Privacy Policy

In force since June 5, 2023

Welcome to the Privacy Policy of the Brazilian Coalition on Climate, Forests and Agriculture!

It explains how we handle your personal data. For us it is paramount to clearly explain what rules we use to process your personal information and data as we value your privacy and believe that your data should be treated with caution and respect. Its content applies to all our digital platforms and to all the events we hold, whether online or in person.

We request only the strictly necessary data for each occasion and use it only for the purposes stated in this Policy. In some instances, we may need to share your data with third parties, but rest assured, this information will be expressed here along with the identification of the third party and the sharing purpose.

1. Definitions

National Data Protection Authority: It is the federal government body in charge of inspecting and regulating the implementation of the LGPD. Its primary mission is to be a connection between society and the government, providing services to citizens and guiding government agencies and companies on data processing practices permitted or prohibited by the current legislation.

Database: Refers to an organized set of data that may be stored electronically or physically, in one or more locations.

Sharing: Refers to the communication, transfer, interconnection, or common processing of personal data between public or private entities, subject to specific authorization.

Consent: free, informed, and unambiguous expression by which the data subject agrees to the processing of his personal data for a determined purpose. 

Cookies: These are small files sent by a platform’s server to the user’s device. Their purpose is to identify the device and collect access data, allowing the user experience on the platform to be customized and providing better security for users.

Personal data: It is any information related to a natural person that can identify him/her, such as name, e-mail address, social security number, IP address, device ID, and other identifiers that combined make it possible to identify a specific user.

Sensitive Personal Data: It is any information related to a natural person that can identify him/her, such as name, e-mail address, social security number, IP address, device ID, and other identifiers that combined make it possible to identify a specific user.

Anonymized personal data: It is any information related to a natural person that can identify him/her, such as name, e-mail address, social security number, IP address, device ID, and other identifiers that combined make it possible to identify a specific user.

IP address: IP address, short for Internet Protocol, is a numerical identifier that is assigned to each device connected to a network that uses the IP protocol. Its function is to route data packets on both the Internet and private networks.

Deletion: The process of removing a piece of data or set of data stored in a database, being an action that occurs regardless of the employed method.

In charge person: Person appointed to act as a communication mediator between the Controller, the data subjects, and the National Data Protection Authority. To contact the person in charge, you can send an email to faleconosco@coalizaobrasil.org.

Purpose: It is the legitimate purpose established and communicated to the data subject, ensuring the legitimacy of the processing of his personal data.

Security Incident: Any event or situation that compromises or poses a risk to the security of personal data. These incidents can encompass actions such as unauthorized access to information, loss, theft, accidental disclosure, or destruction of personal data.

Operator: Natural or legal person who performs the data processing on behalf of the controller and according to its instructions.

Data subject: Natural person to whom the personal data subject to processing refer. 

Data treatment:  It is the set of actions performed with personal data, encompassing activities such as collection, production, receipt, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, deletion, evaluation, control, modification, communication, transfer, disclosure or extraction of information.

What personal data we treat?

On our site we may process the following data:

• Full Name;
• E-mail;
• Organization;
• Sector;

The data we collect from you specifically will depend on the type of relationship you have with us. For example:

• If you sign up to receive updates and communications from us, we will treat your name and e-mail address.
• If you want to attend our events, we usually ask for your name, e-mail address and phone number. It is also possible that we may collect image data but rest assured that you will be informed of this beforehand.
• In case you decide to answer forms or surveys that we are conducting as part of our activities, it is important to note that in addition to information and opinions, we may also collect personal data.

For what purpose the data is used?

The data we have listed above can be used for:

• Communicate with you;
• Keep your registration up to date;
• Allow you to attend our initiatives and events.

3.1. Navigation 

When you access our site, we may collect some data related to your browsing. This data is collected through “cookies” that are used to better understand how people use our site and improve their experience. This collection may include the following data:

• Your internet connection;
•  Type of computer you are using (operating system);
• Type of browser you are accessing the website through (type, version, enabled options); 
• Which pages you have visited on our site. 

We do not collect information such as e-mail addresses and do not install any programs on your computer that might compromise your security.

Most of this data is collected via cookies, which are small files that help us gather information automatically. If you do not wish to share this data, you can disable cookies in your browser. Here are the instructions for disabling cookies in different browsers: Google Chrome, Microsoft Edge e Internet Explorer, Firefox, e Safari.

3.2. Updates and communications

If you choose to sign up to receive communications from us, such as our newsletter, we will collect some personal data. In this case, only name and e-mail address will be collected and used solely for this purpose. Your consent is essential for collecting and using this personal data, and we want to ensure that we take all necessary steps to protect your privacy.

3. Events

When we host events, whether online or in person, we will collect some personal data from speakers, guests, and participants to ensure their effective attendance. If you agree, we will also use your data to keep in touch and promote our activities, and possibly treat your image.

3.4. Social media and third-party links

In our website, we provide links and icons to other pages, such as social media or websites with content related to the Coalition’s agenda. It is important to emphasize that these websites have their own privacy policies and, by accessing them, we lose control over what happens to your personal data.

When you click on the links and icons on our website, you will be redirected to other platforms that may collect information about you, such as your searches and interests, to serve you personalized advertisements.

Therefore, it is essential that you are aware that you are subject to the privacy policies and terms of use of these third-party platforms. Please read these policies carefully to understand how your personal data will be handled.

We are not responsible for the treatment of your information after accessing the other platforms. The inclusion of these links and icons is intended to publicize the organization’s activities and share information with the public.

4. Measures to protect your personal data

The security and privacy of your personal data are of the utmost importance to us. To ensure this protection, we have implemented technical and organizational measures to prevent unauthorized access, misuse, disclosure, or loss of personal information.

Internally, we have adopted several technical measures, including:

• Storage of personal data on secure servers, protected by security systems that prevent unauthorized access.
• Implementation of safe access controls and password policies, ensuring that only authorized employees can access personal data.
• Performing backups of personal data, ensuring the availability and integrity of this information in case of incidents or technical problems.

Furthermore, we have guidelines that follow best practices in information security, and we constantly update our organizational policies to ensure the security and protection of personal data we store.

In the event of any security breach, we will take appropriate measures in accordance with the provisions of the General Data Protection Law (LGPD).

5. Data Sharing

Sharing your data will occur only if permitted by law or with your permission. In certain specific situations, we may share your personal data with third parties:

• With your express consent to share with specific people.
• If it is necessary to use a third-party company to provide a certain service (sending our newsletter, for example).
• To comply with the terms or agreements established between us.
• If there is a legal or court requirement that we must share information. We will do our best to notify you in such cases.
• In some circumstances, we may anonymize your personal information so that it cannot be associated with you.

We carefully select the recipients who can access your information and regularly review their security and privacy policies to ensure that they offer protections equivalent to those we consider important.

These third parties may be involved in technical support activities, outreach campaigns, or projects related to our mission. 

5.1. International Data Transfer

Due to the use of (i) software that stores personal data on cloud servers and (ii) e-mail sending tools, transfer of personal data abroad may occur. The reason for this is that these tools may store information on servers located in other countries. However, we perform a careful analysis of contracted service providers to ensure that this operation is secure and complies with the provisions of the General Data Protection Law.

6. Personal data storage period

The personal data you provide will be kept only for the period necessary for the specific project, campaign, or other purpose for which it was collected, in compliance with applicable laws and regulations.

It is worth noting that the information we store is directly related to the purpose for which it was collected.

7. As a data subject, what are my rights?

Your rights are of utmost importance, and it is essential that you are aware of what they are and how to exercise them. According to the LGPD, you have the following rights:

• Request information on whether and how your data is being processed by us.
• Request access to and confirmation of all personal information that we hold about you. In this case, we may request confirmation of your identity and then provide you with a report containing a copy of the information we hold about you.
• Withdraw your consent at any time, except in cases where the data is processed on grounds of regulatory obligation or legitimate interest. After we receive notice of withdrawal of your consent, we will no longer process your personal information for the purposes for which it was intended.
• Request information about the possibility of not providing your consent and about the consequences of such refusal in each case.
• Request that we amend incorrect, incomplete, or inaccurate information about you in our databases.
• Request the anonymization, blocking or deletion of data that you consider unnecessary for the purpose it is being used, or that you consider excessive or treated in non-compliance with LGPD.
• Have the right to request the deletion of your information from our files and systems when there is no reason to keep it.
• Request the portability of your data to another service or product provider, unless this data has already been anonymized by us, following the guidelines established by the National Authority for Personal Data Protection.
• Request information about the sharing of your data with other public or private institutions.
• Request to have your information deleted from our communication or marketing lists. This will cause you to stop receiving messages and e-mails from us if you no longer wish to receive them.

To exercise any of these rights or to obtain more information about our privacy practices, please contact us at faleconosco@coalizaobrasil.org. We may request confirmation of your identity to ensure the proper exercise of these rights.

8. Updates to this Policy

We may update this Privacy Policy at any time to keep pace with changes in the law or in our privacy practices. If we make any changes, we will post them on our website with the most recent date so that you will know when the policy was updated. This is important to ensure the privacy and security of your personal data.