Privacy, protection of Personal Data and its handling in a transparent, ethical, secure and responsible way are core values for us.
The present policy covers the treatment and your rights in regard to your personal data that DFL gives to information capable of identifying users, whether collected directly on this site or stored in its electronic database by other means of collection, such as registrations filled out on physical media or customer service inquiries.
other notices that may appear on the pages of this site, pertinent to this policy.
Here you will also find information about your rights in relation to your Personal Data, in accordance with the LGPD - General Law of Protection of Personal Data (Law No. 13,709/18) and other applicable legislation.
1.1. The "DFL site" is the web address for the institutional site (dfl.com.br) and "distributor's store" means the web address intended for e-commerce - electronic commerce intended for companies distributing DFL products (distribuidor.dfl.com.br), both domains are registered at the address (dfl.com.br).
1.2. The company DFL INDÚSTRIA E COMÉRCIO S/A is called DFL's as a whole, including its e- commerce portals, institutional site, platforms, applications and social networks.
1.3. "Customers" are all people who use the products and/or services offered by DFL, whether paid or not. "Users" are all persons who access and/or register on the DFL Sites, Platforms, Applications and/or social networks and are assigned an individual and unique identification.
1.4. "Individual identification" means all information that is not available to the general public and is assigned, in a personalized way, to a particular customer/user.
1.5. Examples of individual identification data are CPF or CNPJ numbers, CRO, contact data, billing data, among others that identify a person.
1.6. "Cryptography" is the name given to the process of encoding information. The coded information (scrambled) at the source and decoded at the destination, thus making it difficult to decipher them during Internet traffic..
1.7. "Cookies" are small text files that contain a unique identification tag placed on your computer by a website. In these files, various types of information can be stored, from the pages visited to the
data voluntarily provided to the site.
1.8. Controller: natural or legal person, of public or private law, who is responsible for decisions concerning the Processing of Personal Data.
1.9. Personal Data: information related to an identified or identifiable natural person.
1.10. Sensitive Personal Data: personal data concerning racial or ethnic origin, religious conviction, political opinion, membership of a trade union or of a religious, philosophical or political
organization, data concerning health or sex life, genetic or biometric data, when linked to a natural person.
1.11. Internet Protocol Address (IP Address): A code assigned to a terminal in a network to allow its identification, defined according to international parameters.
1.12. Sites and Applications: DFL Sites and Applications that can be accessed by Users.
1.13. Personal Data Holder: natural person to whom the processed personal data relates to.
1.14. Treatment: any operation performed with Personal Data, such as those relating to collection, production, receipt, classification, use, access, reproduction, transmission, distribution, processing,
filing, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination or extraction.
1.15. Users: all persons who visit and access
2.3. By using our services and providing your personal data after such changes, you consent to them.
2.4. DFL respects the privacy of visitors to this Site.
3. What information do we use and how do we collect it?
We process Personal Data of anyone who is or has been a customer or has had a relationship with us, is or was a representative, proxy, employee, partner of a customer, company or entity with which we have a relationship, or has entered into a transaction with us or with our customers, of persons with whom we intend to have a relationship or other holders of Personal Data.
The Personal Data we handle varies depending on the purposes of use, including those indicated in this Policy, and the activities we undertake. Such Personal Data includes registration and transactional data, such as:
registration data: name, date of birth, sex, RG, CPF and/or other identification documents such as driver's license, photo, home and work address, home, work and cell phone numbers, e-mail, profession, occupation, marital status, nationality, place of birth, PEP - politically exposed person, among others;
sensitive personal data: biometric data, including facial and/or digital, or other sensitive personal data in accordance with applicable law;
data about third parties: affiliation, representatives, represented parties, guarantor, counterparties, proxies, collaborators, partners, or beneficiaries of products and services;
information that we access to deliver a feature to you: if you consent and to enable certain features of our Sites and Applications, such as when we handle your photos and contact information to create and send you proof of payment;
information about browsing habits: pages and functionalities accessed on our Sites and Applications, number of clicks, pages and applications that originated access to our Sites and Applications (for example, if you access a site that has a link to our Sites and Applications, or if you access third party pages from links on our Sites and Applications);
data from social media and platforms: interactions you may have with our social networks, such as
Facebook, Twitter, Instagram, LinkedIn, and YouTube.
Data may be provided directly by you, collected in connection with the provision of services or products by DFL to you (or to you related) or may be provided by other DFL member companies or legitimate outside sources, as strategic partners, suppliers, service providers, public agencies, correspondents and companies or agencies with which DFL or you have a direct or indirect relationship. We may also obtain Personal Data and other information from public and/or publicly available sources, such as Internet, media, social media, and public records, and from other sources as permitted under applicable law.
The following are some examples of such situations.
- Data can be provided by you, for example, when filling out registrations, forms, proposals, simulations, memberships, contracting, accessing, searching or expressing interest in products and
- Data that we generate about you as a result of your relationship with DFL, such as information about your purchase and use of products and services or when you interact with us through our Sites, Applications, channels, outlets, centers and service locations.
- Data received from third parties are those provided by third parties about you, even if you are not a DFL customer, including companies or agencies with which DFL or you have a relationship, as well as suppliers and partners. Some examples of cases where this occurs are:
- - someone conducts a business transaction with you;
- when you are a beneficiary or User of a product contracted by a third party;
- the company or agency where you work provides us with information about you in order to provide products and services to you;
- a customer, counterparty, partner or service provider indicates you as their partner, representative, employee, proxy or contact;
- a partner or service provider provides us with information about you in order to offer or contract
products and services.
We seek information about you or confirm information you provide to us for our activities, such as performing or improving your registration and experience, preventing fraud, and meeting other legal obligations.
4. Obtaining the personal information
4.1. Personal information, capable of identifying users, is collected when they:
- register on the DFL site;
- interact with the various tools on the DFL site or social networks, providing the information voluntarily;
- when they pay for their order through the DFL site;
- and, by contacting the DFL site through the "Contact Us", "Work with Us", "Research Support", "Pharmacovigilance", "Virtual Promoter" channel, or through the registration field on the site's
4.2. Data is collected when the user voluntarily enters and/or submits when accessing and/or interacting with the features made available on the DFL site, which cover:
Purpose of Use
4.3. All personal data collected will be incorporated into the database of this site, and DFL will store them.
4.4. The data collected and the activity records will be stored in a secure and controlled environment for the minimum period set forth by law. The term for which DFL keeps Personal Data collected
4.5. If requested by the user, the data can be deleted before the legal deadline. However, data may need to be kept longer for legal reasons, court order, fraud prevention, credit protection and other legitimate interests, in compliance with the LGPD or other applicable law. Upon expiration and legal necessity, they will be deleted using secure disposal methods or used anonymously for statistical purposes.
4.6. DFL will be able to confirm the personal data informed by the user by consulting public entities, specialized companies, databases, for which it is expressly authorized. Such attitude, however,
does not cease or diminish the user's responsibility for the accuracy and veracity of the data he provides, for this reason, DFL may, at its sole discretion, suspend and/or cancel the user's registration, at any time, if it detects any inaccuracy.
5. Purpose for which the DFL Site Requests Personal Information
5.1. Commitment to keep your personal information under the most complete secrecy, linking it only to your registration and using it for:
- carrying out the delivery and collection of the products and services purchased on our site, as well as the identification of the respective recipient;
- getting generic statistics to identify our customers' profile and develop our campaigns;
- resolution of any legal issues related to the site.
5.2. The information requested from users is the minimum necessary for the site DFL to achieve its main purpose, which is to make available to the consumer information about its products and to
effect their purchases from distribution channels and the virtual store DFL. The information requested depends on the purpose of the registration and can be name, e-mail, specialty, company name, complete address, and CNPJ/CPF.
5.3. The user guarantees the truthfulness and accuracy of the information of the data he provides to the DFL site, assuming the corresponding responsibility in case they are not accurate, as well as
commits to keep them updated. The site DFL does not assume any responsibility in case of inaccuracy of the informed data.
5.4. The user who registers on the DFL site using third party data may incur the crimes of false identity and fraud, both foreseen in the Brazilian Penal Code, without prejudice to eventual liability under specific legislation.
5.5. The user may, at any time, request alteration and/or rectification of his/her data, simply by accessing his/her registration directly through the appropriate place, indicated on the DFL site.
6. Use of the information
6.1. Without prejudice to the other provisions described in this policy, by registering and accepting the policy, the user declares to be aware and agree that the DFL site may use the information
collected for the following general purposes:
- to enable interactivity between client user and administrator user;
- to inform about new events;
- to keep the users' records up to date for the purposes of contact by telephone, electronic mail, direct mailing, SMS, or other means of communication;
- to improve the usability and interactive experience while the user is browsing the site;
- to elaborate general statistics, without identifying the users;
- to respond to the doubts and requests of its users;
- to conduct research and communication campaigns and relationship marketing, as well as publicize partner offers.
7. Data from children and adolescents
7.1. Despite not being the object of DFL's activities, we reinforce that we do not consent the registration of children and adolescents in our sites.
8. Obtaining Navigational Information
8.1. Through cookies there is the recognition of the computers that access the sites and follow the user's navigation within our page, in order to personalize it according to each client's profile. You can disable the cookie from your computer at any time, or, also, configure your Internet browser to reject cookies. We point out, however, that this last hypothesis may limit some functionalities of the DFL site.
8.2. Operation: to ensure the correct access and operation of the applications;
8.3. Authentication: to recognize the user, enabling their access, including in areas of restricted access and also used to offer content, offers and/or strategic services;
8.4. Safety: to assist in the monitoring and detection of unauthorized activity, fraud prevention, and protection of user, user's, DFL, and third party information;
8.5. Research, analysis and performance: to verify, measure, and analyze the audience, performance, and user usage of the applications;
8.6. Propaganda: to present relevant advertising from DFL, partners and according to the user's profile and to know if users have viewed it, both in our environments and on partner sites, platforms and applications. Also used to remember any searches made by users and based on the results of these searches, display advertisements or offers for products, services, and initiatives that interest you.
Can I disable cookies and other forms of information collection?
You can disable or delete cookies, as well as collection technologies, in your browser settings and in your device's operating system settings, with the exception of working cookies which, if disabled, will not permit the use of the Sites, Platforms and Applications.
9. What do we use your data for?
DFL processes personal data in accordance with the legal bases provided for in the General Data Protection Law (LGPD), for example, for compliance with legal and regulatory obligations; contract enforcement; credit protection; to serve the legitimate interests of DFL, of our customers and third parties; protection of the life or physical safety of the Card Holder or of third parties; in situations where the consent of the Data Subject is collected and for the regular exercise of rights.
We may process Personal Data and other information for various purposes related to the performance of DFL's activities, as described below:
- to carry out our activities, provide our services, and supply our products in our relationship with you:
- to perform and keep your registration updated, verify your identity and any other information;
- to fulfill and carry out actions related to the contract, including pre-hiring steps, during and after hiring. Activities such as evaluating hiring proposals, servicing our channels, and operational processes to ensure the best experience and service for our customers;
- to serve our clients, potential clients and third parties, including dealing with doubts, complaints, requests and support through our service channels, making it possible for them to contact us
whenever necessary, and the other way around as well;
- to send communications about products and services contracted by you, necessary for the fulfillment of the contract;
- evaluations and regular exercise of rights necessary for the execution of contracts, such as information about your health necessary to contract certain products;
- selection and hiring of DFL employees.
- to understand our customers and offer products that best fit their needs and profile:
- to evaluate the profile, identify opportunities, and make offers and contracts for products, services, initiatives, and benefits of DFL and/or strategic partners that are best suited to the profile, interests, and needs of current customers, and third parties, including through e-mail marketing or other communications. You can manage the means by which you prefer to receive our offers or opt-out of receiving them on our service channels;
- to analyze demographic and interest information of Users, through analytics tools such as Google Analytics and Facebook Ads, in order to understand the target audience of advertising campaigns;
- to evaluate the browsing behaviors and profile of Users and customers, also to understand whether the User came to the Sites and Applications through direct access, links or own or third party cookies, for example;
- to conduct marketing campaigns and use information technology and online advertising solutions;
- to conduct research with the public to improve our products, services, customer service, and initiatives.
- Safety and risk:
- to identify, prevent and manage any security risks, physical or cyber, of itself, from DFL or third parties;
- to prevent fraud and ensure security in any DFL products, services, Sites and Applications, for identification and/or authentication processes in own or third-party electronic systems, which may also be Controllers of Personal Data, including by the development and/or use of anti-fraud tools;
- to analyze profile, identify, manage and treat potential risks in offering and contracting products and/or services and in DFL's other activities, such as credit risks, operational risks, reputational risks, market risks, among other risks. By monitoring these risks we are also taking care of our customers' safety;
- activities related to credit protection, such as credit risk assessment and management, evaluation of financial situation and assets, collection, credit assignment, activities related to information and consultation to credit protection entities and positive registry, among others.
- Compliance with legal and regulatory obligations:
- to comply with legal, regulatory and self-regulatory obligations, for example: internal audit and compliance activities, prevention of money laundering crimes and terrorism financing as well as other illicit activities, know your client - KYC activities and other risk management activities, reports to the Internal Revenue Service, fraud prevention measures, providing information to the Central Bank and other competent organs, in Brazil and abroad, for compliance with regulations, communication of suspicious operations to Coaf, proof of life of an INSS beneficiary, evaluation of legal representatives and company partners, among other activities;
- to comply with judicial, administrative, and arbitral orders and decisions.
- to protect the rights of yourself, DFL and others:
- for the regular exercise of rights, including in contracts and judicial, extrajudicial, administrative or arbitration proceedings.
- to maintain, create and improve our activities:
- to analyze, create and improve our products, services, activities, whether internal or external, initiatives, projects, features and functionality of our platforms, Sites and Applications, including to improve their access and use and to provide the best experience for you;
- to measure and understand Users' and customers' interaction with us, including on social networks and on our channels, as well as the use of our products, services, activities, initiatives, Sites and Applications, and User and customer satisfaction. Therefore, we can create, maintain and improve our products, services, and our service channels;
- execution of business processes, internal and managerial management. We process your data for our business and to help us make better decisions about our operations, business, services, products, activities, and initiatives;
- activities related to hiring and relationships with suppliers, service providers, and other third parties;
- Other instances of Processing based on legitimate purposes, such as for supporting and promoting DFL's activities or for providing services that benefit our customers;
- to promote events, carry out sponsorships and other activities and initiatives.
10. Data protection and privacy
10.1. DFL will do everything possible to maintain the privacy of its users' personal data stored in its database, committing itself to use technology that is sufficiently adequate for the protection of such data, seeking to maintain a safe environment, with the use of appropriate tools, always observing the available state of the art.
10.2. DFL professionals are aware of this policy and only qualified and authorized personnel are allowed to access personal data of users collected on the site, under penalty of disciplinary sanctions in case of violation of the rules herein.
10.3. DFL requires from partner companies and service providers, data protection and privacy guarantees assured in this policy, when it is necessary to share them.
11. Security Procedures
11.1. DFL sites use the most modern security measures to protect your personal information, restricting access to authorized personnel.
11.2. To this end, the DFL institutional site (dfl.com.br) uses a modern security encryption system for the Internet, making it a safe point on the world wide web. This system is validated by Let´s Encrypt (letsencrypt.org).
11.3. In the DFL distributor´s store (distribuidor.dfl.com.br), with each user access, a new encryption key is created between your computer and the site, making it impossible for other
people to intercept the transaction through computer programs. Thus, during the sending of data, this information is transformed into symbols by means of an encryption process, which are
decoded by the authorized server and certified by "Let's Encrypt Authority X3".
11.4. because of the use of such a security system, the processing of information can present problems if the internet user is using an old browser, which in computer terms can represent very few years or even months. This means that the Internet user will be able to view pages, but, for the very security of your data, you will not be able to make the purchase due to the impossibility of obtaining a secure connection with our server.
12. Profile and account access
12.1. It is the user's responsibility to keep his/her password and access login. Obvious passwords such as birthdates, names, or numerical sequences are not appropriate.
12.2. We recommend that the password contain special characters and alphanumeric characters. It is up to the user to change his password periodically.
12.3. If the user becomes aware or just suspects that his password has been cracked, he should also change it immediately.
13. Rights to information, access and rectification of personal data
13.1. According to Art. 43, §2 and § 3 of the Consumer Defense Code (Law No. 8.078 of September 11, 1990), the user may at any time consult and change his personal data stored in the DFL site's
records. However, DFL will keep a copy of all subscriber data in order to comply with data protection regulations and DFL interests to the extent permitted by the Marco Civil da Internet.
13.2. The LGPD guarantees rights of data subjects and you can make the following requests to us:
- access and confirmation of the existence of data processing;
- updating, correction of incomplete, inaccurate or outdated data of which it has no access;
- anonymization, blocking or deletion of unnecessary, excessive data or data processed in violation of the provisions of the LGPD;
- data portability, observing the applicable rules and commercial and industrial secrets;
- information from public and private entities with which the Controller has shared data use;
- information about the possibility of not providing consent and the consequences of refusal;
- revocation of consent which may be done at any time and without charge, upon express manifestation;
- request the erasure of personal data processed with consent, except in those cases in which the retention of data is required or permitted by law;
- objecting to processing carried out on other legal grounds, in case of non-compliance with the LGPD, highlighting the possibility of situations in which we may continue to carry out the
processing and refuse your objection request;
- request a review of decisions made solely on the basis of automated processing of personal data affecting you, such as credit decisions;
- request to be unsubscribed from sending targeted offers for DFL products and services through our channels.
13.3. In order to exercise your rights over your Personal Data, you can contact our service channels.
13.4. We reiterate the information that we may keep some data and/or continue processing, even in the event of a request for deletion, opposition, blocking or anonymization, in som circumstances, such as to comply with legal obligations, contractual and regulatory, to protect and exercise the rights of DFL, Users and customers, to prevent illegal acts and in legal, administrative and arbitration proceedings, including for questioning of third parties about its activities and in other cases provided by law.
14. Sending press releases and advertising messages
14.1. The notices, newsletters, announcements of offers and advertising messages sent by e-mail or SMS will obligatorily bring the option to cancel the sending of that type of message by the site. The
request will be answered within 48 hours of the unsubscription request. If you wish to unsubscribe from our site the user can click on 'unsubscribe" in the e-mail received or contact us by e-mail: firstname.lastname@example.org.
14.2. The opt-out is done via the user's e-mail or SMS message from the registered telephone number. Therefore, users who have more than one registration may continue to receive the
communications or advertising messages on the e-mail or telephone that have not been unregistered.
14.3. The services of sending e-mails and SMS will be carried out by the DFL site or by a contracted company, which will use its own servers to send them.
14.4. The contractor company does not store or use e-mails and telephone numbers of the DFL site register for any purpose other than sending messages, in accordance with the preferences of each
15. About Cookies
Cookies allow the collection of navigation-related data depending on the type of device used, the permissions granted by you through your device settings, and the features used in each application. We may use our own or third party cookies on our Sites and Applications.
What are cookies?
These are small text files that may or may not be added in the device's browser. These files store and recognize data that ensure the proper functioning of the Sites and Applications and help us identify your preferences and improve your experiences.
Types of cookies and their purposes
Cookies may collect data for different purposes related to the functionality of our Sites and Applications. Check out the types we use below:
- operation: to ensure proper access to and operation of the Sites and Applications;
- authentication: to recognize the User, enabling their access, including to restricted access areas, and also used to offer content, offers, and/or services from strategic partners;
- safety: to assist in the monitoring and detection of unauthorized activity, fraud prevention, and the protection of Users', your, DFL's, and third parties' information;
- research, analysis and performance: to verify, measure and analyze the audience, performance, usage of the applications by Users;
- propaganda: to present relevant advertising from DFL and partners according to the User's profile and to know if Users have viewed it, both in our environments and on partner sites and applications. They can also be used to remember any searches carried out by Users, and based on the results of these searches, display advertisements or offers for products, services and initiatives of interest to you.
Can I disable cookies and other forms of information collection?
As stated above, you can disable or delete cookies and other data collection technologies in your browser settings and in your device's operating system settings, with the exception of operational cookies which, if disabled, will not permit the use of the Sites and Applications..
Again, we remind you that if certain cookies are disabled, the Sites or Applications or some of their features or functionality may not function properly.
16. External Links
17. General provisions and questions
17.2. For further information or if you have any questions about the legal basis for the collection, processing and storage of your personal data, please contact DFL through your personal data
controller (DPO), Joe A V Pires, e-mail: email@example.com.
18. Applicable law and jurisdiction
Update: March 2021.