Global Stroke Alliance
Global Stroke Alliance
Certificates

PRIVACY POLICY

OBJECTIVE

To notify all Global Stroke Alliance clients and personnel on the application of the General Law for the Protection of Personal Data  (“LGPD”, Portuguese abbreviation).

SCOPE

This document applies to all Global Stroke Alliance clients and personnel.

PROCESS DESCRIPTION

Global Stroke Alliance collects and processes the personal data of clients as part of the provision of e-commerce services and product and service marketplace. Toward this end, Global Stroke Alliance’s Personal Data and Privacy Policy (henceforth simply “Privacy Policy”) is aimed at helping our clients understand which personal data we collect, how it’s collected and the reasons why, along with whom it is shared and how we protect their privacy when using our services.

Using the Global Stroke Alliance platform (or any of the websites or applications) and any other products, social networks, software services, tools, applications, recourses or functions offered on or through a website, or mobile application (collectively “Site” or “Sites”) will be considered expressed consent for the collection, use and sharing of personal information as established in this Privacy Policy. Note that if you choose to share your information in an open format, such as through third-party websites, like Facebook, Instagram or other social media, this information will be considered public and not personal.

WHY?

Global Stroke Alliance is committed to protecting the security and privacy of its clients. As such, it has prepared this Privacy Policy aimed at reaffirming its commitment to and respect for personal data privacy and protection regulations.

We wish to notify our clients about the general privacy regulations and the terms on processing data we collect, all in strict accordance with applicable legislation, namely Law number 13,709, dated August 14, 2018 (General Law for the Protection of Personal Data, or simply “LGPD”).

Global Stroke Alliance strives to maintain best practices in matters concerning personal data security and protection, while also promoting and raising awareness about the best practices within this scope, enhancing systems to protect the data provided by clients, in strict accordance with legal requirements.

Completing data collection forms and directly or indirectly providing data imply knowledge of the conditions of this policy, of any other terms, policies and specific conditions relative to the services provided.

WHAT IS PERSONAL DATA?

Personal data includes any information relative to an identified or identifiable individual (data subject), of any nature and regardless of respective support. An identifiable individual is a person that can be identified directly or indirectly, namely due to an identification number or other elements specific to their physical, physiological, psychic, economic, cultural or social identity.

Personal data may be distinctive in specific situations, which the LGPD classifies as “sensitive data”. Such data may refer to racial origin or ethnicity of the data subject, their political opinions, religious and philosophical view, genetic information, biometric indicators, sex life, sexual orientation or health.

OTHER IMPORTANT DEFINITIONS

  1. Data subject consent – a freely given, specific, informed and explicit expression of will whereby the data subject agrees, by means of a statement or unequivocal positive act, to the processing of their personal data;
  2. Controller: An individual or legal entity, under public or private law, responsible for decisions concerning the processing of personal data;

iii. Profiling – any form of automated personal data processing that involves the use of such personal data to classify an individual in a specific category, according to their professional performance, economic situation, health, personal preferences, interests, behavior, location or movements;

  1. Data Protection Officer (DPO) – an individual or legal entity appointed by an organization to ensure compliance with the LGPD when processing personal data, ensuring efficient communication with data subjects and cooperation with supervisory authorities, as well as liaising with the different areas of activity within Global Stroke Alliance. The DPO does not receive instructions regarding the performance of duties, reporting directly to the governing bodies of the appointing entity;
  2. Data processing officer – an individual or legal entity, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing personal data;
  3. Third Party – an individual or legal entity, service or body other than the data subject, the Controller, the Operator and people who, under the direct authority of the Controller or the Operator, are authorized to process personal data;

vii. Data subject – an identifiable or non-identifiable individual to whom the personal data pertains;

viii. Processing – an operation or set of operations performed on personal data or on sets of personal data, by automated or non-automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, limitation, erasure or destruction;

  1. Operator: An individual or legal entity, under private or public law, that conducts processing at the behest of the controller;
  2. Personal data violations – security violation that, whether accidentally or unlawfully, causes the destruction, loss, alteration, dissemination or leads to unauthorized access to personal data transferred, stored or subject to any form of processing;
  3. Pseudonymization – the processing of personal data in such a way that they can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures to ensure that personal data cannot be attributed to an identified or identifiable individual;

xii. Anonymization – a technique resulting from processing personal data in order to remove sufficient elements from the data to no longer be able to identify the data subject, irreversibly. More precisely, the data must be processed in such a way that they can no longer be used to identify an individual employing all reasonable means, whether by the controller or by a third party.

xiii. National Data Protection Authority – A public body responsible for overseeing, implementing, and supervising compliance with the law;

WHO IS RESPONSIBLE FOR PROCESSING YOUR PERSONAL DATA?

The present Privacy Policy aims to make clients aware of the terms of Global Stroke Alliance’s personal data processing, determining the purposes and means of processing data in the context of providing services, e-commerce, social networks and marketplace, and as such, according to the LGPD, it shall be considered a Controller.

Thus, when serviced by an independent third party on behalf and by order of Global Stroke Alliance, this third party shall be considered an Operator according to the LGPD. As such, in the event of any question regarding client data privacy, we kindly request that the third party also be identified, when applicable, to ascertain any possible infraction, malice, negligence, imprudence or malpractice.

Under the terms of this Policy, Global Stroke Alliance clients are aware of the responsibilities regarding information provided about personal data of users of the website, social networks and other online channels, who assume the risk in case of documentation and/or incomplete information of Global Stroke Alliance users and clients registered on the platform.

WHICH PERSONAL DATA WE COLLECT AND HOW

Global Stroke Alliance collects personal data provided by clients that can identify them. This collected information may vary according to your use of Global Stroke Alliance, as well as the type of information you choose to share.

We collect your personal information when you use our websites and social networks or when you contact us through other means, such as: (i) visiting/browsing on our websites; (ii) completing forms on our sites; (iii) attending and/or completing forms at an event; (iv) placing or attempting to place an order; (v) registering an account/as a customer; (vi) sending us an email; (vii) participating in promotions or surveys; (viii) communicating with or reporting to a customer service representative; (ix) forwarding information to a friend; and (x) registering for an event.

In particular, we may collect the following categories of personal information:

  • Personal identifiers: name, nickname, address (billing/shipping/contact), email address, phone number, credit card number, debit card number, ID/Individual Tax Number/Corporate Tax Number, signature, bank account number.
  • Transaction history: products purchased, obtained or considered.
  • Communication Data: audio and electronic content.

Automatically Collected Information

We collect personal information about you.

We may use some information collected about you and the services you use to help us personalize and improve your experience. In particular, we may collect the following categories of personal information (independently or through marketing service providers):

  • Device identifiers: internet protocol (IP) address, browser type, operating system, domain name, unique device ID.
  • Location data: physical location and inferred country.
  • Internet or other similar network activity (through cookies, web beacons and pixel tags): browsing history, search history, information about your interaction with our sites, application, marketing emails or advertisements.

Information Collected From Other Sources

Some information we collect is publicly available. We may collect information about you from other companies and data aggregation organizations. By collecting additional information about you, we can correct inaccurate information, enhance the security of your transactions, and provide product recommendations and special offers that are likely to be of interest to you.

  • Inferences drawn from other personal information: profile reflecting an individual’s preferences, characteristics, psychological tendencies, predispositions, behavior, and attitudes.

All of the information collected is cumulative for Global Stroke Alliance and its Operators to provide a better service.

CATEGORY OF DATA PROCESSED, MEANS AND FORMS OF COLLECTION

 

 

The client will always be duly informed of the obligation to provide this data to continue the registration process with Global Stroke Alliance.

When a client registers WITH Global Stroke Alliance, the following data is collected: Full Name, Corporate Name, Trade Name, Full Address, CNPJ (Corporate Tax ID Number), CPF (Individual Taxpayer ID number), RG (ID number), IE (State Registration Number), Telephone Number, Form of Capture, Name of the Responsible Person, Telephone Number, Cell Phone Number, E-mail Address, Date of Registration, Password (Encrypted), Code, Logo, data on Employees, Service Providers, and Suppliers, agreements, bank information, Date of Birth, Files (Articles of Incorporation, among others).

 

WHAT IS THE REASON FOR COLLECTING YOUR PERSONAL DATA?

 

 

Client personal data are processed so that Global Stroke Alliance can offer better business management, commercial and digital marketing services.

For this to happen, it is often necessary to crosscheck the data we collect, so that the marketing actions are directed to what the client expects to receive from Global Stroke Alliance.

To this end, we use personal data to communicate and manage our relationships with clients. As such, we may contact you by letter, email, social media, SMS, instant messaging apps and other channels that we deem appropriate for administrative or operational reasons, for example, to send you news that may be of interest to you. We will also use your personal data to respond to your requests, suggestions or contacts to improve our services and your experience as a Global Stroke Alliance client.

  • We may use the categories of personal information mentioned above for one or more of the following business purposes:
  • To process your request for information (e.g., products/services, cooking demos, Independent Consultant opportunities).
  • To process product and service transactions and to send you notices about your transactions.
  • To provide sales and customer service support, and quality assurance.
  • To fulfill or serve the purpose for which the information is provided. For example, if you provide us with your bank information to receive commission payments, we use this information to transmit commission payments.
  • To provide targeted marketing and advertising, service update notices, and make promotional offers based on your communication preferences.
  • To provide sales support.
  • To permit e-mails to friends. We may provide functionalities that allow you to send messages about site-related content to a friend through the site. If you wish to use this feature, you may provide us with your friend’s e-mail address so that we can facilitate sending the message to said friend.
  • To verify your identity, including account-related questions.
  • To send you administrative communications regarding the site, service-related announcements, etc., that are necessary as part of the service, to respond to your concerns, and to provide the high level of customer service that Global Stroke Alliance offers. Because this information may be important to our use, you may not opt out of receiving such communications unless you explicitly withdraw your consent to our use of your personal information as described in this Privacy Policy.
  • To review/manage our use and operations and for compliance with our Terms of Use and the law.
  • To resolve problems related to our business or services.
  • To contact you at any phone number, via voice call or text messages (SMS / WhatsApp / Telegram) or email, as authorized by our Terms and Conditions.
  • To detect, prevent or investigate security breaches, fraud or other suspicious/prohibited/illegal activity; or violations of our Privacy Policy.
  • To maintain appropriate records for internal administrative purposes.
  • To provide important information about product security.
  • We use your IP address, and the IP addresses of all users, to calculate usage levels, help diagnose problems with servers, administer the site, analyze trends, internal statistics/research, and also to detect and prevent suspicious activity, track traffic patterns and gather demographic information for aggregate use.
  • To improve our digital channels and present content to you.
  • For testing, research, analysis and product development.
  • As described to you when we collect your personal information.
  • We may use these technologies to collect information for a variety of purposes, such as analyzing how our digital channels are used, personalizing your experience with us, or improving our content or offerings. Your browser may provide tools to block or delete cookies. However, if your browser is set to reject cookies or you delete them manually, you may experience some problems accessing and using some of the pages and features that are currently on our digital platforms, or that we may activate in the future. (cookies)

 

ON WHAT BASIS DO WE PROCESS YOUR PERSONAL DATA?

Global Stroke Alliance will process your personal data only when duly entitled to do so. In order for the processing of personal data to be lawful, the LGPD requires a suitable legal basis for each specific act of processing.

With regard to your data processed by Global Stroke Alliance to improve our services and to meet our administrative and quality objectives, the suitable legal basis is the pursuit of the legitimate interests of the Controller, as well as Contractual Compliance, where applicable, in addition to the client’s consent. This implies that data subjects may object to the processing of their data for the above purposes under the LGPD if they provide valid reasons relating to their particular situation. In such an event, the Controller may provide legitimate reasons justifying the continuation of such processing, in which case it reserves the right to continue processing their data for these purposes, such as in cases where such processing is necessary for the establishment, exercise or defense of a right in a legal proceeding.

As regards data processing conducted by Global Stroke Alliance in the context of compliance with legal obligations, the legal basis for processing – mostly data communications to external entities – is the need to comply with the legal obligations of the Controller, including contractual compliance or legitimate interest.

WHICH PROFESSIONALS FROM GLOBAL STROKE ALLIANCE HAVE ACCESS TO YOUR DATA?

Global Stroke Alliance permanently observes the principles of privacy by design when processing personal data. Among other things, this commitment implies that your personal data will only be accessible to those who require them to perform their functions, strictly to the extent necessary to pursue the purposes of processing already listed above.

HOW LONG WILL YOUR PERSONAL DATA BE STORED?

Personal data of Global Stroke Alliance clients are processed in strict compliance with the applicable legislation and stored in specific databases. Such data is kept in a format that permits data subject identification only for the period necessary for the purposes for which they are processed.

The period for which data is stored and retained varies according to the purpose for which the information is used. There are, however, legal requirements that oblige us to retain data for a certain period. Several deliberations from data protection control authorities, namely the National Data Protection Authority – ANPD, are used as a basis for determining the necessary retention period.

WHAT ARE THE RIGHTS OF DATA SUBJECTS?

Under applicable law, a data subject may at all times request access to their personal data, as well as the rectification or portability of said data, directly via the Global Stroke Alliance email, or by contacting Global Stroke Alliance in person.

You also have the right to:

  • Request details about the categories of personal information collected about you and, if permitted and practical, a copy of the personal information (data portability).
  • Request the exclusion of any personal information we have collected from you, subject to certain exceptions. Once your request is verified, we will proceed with exclusion unless an exception applies. We may deny your request for exclusion if retention of the information is necessary for us or our service providers to:
  • Complete the transaction for which the personal information was collected, provide a product or service you have requested, perform reasonably anticipated actions in the context of our ongoing business relationship with you, or otherwise fulfill our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activities, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise freedom of speech, ensure the rights of other clients to exercise free speech, or another right provided by law.
  • Comply with the LGPD and relevant legislation.
  • Engage in public or scientific, historical, or peer-reviewed statistical research of public interest that complies with all other applicable ethics and privacy laws if exclusion of the information would likely make it impossible or seriously impair the research, if having previously provided your consent.
  • Allow only internal uses that are reasonably in line with client expectations based on their relationship with us.
  • To comply with legal obligations.
  • To use such information for other legal and internal purposes that are consistent with the context in which you provided it.

Without prejudice to any other administrative or judicial recourse, data subjects have the right to lodge a complaint with the ANPD or another competent supervisory authority under the terms of the law, should they consider that their data is not being legitimately processed by Global Stroke Alliance, under the terms of the applicable legislation and this Policy.

WHAT SECURITY MEASURES ARE TAKEN BY GLOBAL STROKE ALLIANCE?

Global Stroke Alliance is committed to ensuring the confidentiality, protection and security of its clients’ personal data by implementing appropriate technical and organizational measures to protect data against any form of improper or illegitimate processing and any accidental loss or destruction. To this end, we have systems and equipment in place to ensure the security of processed personal data, creating and updating procedures to prevent unauthorized access, accidental loss and/or destruction, while undertaking to comply with legislation on the protection of clients’ personal data and to process such data only for the purposes for which they were collected, as well as to ensure that these data are processed with adequate levels of security and confidentiality.

Global Stroke Alliance may, in some cases, transmit your personal data to third parties. Global Stroke Alliance has defined clear contractual rules on the processing of personal data with its operators and requires them to take appropriate technical and organizational measures to protect your personal data. However, in some cases, we may be required by law to disclose your personal data to third parties (such as control authorities) over whom we have limited control regarding the protection of personal data.

Global Stroke Alliance’s information database may become available to strategic business partners, geared towards generating mutual benefits, such as the provision or improvement of our products, services and advertising.

Global Stroke Alliance is not responsible for the use and processing of client data collected and shared by business and economic partners, while Global Stroke Alliance or the partner is responsible for correctly processing and using said data.

It may be necessary for Global Stroke Alliance to disclose your personal information by law, legal process, litigation and/or requests from public and governmental authorities within or outside your country of residence. We may also disclose your information if we determine that for purposes of national security, law enforcement or other issues of public importance, disclosure is necessary or appropriate.

We may also disclose your information if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users.  In addition, in the event of reorganization, merger or sale, we may transfer any personal information we collect to relevant third parties.

UNDER WHAT CIRCUMSTANCES IS DATA SHARED WITH OTHER ENTITIES?

Global Stroke Alliance uses other entities to provide certain services. Occasionally, these services may involve allowing these entities to access clients’ personal data. This is the case for entities providing Global Stroke Alliance with IT support services.

Any entity characterized as a Global Stroke Alliance Operator will process our clients’ personal data, on our behalf and our account, in strict compliance with our instructions. Global Stroke Alliance ensures that entities characterized as Operators provide sufficient guarantees to implement appropriate technical and organizational measures so that processing complies with applicable law and ensures the security and protection of the rights of the data subjects under the terms of the outsourcing agreement held with such Operators.

Global Stroke Alliance may also transmit personal data about its clients to third parties where it deems such communications necessary or appropriate:

  1. in light of applicable law,
  2. contractual compliance;

iii. legitimate interest;

  1. in fulfilling legal obligations/judicial orders, and;
  2. to respond to requests from public or government authorities.

To this end, Global Stroke Alliance may transmit your personal data to any Contracting Public Entity, the Courts, Solicitors, criminal police bodies or the Public Prosecutor’s Office when notified to do so or when necessary for the fulfillment of legal obligations as provided by law.

Global Stroke Alliance may also transmit your personal data to contracted service providers that support our business operations, such as processing non-cash payments, sales/use tax calculations, bill collection, sending marketing communications, customer service, administering promotions/contests/ sweepstakes, event management/planning, IT hosting, maintenance products, conducting surveys, order fulfillment, data aggregation, and technology services. Our agreements provide that these service providers only use your information in connection with the services they provide to us and not for their benefit.

Please note that our service providers may be located in foreign jurisdictions and your personal information may be subject to the laws of those foreign jurisdictions and accessible to law enforcement and other authorities.

In any of the situations mentioned above, Global Stroke Alliance undertakes to take all reasonable steps to ensure the effective protection of the personal data it processes.

 

CONTACT US

You can contact the Global Stroke Alliance Data Protection Officer (“DPO”) for further information about the processing of your personal data, as well as any questions related to the exercise of your rights under applicable law and in particular those referred to in this Privacy Policy, at the following contact details: e-mail [email protected].

THE RIGHT TO NON-DISCRIMINATION FOR THE EXERCISE OF PRIVACY RIGHTS

We will not discriminate against you for exercising any of the rights described above. This includes, but is not limited to: (i) deny you goods or services; (ii) charge you different prices or fees for goods or services, including through the use of discounts or other benefits or the imposition of penalties; (iii) provide a different level or quality of goods or services; or (iv) suggest that you will receive a different price or fee for goods or services or a different level or quality of goods or services.

SOCIAL MEDIA

We are on social media sites like Facebook, Twitter, Pinterest, Instagram, Google, LinkedIn, Tik Tok, Clubhouse and YouTube. All of these companies operate third-party websites. We provide access to our digital platforms by third parties and business partners so that we can generate interest in our products among members of your social networks and allow you to share interest in the products with friends in your network. The use of any features made available to you on our digital platforms by third parties may result in information about you being collected or shared by us or by third parties.  If you do not want us to have access to information about you on third-party websites, you must notify the third-party platforms not to share the information. We cannot control how your data is collected, stored, used or shared by third-party websites or to whom it is disclosed. Be sure to review the privacy policies and privacy settings on your social media sites to make sure you understand the information they are sharing. If you do not want a third-party website to share information about you, you should contact that website and find out if it offers you the opportunity to opt out of sharing that information. Global Stroke Alliance is not responsible for how third parties may use information collected from or about you.

UNDERAGE USE

Our digital platforms or online services are not intended for use by anyone under the age of 18. If you are a parent or guardian and believe we may have collected information about your child, please contact us at [email protected].

INTEREST-BASED ADVERTISING

We may partner with ad networks and other ad serving providers (“Ad Providers”) who serve ads on our and others’ behalf on unaffiliated websites. Some of these ads may be personalized, which means that they are intended to be more relevant to you based on the information that the Ad Providers collect about your visits to this Site and other sites over time.

THIRD-PARTY WEBSITES AND PLUG-INS

Our digital platforms may contain links to third-party websites or applications that are not affiliated with Global Stroke Alliance and which may follow different privacy policies. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements before disclosing any personal information. Please contact these sites directly if you have any questions about their privacy policies. This Site may include social media tools, such as social networking and blogging tools offered by third parties. If you use these tools to share information about your use of the site or otherwise interact with social media features on the site, these third-party social media companies may collect information about you and may use and share such information in accordance with their policies, including sharing such information with the general public.  Your interactions with third-party social media companies and use of their features are governed by the privacy policies of the social media companies providing those features. We encourage you to carefully read the privacy policies of any social media account you create and use.

HOW DO I KNOW ABOUT CHANGES TO THE PRIVACY POLICY?

Global Stroke Alliance reserves the right to make modifications or updates to this Privacy Policy at any time and such changes will be duly updated on our platforms.  We suggest you check them regularly to learn of any changes.

COOKIE POLICY

We use cookies to personalize content and ads, provide social media features and analyze our traffic. We also share information about your use of the site with our social media, advertising and analytics partners. Click on “Cookie Settings” to update your personal cookie preferences.

ADVERTISING COOKIES

These cookies may be set through our website by our social media advertising partners. These companies can use them to build a profile of your interests and show you relevant ads on other websites. These cookies may also be used to allow you to share pages and content you find interesting on our websites through third-party social networks and other websites. They do not store personal information directly but are solely geared towards identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising and may not be able to share pages or content that you find interesting through third-party social networking sites.

FUNCTIONALITY COOKIES

These cookies allow for advanced website functionality and personalization. They may be created by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

ANALYTICAL COOKIES

These cookies allow us to count visits and traffic sources so that we can measure and improve the performance of our website. They show which pages are the most and least popular and how visitors browse the site. All information collected by these cookies is aggregated and therefore anonymous. Disallowing these cookies prevents us from learning when you have visited our site, and we will be unable to monitor performance.

STRICTLY NECESSARY COOKIES

These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually just a set in response to actions taken by you linked to a request for services, such as setting your privacy preferences, logging in or filling out forms. You can set your browser to block or alert you about these cookies, however, certain site functionalities may not then work. These cookies do not store any personally identifiable information.

COOKIES AND YOUR PRIVACY

When you visit any website, information may be stored or retrieved in your browser, primarily in the form of cookies. This information can be about you, your preferences or device and is primarily used to make the site function as you expect it to. The information does not usually identify you directly, but it may provide a more personalized web experience. Because we respect your right to privacy, you may choose to block certain types of cookies. Click on the different category headings to learn more and change our default settings. However, certain types of cookie blocking may affect your experience on the website and the services we offer.

Hit the space bar to “click”, declaring “I agree with the above terms” thereby authorizing data processing under the terms of art. 7, item I of law 13,709/2018.

As required by law, acceptance must be given in writing, or in another form that demonstrates manifestation of the holder’s will.

Sponsors

Diamond
Gold
Silver