SECURITY

5.1. The CONTROLLER is responsible for maintaining security, technical and administrative measures capable of protecting personal data from unauthorized access and accidental or illegal situations of destruction, loss, alteration, communication or any form of inappropriate or illegal treatment.

5.2. Pursuant to art. 48 of Law No. 13,709/2018, the CONTROLLER will notify the Holder, its legal guardian and the National Data Protection Authority (ANPD) of the occurrence of a security incident that may entail significant risk or damage to the Holder.

6. TERMINATION OF DATA PROCESSING

6.1. The CONTROLLER may keep and process the Holder’s personal data for as long as they are relevant to the purposes listed in this Term. Anonymous personal data, without the possibility of association with the individual, may be kept for an indefinite period.

6.2. The Holder may request via email or correspondence to the CONTROLLER, at any time, that their non-anonymized personal data be deleted.

6.3. The Holder is aware that it may be impracticable for the CONTROLLER to continue providing some products or services to the Holder after deleting his/her personal data.

7. HOLDER RIGHTS

7.1. The Holder has the right to obtain from the CONTROLLER, in relation to the data processed by it, at any time and upon request: I – confirmation of the existence of treatment; II – access to data; III – correction of incomplete, inaccurate or outdated data; IV – anonymization, blocking or deletion of data that is unnecessary, excessive or treated in violation of the provisions of Law No. 13,709/2018; V – portability of data to another service or product provider, upon express request, in accordance with the regulations of the national authority, observing commercial and industrial secrets; VI – deletion of personal data processed with the consent of the holder, except in the hypotheses provided for in art. 16 of Law No. 13,709; VII – information on public and private entities with which the parent company shared data; VIII – information on the possibility of not providing consent and on the consequences of the refusal; IX – revocation of consent, pursuant to § 5 of art. 8 of Law No. 13,709/2018.

8. RIGHT TO REVOK CONSENT

8.1. This consent may be revoked by the Holder, at any time, upon request via e-mail or correspondence to the CONTROLLER, except for cases of mandatory data processing to comply with a legal or regulatory obligation by the CONTROLLER