The new General Data Protection Law – LGPD (Law 13.709)
We in the Dimed Group* have always made sure to protect our customers’ data. Diligence and care for your privacy have been routine for us for many years, and now that the LGPD is in force, we are ensuring compliance with the requirements of the new law.
In practice, this means that the Dimed Group* will continue to process your personal information correctly and securely while at the same time adopting new procedures to document our diligence and guarantee you the rights to which you are entitled under the LGPD.
The Policy is intended to describe:
- the sort of personal information we collect about you;
- how we collect and use this data;
- who we can share your data with;
- your rights as the data subject.
What principles do we follow in processing data?
The Dimed Group* processes your personal data in accordance with the principles of good faith, appropriateness, necessity, free access, quality of information, security prevention, non-discrimination and, above all, transparency.
What is the basis for processing your personal data?
All processing of personal data, whether or not sensitive, by the Dimed Group* will be based on legal provisions and will be consistent with the purpose for which it was collected. Your personal data will be processed in order to: (i) comply with legal or regulatory obligations, (ii) duly exercise our rights in court cases, (iii) when necessary, perform a contract signed with you or take the action required to execute it, (iv) protect credit, (v) serve the legitimate interests of the Dimed Group*, (vi) protect your health or (vii) prevent fraud.
In other cases, your consent will be required for us to process your information.
Information we receive from you:
- registration data for relationship programs, e.g., name, mother’s name, gender, and date and place of birth;
- contact details for delivering products: phone number or address;
- marketing research – information and opinions collected in surveys by the Dimed Group*;
- other information collected in registration forms or communicated to us by email, phone etc.;
- information collected through cookies;
- information collected from other sources
- information obtained to prevent fraud;
- manifestly public information.
How do we use your data?
We may process your data for the following purposes:
- to confirm your identity and address;
- to improve your experience as a customer of the Dimed Group*;
- to provide the services and products we offer efficiently;
- to ensure your security;
- to send marketing material;
- to offer products and services that might be of use to you, but giving you the right to opt not to receive such information;
- to meet any requests that you may submit through our customer service channels;
- to construct a database for statistical purposes, in order to build up a knowledge base;
- to prevent fraud;
Panvel, as an authorized pharmacy, and the Dimed Group* itself, have a duty to ensure that certain products, such as drugs, are sold in accordance with the law, both in stores and online. For this purpose, it will be necessary, in certain circumstances, that you provide us with sensitive information, such as a doctor’s prescription, so that we can sell certain products. This information will be safeguarded and deleted after the period we are required by law to retain it.
With whom may we share this information?
Your personal information will be shared in exceptional cases in order to comply with legal or regulatory obligations or if you so request. We may also share your data with other Dimed Group companies, partner institutions, and information technology suppliers. A good example of this is if we share your data with firms specializing in the identification of fraud when you use our e-commerce facilities.
How do cookies work?
- give you a better experience and provide personalized resources such as directed advertising and additional information that may interest you;
- improve our understanding of how you browse through our websites so that we can make improvements;
- assess the advertising and promotional efficacy of our websites.
- we use our own (first-party) cookies and third-party cookies from partner companies to support these activities.
The length of time they will be kept in your browser depends on the type of cookie. Some will be kept only as long as you are online, and others for a longer period.
For how long do we keep your data?
We will keep your data at least as long as you have a relationship with us. After it ends, we will keep your data for the time required to comply with the legislation.
What precautions have been introduced to protect your data?
To protect your information, we have adopted security measures for processing all the personal data we collect, especially sensitive information. These technical and organizational measures have been introduced to prevent unauthorized access, accidental or intentional manipulation, and the loss or destruction of your personal data.
What rights do you have as the subject of this data?
The Dimed Group* will guarantee you, as the data subject, the exercise of the rights conferred on you by law, which include:
- confirmation that your personal data is being processed;
- access to the data;
- correction of incomplete, inaccurate or out-of-date information;
- anonymization, blocking or elimination of unnecessary or excessive information, or data not being processed in accordance with the LGPD;
- portability of your personal data at your express request;
- details of public and private entities with which Dimed Group* has shared your data;
- revocation of consent when applicable;
Please note that some of these rights still need to be detailed and regulated by the National Data Protection Authority in order that we can fully comply with them*.
*Rede de Farmácias Panvel, Dimed Distribuidora de Medicamentos, Dimesul, Lifar – Laboratório Industrial and Distribuidora.
Contact of the Person in Charge of Personal Data Processing at the Dimed Group*
To exercise your rights and obtain more information about the processing of your personal data, send an email to Ramiro Saraiva, our Head of Personal Data Processing, at firstname.lastname@example.org