1. In this document, we use the terms as follows:
1.1. Personal Data - Information related to a physical person that can identify him/her or make it possible to identify him/her. Examples of Personal Data that may enable their identification: Name, CPF, telephone, e-mail, and others.
1.2 "Sensitive Personal Data": Personal data concerning racial or ethnic origin, religious conviction, political opinion, membership of a union or religious, philosophical or political organization, data concerning health or sex life, genetic or biometric data.
1.3. Operator - TUDA service, a person who independently organizes the processing of personal data as well as determines the purposes of personal data processing, the composition of the personal data to be processed, the actions (operations) performed on personal data.
1.4. Customer - an individual who intends to enter into a commercial concession contract (franchising contract) with the Operator.
1.5. Site - a set of electronic computer programs and other information contained in the information system, which is accessed via the Internet by domain names and (or) network addresses that allow identification of sites on the Internet, used by the Operator to advise the Client on the conclusion of the commercial concession contract (franchise contract) and acceptance of Applications. Website address: franquia.tu-da.com.
1.6. Application - an application sent by the Client to the Operator through the Website for a commercial concession contract (franchising contract).
1.7. Processing of personal data - any action (operation) or set of actions (operations) performed with or without the use of automation tools, with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, alteration), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
1.8. Automated processing of personal data - processing of personal data using computer technology.
1.9. The blocking of personal data is a temporary suspension of the processing of personal data (unless the processing is necessary to clarify personal data).
1.10. Destruction of personal data - actions resulting in the impossibility of restoring the content of personal data in the personal data information system and (or) the destruction of material personal data carriers.
1.11. Personal data information system - a collection of personal data contained in databases and information technologies and technical means that ensure their processing.
1.12. Cookies are pieces of data sent by the website and stored on a computer, cell phone or other device from which the Client visits the website, used to store data about the Client's actions on the website.
2. By submitting an Application to the Operator through the Website, the Client agrees to the terms of this policy, including giving consent to the Operator to process his personal data, in cases where the provisions of current legislation require such consent.
3. During the processing of personal data, the Client is entitled to:
3.1. Receive information about the processing of his/her personal data, including:
3.1.1. Confirmation of the fact of personal data processing;
3.1.2. Legal grounds and purposes for processing of personal data;
3.1.3. Purposes and methods applied to personal data processing;
3.1.4. Information about the name and location of the person who handles personal data, information about persons (excluding employees of the Operator) who have access to personal data or to whom personal data may be disclosed on the basis of an agreement with the Operator or on the basis of applicable law;
3.1.5. Processed personal data relating to the relevant subject of the personal data, the source of its receipt, unless a different procedure for the provision of such data is provided for by applicable law;
3.1.6. Terms of personal data processing, including the terms of its storage;
3.1.7. The procedure for implementation by the Client of the rights provided for in the legislation in force;
3.1.8. Information on the cross-border data transfer performed or proposed;
3.1.9. Name or surname, first name, surname and address of the person who processes the personal data on behalf of the Operator, if the processing is or will be entrusted to such a person;
3.1.10. Other information provided by the legislation in force.
3.2. Require the Operator to clarify his/her personal data, block or destroy it if the personal data is incomplete, outdated, inaccurate, unlawfully obtained, or not necessary for the stated purpose of processing.
4. During the processing of personal data, the Operator undertakes to:
4.1. Provide the Client, at his/her request, with the following information:
4.1.1. Confirmation of the fact of personal data processing;
4.1.2. Purposes of personal data processing;
4.1.3. Applied methods for personal data processing;
4.1.4. His/her name and location, information about people (excluding employees) who have access to personal data or to whom personal data may be disclosed;
4.1.5. Processed personal data of the Client, source of its receipt, unless a different procedure for the provision of such data is foreseen by applicable law;
4.1.6. Terms of personal data processing, including the terms of its storage;
4.1.7. The procedure for implementation by the Client of the rights provided for in the legislation in force;
4.1.8. Information on the cross-border data transfer performed or proposed;
4.1.9. Name or surname, first name, surname and address of the person who processes the personal data on behalf of the Operator, if the processing is or will be entrusted to such a person;
4.1.10. Other information provided by the legislation in force.
4.2. Ensure that measures are taken to prevent unauthorized access to the Customer's personal data.
5. The purpose of processing the Customer's personal data is to advise the Customer on entering into a commercial concession contract (franchise contract) and the conclusion of the said contract.
6. The Client's personal data is stored electronically and processed by means of automated systems for processing of personal data.
7. The Operator collects and processes the following personal data of the Client:
7.1. Full name
7.2. Phone number of the subscriber;
7.3. e-mail address.
8. The Customer's personal data is destroyed by the Operator in the following cases:
8.1. Three years following the expiration date of the commercial concession contract (franchising contract) or three years following the date of the Customer's last application to the Operator (if the contract has not been concluded);
8.2. In case of withdrawal by the Customer of consent to the processing of his/her personal data.
9. The destruction of the Customer personal data is carried out without possibility of its further recovery.
10. Only persons directly related to advising the Customer on the conclusion of a commercial concession contract (franchise contract) and its execution have access to the Customer's personal data. In other cases, the Operator does not distribute the Customer's personal data, and also does not provide access to them to third parties without obtaining the Customer's prior consent, except in cases where the personal data are provided at the request of authorized state bodies in accordance with applicable law.
11. The Operator takes the following measures to prevent unauthorized access to the Customer's personal data:
11.1. Appoints employees responsible for organizing the processing of personal data;
11.2. Applies organizational and technical measures to ensure the security of the Customer's personal data, in particular:
11.2.1. Identifies security threats to personal data during processing in personal data information systems;
11.2.2. It organizes the system for guaranteeing the security of the facilities where the information system is located, preventing the possibility of uncontrolled entry or stay in these facilities by persons who are not allowed to have access to these facilities;
11.2.3. Ensures the security of personal data carriers;
11.2.4. Approves the list of persons with access to personal data necessary for the performance of their official (labor) duties;
11.2.5. Uses the necessary information security tools to prevent unauthorized access to personal data;
11.2.6. Evaluates the effectiveness of measures taken to ensure the security of personal data;
11.2.7. Ensures the detection of facts of unauthorized access to personal data and the adoption of measures;
11.2.8. Restores personal data modified or destroyed due to unauthorized access to them (if there is a technical possibility of such recovery);
11.2.9. Establishes the rules of access to personal data processed in the personal data information system
11.2.10. Controls the measures taken to ensure the security of personal data and the security level of the personal data information system.
13. The operator can use the following types of cookies:
13.1. Strictly necessary cookies. They are required to navigate the Website and use the requested services. Cookies of this type are used when the Client registers and logs in. Without them, the services requested by the Client are unavailable. These cookies are essential cookies and can be permanent or temporary. Without the use of this type of cookie, the Website will not function properly.
13.2. Performance cookies. They collect statistical data about the use of the Site. These files do not receive personal information from the Client. All information collected by these cookies is statistical and anonymous. Purposes for using these cookies are:
13.2.1. Obtaining site usage statistics;
13.2.2 Evaluating the effectiveness of advertising campaigns.
These cookies are either permanent or temporary and can be first and third-party cookies.
13.3. Functional Cookies. These are used to remember information provided by the Client (such as username, language or location). These files use anonymous information and do not track the Customer's actions on other sites. Purposes for using these cookies:
13.3.1. To remember whether any services have been provided to the Client before;
13.3.2. Improve the quality of interaction with the Website as a whole, remembering the preferences selected by the Client.
These cookies are either permanent or temporary and can be first and third-party cookies.
13.4. Advertising Cookies. They are used to manage advertising materials on the site, limit the number of times a user sees ads and measure the effectiveness of advertising campaigns. Advertising cookies are placed by third parties, such as advertisers and their agents. These cookies are associated with advertisements on the site provided by third parties. They can be permanent or temporary.
14. You can block or delete cookies as well as limit their effect in the browser settings used by the Client.
YOU AGREE WITH THIS PRIVACY STATEMENT AND ACKNOWLEDGE THAT IT IS COMPLEMENTARY TO THE TERMS AND CONDITIONS OF USE OF THE SERVICE USED. YOU FURTHER ACKNOWLEDGE THAT THE LAWS OF BRAZIL APPLY TO THE TREATMENT OF YOUR PERSONAL DATA AND OTHER INFORMATION SUBJECT TO THIS PRIVACY STATEMENT.