Privacy Policy

  • Afetto Design, a private legal entity, respects your privacy and is committed to protecting and securing the personal data of our customers. This Privacy Policy describes how we collect, use, store, and share users'/consumers' personal information when they access our website and interact with our services.

    1. Scope of the Privacy Policy

    This policy applies to the use of our website www.afettodesign.com. It does not apply to third-party websites, even if they are linked to our website, and we suggest that you read the privacy policy of any external website you interact with. The collection of data by third parties, through these websites, is not the responsibility of Afetto Design.

    2. Important Definitions

    2.1 User

    Any person who accesses, browses, or uses the services offered by Afetto Design, including customers, website visitors, and third parties who interact with our platform.

    2.2 User Data

    Comprises any information related to the user that can identify them directly or indirectly. This data may include:

    • Personal Data: Name, CPF (Brazilian individual taxpayer ID), email, telephone, address, among others.
    • Sensitive Personal Data: Information about racial or ethnic origin, religious convictions, union affiliation, biometric data, health and sexual life, among others.
    • Browsing Data: IP address, device type, browser used, cookies, geolocation, time spent, and other technical information related to your interaction with our website.
    • Payment Data: Information necessary to process payments, such as credit card number (processed by specialized third parties in secure payments).
    • Data Processing: The collection, storage, processing, sharing, elimination, and any other operation involving your personal data.
    • General Data Protection Law (LGPD): Law No. 13,709/2018, which regulates the processing of personal data in Brazil.

    2.3 Cookies

    Small files stored on the user's device that serve to optimize the browsing experience, personalize content, and provide statistical analysis about website use. The user can manage cookie permissions directly in their browser.

    3. Legal Bases for Data Processing

    Data collection and processing by Afetto Design are carried out based on the following legal grounds provided in the LGPD:

    • Contract Execution (Art. 7, V): To enable the provision of services, such as online purchases and product delivery.
    • Fulfillment of Legal or Regulatory Obligation (Art. 7, II): To meet legal requirements, such as issuing invoices.
    • Legitimate Interest (Art. 7, IX): For service improvements and personalization of the user experience, respecting their rights and guarantees.
    • Data Subject's Consent (Art. 7, I): When applicable, for sending promotional communications and newsletters.

    4. Purposes of Data Processing

    We use the collected data to:

    • Register you on our website.
    • Process purchases and deliveries.
    • Effectuate your purchase with payment platforms.
    • Effectuate the delivery and eventual collection of products.
    • Issue invoices.
    • Contact the user to inform about updates to the requested order.
    • Personalize the website browsing experience.
    • Send promotional information, newsletters, and advertising.
    • Comply with legal and regulatory obligations before inspection and regulatory bodies.
    • Improve our services based on user behavior and preferences.

    5. Data Sharing

    We may share your data with:

    • Service Providers: Such as transport companies, Correios (Brazilian Post Office), payment platforms, and internal collaborators who need to access the data to provide our services.
    • Legal Authorities: In compliance with judicial or regulatory determinations.
    • Business Partners: To improve the user experience, such as companies responsible for email marketing platforms, hosting servers, and cloud storage.

    6. Data Security

    We adopt adequate security measures to protect your personal data against unauthorized access, alteration, sharing, or undue destruction, with data encryption and internet connection authentication, through TLS 1.3 protocol.

    7. Data Subject Rights and Contact

    According to Article 18 of the LGPD, users have the following rights:

    DATA SUBJECT'S RIGHTS

    YOUR RIGHT

    Confirmation of processing

    Question whether the company uses the data subject's personal data (for example: to know if personal information is stored)

    Access to your personal data

    Access the personal data processed by the company (for example: to know which personal data the company uses)

    Correction of your personal data

    Request alteration and correction of personal information (for example: change registered address)

    Deletion, anonymization, and blocking of personal data

    Request deletion of your data from our database, ask for data to be anonymized (using techniques that do not allow user identification, such as leaving CPF in XXX.XXX.XXX-00 format) and request suspension of information use for some time

    We remind you that certain requests may wholly or partially affect the use of our website and services, and certain requests, due to legal obligations, may not be fully fulfilled

    Portability of your personal data

    Request that your personal data be transferred, in physical or digital format, to a third party

    Revocation of consent (previously granted)

    In cases where the applicable legal basis is consent (free, informed, and unequivocal manifestation in which the user agrees to the company using their personal information), the user can request the cancellation of this previous authorization.

    Deletion of personal data (when the legal basis is consent)

    Have personal data that was processed by the company based on consent deleted

    We remind you that personal data, which is processed based on another legal hypothesis, will be retained.

    Request information about the sharing of your personal data

    Know which companies, public or private, receive and can access your Personal Data.

    Object to the processing of your personal data

    Complain about the processing of personal data carried out by the company, IF it is not in accordance with the legislation or this Policy

    Users can submit their requests and questions through the Privacy Help Desk and Questions (atendimento@afetodesign.com).

    When contacting us, please identify yourself (full name and an identity document), explain your request and the specific situation, and provide relevant documents. This information is mandatory so that we can identify our customer and understand the context of the use of their personal information.

    Your request may be partially fulfilled or, in some situations, it may not be possible to execute, in accordance with the rights and obligations provided by law. However, any request will be answered with an explanation of the reasons justifying the fulfillment or non-fulfillment of the request.

    8. Retention/Storage of Personal Data

    Personal data will be kept only for the time necessary to fulfill its purposes or as required by law.

    9. Use of Cookies and Similar Technologies

    We use cookies to improve the user experience, collect statistics, and offer personalized content. The user can disable them at any time by adjusting browser settings.

    10. Privacy Policy Updates

    We may update this policy periodically to reflect changes in legislation or in our practices. We will notify you of significant changes through our website or email.

    Last amended and updated: April/2025