Privacy Policy

CESE / Ecumenical Coordination of Service (Coordenadoria Ecumênica de Serviço)
National Registry of Legal Entities (Cadastro Nacional da Pessoa Jurídica: CNPJ) no.: 13.589.270/0001-21

This is the Privacy Policy of the Ecumenical Coordination of Service (Coordenadoria Ecumênica de Serviço: CESE) updated on 01/08/2021, in line with the most recent good practices and in accordance with the General Data Protection Law (Lei Geral de Proteção de Dados: LGPD).

In this policy you will find all the information you need about when and why we collect your data and how we use this information, in addition to your rights as a data subject.

Please find below some important definitions to help you understand this Privacy Policy:

Legal bases: these are the possibilities raised by the General Data Protection Law that authorize the processing of personal data, such as the subject’s consent, the need to fulfil a contract, the fulfilment of legal obligations and so forth.

CESE is the Ecumenical Coordination of Service (Coordenadoria Ecumênica de Serviço), a legal entity of private law, registered on the National Registry of Legal Entities (Cadastro Nacional da Pessoa Jurídica: CNPJ) under no. 13.589.270/0001-21, whose offices are in Salvador, Bahia.

Data controller: someone, either an individual or an entity, who makes decisions about personal data processing.

Consent: When you authorize the processing of your personal data for a specific purpose, which you will be informed about in advance.

Cookies: files which serve as navigation guides, enabling recognition of your browser or device.  In this way we will know how and why pages are visited, as well as how many people access them.  This may be useful to ensure the website fits your screen, to understand your preferences better or to offer you more efficient Products, Businesses and Experiences.

Personal data: this is information that identifies a person, or at least makes it possible to identify them.  This information includes your name, address, telephone, e-mail etc.

Sensitive data: this is information that could lead to discrimination or prejudice, such as: racial or ethnic origin, religious conviction, political opinion, etc.  Other information considered sensitive includes information about your health or sexual orientation, genetic or biometric data, when linked to an individual.

Purpose: this is the reason why your personal data is processed or the intended aim of this data processing.

Data operator: someone who undertakes data processing on behalf of the controller and is authorized and ordered by the controller to do so.  This could be an individual or an entity.

Products, Services and Experiences: all the experience and customer journey provided by CESE through its website, technology and other services, such as online donations.

Data subject: the person whose personal data is collected.

Processing: every operation performed using personal data, such as collection, storage, consultation and analysis, for example.

How and when does CESE collect your personal data?

When you fill in a form on our website, data is collected directly from you.  In other cases, we collect data automatically through cookies, such as through automatic field completion, or similar technology on the website.  All collection events and situations are explained below:

In which events or interactions may we collect your data?

  • We automatically collect some data through cookies, related to your browsing and to the device you use to access platforms;
  • We automatically collect some data through tools such as Google Tag Manager, Google Analytics, Google Ads, Facebook Pixel, Facebook ads.
  • We collect data when you actively contact us, for example, through our customer service, in forms on our website, e-mail or via videoconferencing.

Below we clarify how we process your data, in what situations, the purpose and legal basis.

If you visit our website

If you access our website alone, we may collect the following data:

Navigation on our website

Type of Data Collected Purpose Legal Basis
Access device data, tracking pixels, cookies and related technology. To comply with the legal obligations related to

IP-guard, date and time of website access

(art. 15 of law no. 12.965/2014).

Compliance with Legal Obligations
To understand your behaviour when using

our Services and Platform

in order to improve your experience

while browsing our website.

Legitimate Interest

 

Type of Data Collected Purpose Legal Basis
Data: Name, Telephone, E-mail

 

Contact and Donation Forms.

 

Contact user for support or in

response to requests, questions,

complaints or to validate donation data.

Consent

Website forms

Who do we share your personal data with?

Your personal data may be shared with third parties, but, as far as possible, we remain concerned with preserving your privacy.

Below, we describe the situations in which we might share your personal data and for what purposes:

  • Analytical tools.  The data we collect anonymously may be used for statistical purposes in order to understand the usage behaviour of those who visit our website. Our analysis of this information enables us to understand the browsing habits of our service users and website visitors and therefore to improve our work and customize it, in order to better meet the interests of users and ensure a satisfactory user experience.
  • Data checking. In order to ascertain the veracity of the information you provide us, it may be necessary to share certain data with public databases (such as the Inland Revenue Service), as well as with private databases, in order to avoid potential fraud – this protects both you and CESE.
  • Public Authorities. In the event of a request to share data by an authority with the legal competence to do so, or by a judge, CESE has a duty to share the requested information.

Does CESE transfer data internationally?

No. Although we use the servers of international companies, their databases are located in Brazil.  All data processing is therefore subject to Brazilian legislation.

What are your rights as a data subject?

A data subject has the right to choose whether or not to share their data with us.  However, we should remind you that some of this data may be required for the proper functioning of our services, such as registration data to make a purchase from our website.  Nevertheless, rights related to privacy and data protection will be safeguarded and respected by CESE in order to ensure access to and knowledge of all rights related to personal data.

We also remind you that CESE is the data operator of the data any user provides to its website, when sending forms or within the donation environment, accessed by login and password.

Brazilian law ensures a set of rights related to your personal data; these are listed below in order to facilitate your knowledge and so you can exercise them. If you do wish to exercise these rights, you can send an e-mail to: cesecomunica@cese.org.br

When you exercise your rights, CESE may request additional information for the purpose of verifying your identity and preventing fraud.  We do this to ensure user security and privacy.  Some requests may not be answered immediately, but we undertake to respond to all requests within a reasonable time and in compliance with the applicable legislation.

  • Right to access;
    • This allows you to request and receive a copy of the personal data we hold about you, provided that we are the controllers of this information.
  • Right to rectification;
    • This allows you to request the rectification of your personal data at any time, should any of it be incorrect; when we are the controllers of this information, we are able to correct it.
  • Right to erasure;
    • This allows you to request the deletion of your personal data from our database.  If possible, and if CESE has no reason to keep it, all collected data will be deleted from our servers when you request it.
  • Right to object;
    • This allows you to object to the processing of your data when we are relying on a legitimate interest to do so and when you believe that this impacts on your fundamental rights and freedoms.
  • Right to request anonymization, blocking or deletion;
    • This allows you to (a) ask us to make your data anonymous so that it can no longer be connected to you and is therefore no longer personal data; (b) block your data, temporarily suspending the possibility of processing your data; (c) delete your data, in which case we will delete all of your data – this is irreversible.
  • Right to data portability;
    • This allows you to ask CESE to provide you, or any third party you elect, with your personal data, in a structured and interoperable format, provided that CESE is the controller. Similarly, you can ask other organizations to send your personal data to CESE.
  • Right to withdraw consent.
    • This allows you to withdraw your consent to processing activities. However, this will not affect the legality of any previous processing. Please note that, if you withdraw your consent, in certain cases it may not be possible to provide our services in their entirety. CESE will advise you of this.

How long will my personal data be stored for?

We will only store your data for as long as we are required to fulfil the purposes for which it is collected, so as to comply with any legal, contractual or accountability obligations or requests from the competent authorities.

What are our responsibilities and how do we protect your data?

CESE always seeks to employ the most advanced technological standards to protect the confidentiality of users’ personal information.  We consider information, documents and data generated by users as a valuable asset that must be protected from any loss or unauthorized access, and therefore employ various security techniques to prevent unauthorized access.

Nevertheless, we accept that no application is 100% (one hundred percent) secure, and that CESE cannot prevent third parties from acting in bad faith to try to gain access to information, data or documents. For this reason, please treat your personal information and data with great care, since hardware or software failures and other factors that are not within CESE’s control may compromise the security of your personal data. Your actions are therefore essential to maintaining a secure environment for everyone.

How can you help to maintain a secure environment for everyone?

Certain measures and good practices can support this:

  • Don’t share your password with third parties, your password is for personal use and guarantees control of access to your account on our website;

Should you identify or become aware of anything that compromises the security of your data, please contact us at cesecomunica@cese.org.br

External links

Our website contains links to other websites, please note that their content is not CESE’s responsibility. The fact that a link is on our page does not indicate support, endorsement, authorization or affiliation with that website. CESE is therefore not responsible for other institutions’ Privacy Policies.

Our Privacy Policies only apply to pages on our domain (cese.org.br), independent of external links to other domains.

Payment charges

When you fill in our donation form, we may provide other means of payment, such as: debit card, credit card or bank payment slip.

Once you have made a donation using one of our payment methods, you will become a CESE donor.

How can I speak to CESE about personal data?

If you believe that your personal data has been used in a manner incompatible with this Privacy Policy or with your choices as a data subject, or if you have any questions, comments or suggestions about this policy, please contact us at: cesecomunica@cese.org.br

Privacy Policy Changes

We are always seeking to improve our Products, Services and Experiences and this Privacy Policy may be updated to reflect any improvements made.  We therefore recommend that you periodically visit this page in order to remain up-to-date about any changes made.

Should we make any changes that require further consent, we will contact you.