Introduction

iStampic respects the requirements imposed by the laws in force, observing the principles of security and privacy in the processing of personal data. All information collected during registration is only what is necessary to complete the commercial transaction. The customer may authorize, if they so choose, the subscription to our newsletter, allowing us to send our campaigns, promotional actions, or satisfaction surveys.

iStampic does not share your personal data with other companies or brands for other commercial purposes under any circumstances.

Types of Personal Data

The data collected in the context of professional activity are those contained in the contact forms on our website.

How Do We Collect Your Personal Data?

• Through our website;
• When you subscribe to receive our newsletters, giving us your consent.

Basis and Purposes of Processing

• Marketing and Sales purposes, such as marketing campaigns, events, promotions, information about new or current services and/or products, satisfaction surveys;
• Pre-contractual measures and/or execution of a service provision contract;
• Provision of contracted services and customer management;
• Compliance with legal obligations;
• When processing is necessary to comply with legal obligations, such as responding to judicial, regulatory, and supervisory entities, among others;
• Legitimate interest;
• When the processing of personal data corresponds to a legitimate interest, such as data processing for quality service improvement, fraud detection, etc.

Retention Period

We retain your data only for the period necessary for the purpose for which it was collected.

User Rights

The user may exercise their rights of access, updating, deletion, limitation, objection to their use for commercial purposes by the company, and withdrawal of consent at any time, without compromising the lawfulness of processing carried out under such consent, as well as the right to data portability through a request by any of the means indicated above.

The data subject may also file complaints about data processing with the National Data Protection Commission.

Data Transmission

The processing of user data may be carried out by a suitable service provider contracted by our company. When this happens, appropriate measures are taken to ensure that the entities with access to the data offer the highest guarantees regarding data protection.

Thus, any subcontractor will process users’ personal data on behalf of our company, strictly complying with legal norms on personal data protection, information security, and other applicable regulations.

International Data Transfers

Our company may transfer your user data outside the European Economic Area (EEA) for the purposes described. In these cases, it will strictly comply with applicable legal provisions, particularly concerning the adequacy of the destination country(ies) regarding personal data protection and the applicable requirements for such transfers.

Automated Decisions

Our company may create user profiles, enabling automated decisions based on personal characteristics, preferences, behavior history, and location. In these cases, the user has the right to obtain human intervention in the decision, express their viewpoint, and contest the decision made.

Personal Data Protection Measures

Our company applies various appropriate technical and organizational measures to protect users’ personal data.

Changes to the Privacy Policy

Occasionally, our company will update this Privacy Policy. We encourage you to periodically review this document to stay informed.