top of page

Privacy Policy

At Grupo SanFolia, privacy and security are priorities and we are committed to transparency in the processing of our CUSTOMERS' personal data. For this purpose, we have prepared this Privacy Policy, which establishes how the collection, use and transfer of information from customers or other people who access or use our website is carried out.

By using our services, you understand that we will collect and use your personal information in the ways described in this Policy, under the Data Protection rules (LGPD, Federal Law 13.709/2018), the consumerist provisions of Federal Law 8078/1990 and other rules of the applicable Brazilian legal system.

In this Policy we talk about how we collect and process your data when you use any of our services, such as the website, telephone service, virtual attendant, platforms and applications, whether you are our customer or not, and also when you use our service channels. . The information we collect may be that necessary to identify you directly or indirectly, including your location or even navigation data that we use exclusively to offer you our Services in a personalized way. On the other hand, non-identifying information (anonymized information) is not considered for purposes of this Policy. 

In this way, the SanFolia Group, hereinafter referred to simply as SanFolia”, registered with the CNPJ/MF under No. 03.951.956/0001-67, in the role of Data Controller, is bound by the provisions of this Privacy Policy.


1. What data do we collect about you and for what purpose?
The SanFolia Group collects User Personal Data, such as name, surname, e-mail, RG, CPF, date of birth, address, telephone numbers and bank details, for the purposes of identification, authentication, authorization and billing of the Services contracted by you.


2. How do we collect your data?
Data collection is done through our contract, additives, registration form and surveys carried out, which clearly have the purpose for which they are intended.

While you browse the SanFolia Group services, we collect data such as IP address, location, technical data of the device used and content with which you interacted to enable better offers and SanFolia Group Services. Such information is collected through cookies and other equivalent technologies (pixels, pixel tags, web beacons).
2.1. Consent
It is with your consent that we process your personal data. Consent is the free, informed and unequivocal statement by which you authorize Grupo SanFolia to process your data.

Thus, in line with the General Data Protection Law, your data will only be collected, processed and stored with prior and express consent.

Your consent will be obtained in a specific way, considering the purpose and legal provision, evidencing the SanFolia Group's commitment to transparency and good faith towards its CUSTOMERS, following the relevant legislative regulations.

By using the SanFolia Group services and providing your personal data, you are aware of and consenting to the provisions of this Privacy Policy, in addition to knowing your rights and how to exercise them.

At any time and at no cost, you may withdraw your consent.

It is important to highlight that the revocation of consent for the processing of data may imply the impossibility of executing the contract, or even partially carrying it out, when it depends on such information.


3. What are your rights?
The SanFolia Group guarantees its CUSTOMERS their rights as provided for in article 18 of the General Data Protection Law. This way, you can, free of charge and at any time:

• Confirm the existence of data processing, in a simplified way or in a clear and complete format.
• Access your data, being able to request them in a readable copy in printed form or electronically, safe and reputable.
• Correct your data, when requesting its edition, correction or update.
• Limit your data when unnecessary, excessive or treated in violation of the legislation through anonymization, blocking or deletion.
• Request the portability of your data, through a registration data report that the SanFolia Group deals with you.
• Eliminate your processed data based on your consent, except in cases provided for by law.
• Revoke your consent, disallowing the processing of your data.
• Find out about the possibility of not giving your consent and about the consequences of the refusal.


4. How can you exercise your titleholder rights?
To exercise your title rights, you must contact Grupo SanFolia via email:
In order to guarantee your correct identification as the holder of the personal data object of the request, it is possible that we request documents or other evidence that can prove your identity. In this case, you will be informed in advance.


5. How and for how long will your data be stored?
Your personal data collected by the SanFolia Group will be used and stored for the time necessary to provide the service or for the purposes listed in this Privacy Policy to be achieved, considering the rights of data owners and controllers in view of the provisions of legislation .

In general, your data will be kept as long as the contractual relationship between you and the SanFolia Group lasts. At the end of the period of storage of personal data, these will be deleted from our databases or anonymized, except for the hypotheses legally provided for in article 16 general data protection law, namely:
I – compliance with a legal or regulatory obligation by the controlling shareholder;
II – study by research body, ensuring, whenever possible, the anonymization of personal data;
III – transfer to a third party, provided that the data processing requirements set forth in this Law are respected; or
IV – exclusive use by the controller, access by a third party is prohibited, provided that the data is anonymised.

That is, personal information about you that is essential for the fulfillment of legal, judicial and administrative determinations and/or for the exercise of the right of defense in judicial and administrative proceedings will be kept, despite the exclusion of other data. 

The storage of data collected by the SanFolia Group reflects our commitment to the security and privacy of your data. We employ technical protection measures and solutions able to guarantee the confidentiality, integrity and inviolability of your data. In addition, we also have security measures appropriate to the risks and control access to stored information.


6. What do we do to keep your data safe?
To keep your personal information safe, we use physical, electronic and managerial tools aimed at protecting your privacy.
We apply these tools taking into account the nature of the personal data collected, the context and purpose of the treatment and the risks that possible violations would generate for the rights and freedoms of the holder of the data collected and processed.
Among the measures we adopt, we highlight the following:
• Only authorized persons have access to your personal data.
• Access to your personal data is done under confidentiality commitment.
• Your personal data is stored in a safe and suitable environment.
• The company has a storage, maintenance and disposal policy for personal data.
• Accesses are registered through a specific system for managing them.
• The company has controllership aimed at data protection.
• We use duly certified security tools for this purpose.

The SanFolia Group is committed to adopting the best postures to avoid security incidents. However, it is necessary to point out that no virtual page is entirely safe and risk-free. It is possible that, despite all our security protocols, problems that are solely the fault of third parties may occur, such as cyber attacks by hackers, or also as a result of negligence or imprudence by the user/customer.

In case of security incidents that may generate risk or significant damage to you or any of our CUSTOMERS, we will notify those affected and the National Data Protection Authority about the incident, in accordance with the provisions of the General Data Protection Law.


7. With whom may your data be shared?
With a view to preserving your privacy, the SanFolia Group will not share your personal data with third parties without your prior knowledge.

The purpose of contracting third parties and partners is to ensure a complete provision of services.

Before hiring any partner or service provider, we carry out a careful analysis and make sure that they adhere to our Policy. By accessing or using our Services, you agree that you are declaring that you know and accept the provisions of this Policy and the Terms of Use of the SanFolia Group, which are sufficiently described and clear. The Policy and Terms apply to all SanFolia Group products and services.

Your data may be shared with our business partners, as provided in the contract and its amendments.

These receive their data only to the extent necessary for the provision of contracted services and our contracts are guided by the data protection rules of the Brazilian legal system.

In addition, there are also other hypotheses in which your data may be shared, which are:
I – Legal determination, application, requisition or court order, with competent judicial, administrative or governmental authorities.
II – Case of corporate movements, such as merger, acquisition and incorporation, automatically.
III – Protection of the rights of the SanFolia Group in any type of conflict, including legal ones.

7.1. international data transfer
Some of the third parties with whom we share your data may be located or have facilities located in foreign countries. Under these conditions, in any case, your personal data will be subject to the General Data Protection Law and other Brazilian data protection legislation.

In this sense, the SanFolia Group undertakes to always adopt efficient standards of cybersecurity and data protection, in the best efforts to guarantee and comply with legislative requirements.

By agreeing to this Privacy Policy, you agree to this sharing, which will take place according to the purposes described in this instrument.


8. Cookies or browsing data
The SanFolia Group uses Cookies, which are text files sent by the platform to your computer and stored there, which contain information related to website navigation. In short, Cookies are used to improve the user experience.
By accessing our website and consenting to the use of Cookies, you acknowledge and accept the use of a navigation data collection system with the use of Cookies on your device. Grupo SanFolia uses the following Cookies: Session Cookies: they are temporary and when you close your browser, the computer will automatically delete them all; First-party cookies: these are stored cookies that help websites remember their information and settings when the user returns to visit a page again; Secure cookies: can only be transmitted over an encrypted connection. You can, at any time and at no cost, change permissions, block or refuse Cookies. However, the revocation of consent for certain Cookies may prevent the correct functioning of some platform features.


9. Amendment to this Privacy Policy
The current version of the Privacy Policy was formulated and last updated on: 04/15/2021.

We reserve the right to modify this Privacy Policy at any time, mainly in terms of adaptation to any changes made to our website or in the legislative field. We recommend that you review it frequently.

Any changes will come into effect as of their publication on our website and we will always notify you of any changes that have occurred.

By using our services and providing your personal data after such changes, you consent to them.


10. Liability
The SanFolia Group provides for the contractual liability of agents who work in data processing processes, in accordance with articles 42 to 45 of the General Data Protection Law.

We are committed to keeping this Privacy Policy up to date, observing its provisions and ensuring compliance.

In addition, we are also committed to seeking technical and organizational conditions that are safely able to protect the entire data processing process.

If the National Data Protection Authority requires the adoption of measures in relation to the processing of data carried out by the SanFolia Group, we undertake to follow them. 

10.1 Disclaimer
As mentioned in Topic 6, although we adopt high security standards to prevent incidents, no virtual page is entirely risk-free. In this sense, the SanFolia Group is not responsible for:

I – Any consequences arising from the negligence, imprudence or malpractice of CLIENTS in relation to their individual data. We guarantee and are only responsible for the security of the data processing processes and the fulfillment of the purposes described in this instrument. We emphasize that the user is responsible for the confidentiality of access data.

II – Malicious actions by third parties, such as hacker attacks, unless proven culpable or deliberate conduct by the SanFolia Group.
We emphasize that in case of security incidents that may generate risk or significant damage to you or any of our CUSTOMERS, we will inform those affected and the National Data Protection Authority about the incident and we will take the necessary measures.

III – Inaccuracy of the information entered by the user/customer in the records necessary for the use of Grupo SanFolia's services; any consequences arising from false information or information entered in bad faith are entirely the responsibility of the user/client.


11. Data Protection Officer
The SanFolia Group provides the following means for you to contact us to exercise your title rights:

If you have questions about this Privacy Policy or about the personal data we process, you can contact our Personal Data Protection Officer, through the following channels:

bottom of page