We are Sysphera

Sysphera is a Latin American company specializing in the development and maintenance of software solutions focused on planning and control of financial, operational and regulatory process of the company. These business processes are embedded within the concept of Comprehensive Performance Management.

Contact information
Brasil +55 (48) 3206-3107 contato@sysphera.com
Image Alt

Privacy Policy

1. Overview Information

This Privacy Policy contains information regarding the way we handle, in whole or in part, either automatically or not, the personal data of users who access our application. Its purpose is to inform stakeholders about the types of data that are collected, the reasons for the collection and how the user can update, manage or delete this information.

This Privacy Policy has been drawn up as per Federal Law 12.965 of April 23, 2014 (Brazilian Civil Rights Framework for the Internet), Federal Law 13.709 of August 14, 2018 (Personal Data Protection Act) and EU Regulation 2016/679 of April 27, 2016 (European General Data Protection Regulation – GDPR).

This Privacy Policy may be updated as a result of any regulatory update, which is why the user is invited to check this section periodically.


2. User Rights

The application is committed to comply with the rules provided for in the GDPR, in accordance with the following principles:

  • The user’s personal data shall be processed in a lawful, loyal and transparent way (lawfulness, loyalty and transparency);
  • The user’s personal data shall be collected only for specific, explicit and legitimate purposes, and may not be further processed inconsistently with such purposes (purpose limitation);
  • The user’s personal data shall be collected in an appropriate, relevant and limited way to the needs of the purpose for which they are processed (data minimization);
  • The user’s personal data shall be accurate and updated where required so that inaccurate data is deleted or rectified when possible (accuracy);
  • The user’s personal data shall be kept in a way that allows identifying the data subjects for no longer than is required for the purposes for which they are processed (conservation limitation);
  • The user’s personal data shall be handled securely, protected from unauthorized or unlawful handling and against their loss, destruction or accidental damage, adopting the appropriate technical or organizational measures (integrity and confidentiality).

The user of the application has the following rights, granted by the Personal Data Protection Act and the GDPR:

  • Right of confirmation and access: this is the right of the user to obtain, from the application, the confirmation of whether or not personal data concerning them are being processed and, if so, the right to access their personal data;
  • Right of rectification: this is the right of the user to obtain, from the application, without undue delay, the rectification of inaccurate personal data concerning them;
  • Right to delete data (right to be forgotten): this is the right of the user to have their data deleted from the application;
  • Right to limit data processing: this is the right of the user to limit the processing of their personal data, and the user can obtain it when they challenge the accuracy of the data, when the processing is unlawful, when the application no longer needs the data for the purposes proposed, when opposed to the processing of the data and in case of processing unnecessary data;
  • Right to objection: this is the right of the user to object, at any time, for reasons related to their particular situation, to the processing of personal data concerning them, and may also object to the use of their personal data to set a marketing profile (profiling);
  • Right to data portability: this is the right of the user to receive personal data concerning them and that they have provided to the application, in a structured format, of current use and automatic reading, and the right to transmit such data to another application;
  • Right not to be subjected to automated decisions: this is the right of the user not to be subject to any decision taken solely based on automated processing, including profiling, which has an effect in their legal sphere or significantly affects them in a similar way.

The user may exercise their rights by means of written communication sent to the application with the subject “GDPR”, specifying:

  • Full name or corporate name, CPF (Individual Taxpayer’s Registry, Brazilian Federal Revenue) or CNPJ (Brazilian Registry of Legal Entities, Brazilian Federal Revenue) number and e-mail address of the user and, if applicable, their representative;
  • The right they want to exercise with the application;
  • Date of request and user signature;
  • Any document that can demonstrate or justify the exercise of their right.

The request must be emailed to: contato@sysphera.com, or sent by mail to the following address:

SYSPHERA Tecnologia Ltda.
Rod. José Carlos Daux, 5500, Campeche B, 218
Saco Grande, Postal Code 88032-005
The user will be informed in case of rectification or deletion of their data.


3. Duty not to provide third party data

While using the website, in order to safeguard and protect the rights of third parties, the user of the application must provide their personal data only, and not those of third parties.


4. Information Collected

The collection of data from users will be as per the provisions of this Privacy Policy and will depend on the consent of the user, which is dispensable only in the cases provided for in Article 11, Item II, of the Personal Data Protection Act.

4.1. Types of Data Collected

4.1.1. Newsletter

The email address registered by the user who chooses to subscribe to our Newsletter will be collected and stored until the user requests their unsubscription.

4.1.2. Sensitive Data

No sensitive data will be collected from users, thus understood as those defined in Articles 9 and 10 of the GDPR and in Articles 11 et seq. of the Personal Data Protection Act. Thus, the following data, but not limited to them, will not be collected:

  • Data revealing the user’s racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership;
  • Genetic data;
  • Biometric data to uniquely identify a person;
  • Data concerning the health of the user;
  • Data concerning the user’s sexual life or sexual orientation;
  • Data concerning criminal convictions or offenses, or related security measures.
  • 4.1.3. Collection of data not expressly provided for

Where appropriate, other types of data not expressly provided for in this Privacy Policy may be collected, provided that they are provided with the consent of the user, or that the collection is permitted or imposed by law.

4.2. Legal basis for the processing of personal data

By using the application services, the user is consenting to this Privacy Policy.
The user has the right to withdraw their consent at any time, without compromising the lawfulness of the processing of their personal data before the withdrawal. The withdrawal of consent can be made by e-mail: contato@sysphera.comq, or by mail sent to the following address:

Rod. José Carlos Daux, 5500, Campeche B, 218
Saco Grande, Postal Code 88032-005

The consent of those relatively or totally incapable, especially children under the age of 16 (sixteen), can only be made, respectively, if properly assisted or represented.

The processing of personal data without the user’s consent will only be carried out on the grounds of legitimate interest or for the cases provided for by law, i.e., not limited to, the following:

  • For the controller’s compliance with legal or regulatory obligations;
  • For studies by a research agency, ensuring, whenever possible, the anonymization of personal data;
  • When necessary for the performance of a contract or preliminary procedures related to a contract to which the user is a party, at the request of the data subject;
  • For the regular exercise of rights in lawsuits, administrative or arbitral proceedings, the latter pursuant to Law 9307 of September 23, 1996 (Arbitration Law);
  • To protect life or physical safety of the data subject or third parties;
  • To protect health, in procedures performed by health care professionals or health authorities;
  • When necessary to meet the legitimate interests of the controller or third party, except where fundamental rights and freedoms of the data subject prevail that require the protection of personal data;
  • For the credit protection, including the provisions of the relevant legislation.
4.3. Purposes of personal data processing

The user’s personal data collected by the application are intended to facilitate, streamline and fulfill the commitments established with the user and to enforce the requests made by filling out forms.

The personal data may also be used for commercial purposes, to customize the content offered to the user, as well as to support the application to improve the quality and operation of its services.

The processing of personal data for purposes not provided for in this Privacy Policy will only occur upon prior notice to the user, and in any case, the rights and obligations provided herein will remain applicable.

4.4. Retention period of personal data

The user’s personal data will be retained for a period no longer than is required to fulfill the purposes for which they are processed.

The retention period of data is defined according to the following criteria:
Any data collected will be retained for as long as required for the user to use SYSPHERA software.

The users’ personal data can only be retained after the end of its processing in the following cases:

  • For the controller’s compliance with legal or regulatory obligations;
  • For studies conducted by a research agency, ensuring, whenever possible, the anonymization of personal data;
  • To transfer to a third party, provided that the data processing requirements provided for in the legislation are met;
  • For the exclusive use of the controller, with access by third parties prohibited, and provided that the data are anonymized.
4.5. Recipients and transfer of personal data

The user’s personal data shall not be shared with third parties. Therefore, they will only be processed by this application.


5. Personal data processing
5.1. The data controller

The controller, responsible for processing the user’s personal data, is the natural or legal person, public authority, agency or other body that, individually or in conjunction with others, establishes the purposes and means of processing personal data.

In this application, the controller of the personal data collected is SYSPHERA TECNOLOGIA LTDA., represented by its Data Protection Officer, who can be contacted by email: contato@sysphera.com or at the address:

Rod. José Carlos Daux, 5500, Campeche B, 218
Saco Grande, Postal Code 88032-005
The application also has the following controllers to process the personal data collected:

SYSPHERA TECNOLOGIA LTDA.
The controller responsible for data processing will be directly in charge of processing the user’s personal data.

5.2. Data protection officer

The data protection officer is the professional in charge of informing, advising and controlling the data controller, as well as the employees processing the data, regarding the application’s obligations pursuant to GDPR, the Personal Data Protection Act and other data protection provisions present in national and international legislation, in cooperation with the competent supervisory authority.
In this application, the data protection officer is DPO/SYSPHERA, which can be contacted by email: contato@sysphera.com.


6. Security in processing the user’s personal data

The application undertakes to apply technical and organizational measures to protect personal data from unauthorized access and from situations of destruction, loss, alteration, communication or dissemination of such data.

To ensure security, solutions will be adopted that take into account: the appropriate techniques; the implementation costs; the nature, scope, context and purposes of processing; and the risks to the user’s rights and freedoms.

The application uses SSL (Secure Socket Layer) certificate, which ensures that personal data is transferred securely and confidentially, so that the transfer of the data between the server and the user, and in feedback, occurs in a fully encrypted way.

However, the application disclaims liability for the sole fault of a third party, such as in the event of a hacker or cracker attack, or the sole fault of the user, such as in the event when they transfer their data to a third party. The application also undertakes to notify the user in a timely manner in the event of any kind of breach in the security of their personal data that may cause them a high risk for their personal rights and freedoms.

The breach of personal data is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data transferred, stored or otherwise processed.

Finally, the application undertakes to handle the personal data of the user with confidentiality, within the legal limits.


7. Cookies

Cookies are small text files sent by the application to the user’s computer and which are stored there, with information regarding the app’s browsing.

Through cookies, small amounts of information are stored by the user’s browser so that our server can read them later. For example, data about the device used by the user as well as its location and time of access to the application can be stored.
Cookies do not allow any file or information to be extracted from the user’s hard drive, and it is not possible yet, through them, to have access to personal information that has not come from the user or from the way how they use the application’s resources.

It is important to note that not every cookie contains information that allows the user to be identified, and certain types of cookies can be used simply to load the application correctly or for its functionality to work as expected.

The information possibly stored in cookies that allows the identification of a user is considered personal data. Therefore, all the rules provided for in this Privacy Policy are also applicable to it.

7.1. Application Cookies

The application cookies are those sent to the user’s and administrator’s computer or device solely by the app.

The information collected through these cookies is used to improve and customize the user experience, and some cookies may, for example, be used to remember the preferences and choices of the user, as well as to offer customized content.

This navigation data can also be shared with any partners of the application, aiming at improving the products and services offered to the user.

7.2. Social Media Cookies

The application uses social media plugins, which allow accessing them from the application. Thus, by doing so, the cookies used by them can be stored in the user’s browser.

Each social media has its own privacy and personal data protection policy, and the individuals or legal entities that hold them are responsible for the data collected and the privacy practices adopted.

The user may search, in the social media, information about how their personal data are handled. For information purposes, we provide the following links, from which the privacy and cookie policies adopted by some of the main social medias may be referred:

Facebook
https://www.facebook.com/policies/cookies/

Twitter
https://twitter.com/pt/privacy
Instagram: https://help.instagram.com/1896641480634370?ref=ig

YouTube
https://policies.google.com/privacy?hl=pt-BR&gl=pt

Google+
https://policies.google.com/technologies/cookies?hl=pt

Pinterest
https://policy.pinterest.com/pt-br/privacy-policy

LinkedIn
https://www.linkedin.com/legal/cookie-policy?trk=hp-cookies

7.3. Management of cookies and browser settings

The user may object to the registration of cookies by the application by disabling this option in their own browser or device.

Disabling cookies, however, may affect the availability of some tools and features of the application, compromising its correct and expected operation. Another possible consequence is the removal of the user’s preferences that may have been saved, impairing their experience.

Below are some links to the help and support pages of the most used browsers, which can be accessed by the user interested in obtaining more information about the management of cookies in their browser:

Internet Explorer
https://support.microsoft.com/pt-br/help/17442/windows-internet-explorer-delete-manage-cookies

Safari
https://support.apple.com/pt-br/guide/safari/sfri11471/mac

Google Chrome
https://support.google.com/chrome/answer/95647?hl=pt-BR&hlrm=pt

Mozilla Firefox
https://support.mozilla.org/pt-BR/kb/ative-e-desative-os-cookies-que-os-sites-usam

Opera
https://www.opera.com/help/tutorials/security/privacy/


8. Complaint to a supervisory authority

Notwithstanding any other administrative or court appeal, all data subjects have the right to file a complaint with a supervisory authority. The complaint may be filed to the authority of the application’s headquarters, the user’s country of usual residence, their place of work, or the place where the infringement was allegedly committed.


9. Amendments

This Privacy Policy was last updated on September 1, 2020.

The publisher reserves the right to modify these rules at any time, especially to adjust them to the evolutions of SYSPHERA application and all its versions, either by providing new features or by removing or modifying those existing ones.
The user will be explicitly notified if this policy is changed.

By using the service after any modifications, the user demonstrates their agreement with the new standards. If they disagree with any of the modifications, they must immediately interrupt access to the application and submit their caveat to the service, if they so wish.


10. Applicable law and jurisdiction

For the resolution of disputes arising from this instrument, Brazilian law will be fully applied. Any disputes shall be filed in the jurisdiction where the application’s publisher is located.