Privacy Policy

Afetto Design, a private legal entity, respects your privacy and is committed to the protection and security of our customers' personal data. This Privacy Policy describes how we collect, use, store, and share personal information of users/consumers when accessing our website and interacting with our services.


1. Scope of the Privacy Policy

This policy applies to the use of our website www.afettodesign.com. It does not apply to third-party websites, even if they are linked to our website, and we suggest that you read the privacy policy of any external website with which you interact. The collection of data by third parties, through these websites, is not the responsibility of Afetto Design.


2. Important Definitions

2.1 User

Any person who accesses, browses, or uses the services offered by Afetto Design, including customers, website visitors, and third parties who interact with our platform.

2.2 User Data

Comprises any information related to the user that can directly or indirectly identify them. This data may include:

  • Personal Data: Name, CPF (Brazilian individual taxpayer ID), email, phone, address, among others.
  • Sensitive Personal Data: Information about racial or ethnic origin, religious convictions, trade union membership, biometric data, health, and sexual life, among others.
  • Navigation Data: IP address, device type, browser used, cookies, geolocation, time spent, and other technical information related to your interaction with our website.
  • Payment Data: Information necessary to process payments, such as credit card number (processed by specialized secure payment third parties).
  • Data Processing: The collection, storage, processing, sharing, elimination, and any other operation involving your personal data.
  • General Data Protection Law (LGPD): Law No. 13,709/2018 that regulates the processing of personal data in Brazil.

2.3 Cookies

Small files stored on the user's device that serve to optimize the browsing experience, personalize content, and provide statistical analyses of website usage. The user can manage cookie permissions directly in their browser.


3. Legal Basis for Data Processing

The collection and processing of data by Afetto Design are carried out based on the following legal grounds provided for in the LGPD:

  • Contract Execution (Art. 7, V): To enable the provision of services, such as online purchases and product delivery.
  • Compliance with Legal or Regulatory Obligation (Art. 7, II): To meet legal requirements, such as issuing invoices.
  • Legitimate Interest (Art. 7, IX): To improve service and personalize the user experience, respecting their rights and guarantees.
  • Data Subject's Consent (Art. 7, I): When applicable, for sending promotional communications and newsletters.


4. Purposes of Data Processing

We use the collected data to:

  • Register you on our website.
  • Process purchases and deliveries.
  • Complete your purchase with payment platforms.
  • Effect delivery and eventual collection of products.
  • Issue invoices.
  • Contact the user to inform about requested order updates.
  • Personalize the browsing experience on the website.
  • Send promotional information, newsletters, and advertisements.
  • Comply with legal and regulatory obligations to oversight and regulatory bodies.
  • Improve our services based on user behavior and preferences.


5. Data Sharing

We may share your data with:

  • Service Providers: Such as transport companies, Correios (Brazilian Post Office), payment platforms, and internal collaborators who need to access the data to provide our services.
  • Legal Authorities: In compliance with judicial or regulatory determinations.
  • Commercial Partners: To improve the user experience, such as companies responsible for email marketing platforms, hosting servers, and cloud storage.

6. Data Security

We adopt appropriate security measures to protect your personal data against unauthorized access, alteration, sharing, or undue destruction, including data encryption and internet connection authentication, using the TLS 1.3 protocol.


7. Data Subject Rights and Contact

According to Article 18 of the LGPD, users have the following rights:


DATA SUBJECT RIGHTS

YOUR RIGHT

Confirmation of processing

Question whether the company uses the data subject's personal data (e.g., to know if personal information is stored)

Access to your personal data

Have access to the personal data the company processes (e.g., to know what personal data the company uses)

Correction of your personal data

Request alteration and correction of personal information (e.g., change registered address)

Deletion, anonymization, and blocking of personal data

Request deletion of your data from our database, ask for data to be anonymized (using techniques that prevent user identification, such as leaving CPF in the format XXX.XXX.XXX-00), and request suspension of information use for some time


We remind you that certain requests may affect, wholly or partially, the use of our website and services, and certain requests, due to legal obligations, may not be fulfilled in their entirety.

Portability of your personal data

Request that your personal data be transferred, in physical or digital format, to a third party

Revocation of consent (previously granted)

In cases where the applicable legal basis is consent (free, informed, and unequivocal manifestation in which the user gives their agreement to the company to use their personal information), the user can request the cancellation of this prior authorization.

Deletion of personal data (when the legal basis is consent)

Have personal data processed by the company based on consent deleted


We remind you that personal data processed under other hypotheses will continue to be processed.

Request information about the sharing of your personal data

Know which companies, public or private, receive and can access your Personal Data.

Present opposition to the processing of your personal data

Complain about personal data processing carried out by the company, IF it is not in accordance with the legislation or this Policy


Users can make their requests and inquiries through the Service and Privacy Questions Center (atendimento@afetodesign.com).

We ask that when contacting us, you identify yourself (full name and an identity document), explain your request and the specific situation, and provide relevant documents. This information is mandatory so that we can identify our client and understand the context of the use of their personal information.

The fulfillment of your request may be partial or, in some situations, may not be possible to execute, in accordance with the rights and obligations provided by law. However, any request will be answered with an explanation of the reasons justifying the fulfillment or non-fulfillment of the request.


8. Retention/Storage of Personal Data

Personal data will be kept only for the time necessary to fulfill its purposes or as required by law.


9. Use of Cookies and Similar Technologies

We use cookies to improve the user experience, collect statistics, and offer personalized content. Users can disable them at any time by adjusting their browser settings.


10. Privacy Policy Update

We may update this policy periodically to reflect changes in legislation or our practices. We will notify you of significant changes through our website or email.

Last modified and updated: April/2025