Privacy Policy

The Lura Editora LTDA., Lura Editorial, a legal entity of private law, located at Rua: R. Manoel Coelho, 500 - Sala 710 - Centro, São Caetano do Sul - SP, 09510-111, on its website available at the address https://www.luraeditorial.com.br/, values privacy and guarantees that the personal data processed by it will only be used in accordance with this Privacy Policy and with the applicable privacy and data protection legislation, specifically Law 13.709/2018 - General Data Protection Law LGPD.

 

This Privacy Notice will be available for consultation, in digital format, in the "Privacy Notice" section at the end of the website https://www.luraeditorial.com.br/.

Therefore, it is essential for us, through this Privacy Notice, to explain clearly and transparently, how, when, and where we process the data of our users during and after their relationship with us.

In addition, this Notice aims to inform the user's rights and clarify when and how they can exercise them.

We suggest you read our Privacy Notice

1. What are personal data according to the General Data Protection Law?

They are personal data that allow the identification of a natural person, such as: name, date of birth, CPF, email, RG, location data, and others.

2. What personal data are collected? How are they collected? For what purpose?

On our website, there are ways to collect data: data provided directly by the user, which occurs when you fill out the following contact forms, located at the links at the bottom of the home page of the site:

1. Registration;
2. Contact;
3. Publish your book;

2.1. Data we may collect about you

We collect and use some personal data belonging to those who use our website. In doing so, we act as the controller of this data and are subject to the provisions of Law No. 13,709/2018 (General Data Protection Law - LGPD).

We take care of the protection of your personal data and, therefore, make available this Privacy Notice, which contains important information about:

• Who should use our site;
• What data we collect and what we do with it;
• Your rights regarding your personal data; and
• How to contact us.

2.2 Personal data provided expressly by the user

Generally, when you access our site or contact us to seek information about our Services, we process the following personal data and in the following places on our site:

1. https://lurabooks.com/en/contact;
2. https://lurabooks.com/en/about;
3. https://lurabooks.com/en/publish;
4. https://lurabooks.com/en/;

The data provided by our users is processed for the purpose indicated in each access link and according to the purposes identified below:

Contact Form - Completion of a form containing the following personal data: name, email, and telephone;

Registration Form - Completion of contact information, sending purchased products on the site, and contact to talk about services or products purchased on the site. The following data is collected: name, email, telephone, address, and CPF;

"Publish" Form - Completion of a form containing the following personal data: name, email, and telephone;

"Newsletter" Form - Providing an email to receive news from Lura, offers, and opportunities to enter the publishing market;

In some very specific occasions, we may collect personal data about you from other sources, such as public databases or authorized partners, in public profiles or interactions with us on social networks.

2.3 How we use your data?

We may process personal data for the following purposes:

• Registration;
• Purchases on our site;
• Compliance with legal and regulatory obligations;
• Newsletter sending;
• Defend our rights in administrative, arbitration, and judicial processes.

2.4 Sensitive personal data.

We will not collect sensitive data from our users, as understood by articles 11 and following of the Personal Data Protection Law. Thus, there will be no collection of data regarding racial or ethnic origin, religious belief, political opinion, union membership, or membership in an organization of a religious, philosophical, or political nature, data regarding health or sexual life, genetic or biometric data, when linked to a natural person.

3. Cookies.

Cookies are small text files automatically downloaded to your device when you access and browse a website. They basically serve to identify devices, activities, and user preferences.

Cookies do not allow any file or information to be extracted from the user's hard drive, nor is it possible, through them, to access personal information that did not come from the user or from how the user uses the site's resources.

a. Site cookies.

Site cookies are those sent to the user's computer or device and managed exclusively by the site.

The information collected through these cookies is used to improve and personalize the user experience, and some cookies may, for example, be used to remember user preferences and choices, as well as to provide personalized content.

We use Google Analytics on our page, and its cookies allow Google to create ads based on the following data:

• create remarketing audiences based on specific demographic and interest information, and share these lists with Google Ads;

• use demographic and interest information in your Google Analytics reports;

• create segments based on interest data and demographic information.

b. Cookie management.

The user may object to the registration of cookies by the site, simply by deactivating this option in their own browser. More information on how to do this in some of the main browsers used today can be accessed from the following links:

Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies

Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Google Chrome: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en

Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

Opera: https://www.opera.com/help/tutorials/security/privacy/

Disabling cookies, however, may affect the availability of some tools and features of the site, compromising its correct and expected operation. Another possible consequence is the removal of user preferences that may have been saved, compromising their experience.

4. Collection of data not expressly provided.

Occasionally, other types of data not expressly provided in this Privacy Notice may be collected, provided that they are provided with the user's consent, or that the collection is allowed based on another legal basis provided for by law.

In any case, the collection of data and the processing activities resulting from it will be informed to the site's users.

5. Sharing of personal data with third parties.

We share some of the personal data mentioned in this section with third parties.

• Third-party service providers: We work with third-party service providers to help us operate, execute, improve, understand, customize, and support our Services. When we share data with third-party service providers, we require them to use your data in accordance with our instructions and terms or with your express consent, where applicable.
• Business partners: In these cases, we will ensure that you are aware of the sharing and, when necessary, we will collect your consent to do so.
• Regulatory bodies, judicial, or administrative authorities: We may share your personal data to provide competent authorities with all the information requested regarding the Data Subject. Furthermore, we may share your personal data with public authorities or private entities to combat fraud and abuse in the use of the Services, to investigate suspicions of law violation, to defend our rights, or to combat any other suspected breach of our policies and contracts.
• With your authorization: In other cases not provided above, with the objective of sharing personal data and information, if necessary, we will send you a notification with information regarding such sharing to request your consent for a specific purpose.

In any case, the sharing of personal data will comply with all applicable laws and rules, always seeking to ensure the security of our users' data, observing the technical standards employed in the market.

6. How long will your personal data be stored?

We store and maintain your information: (i) for the specific time required by law; (ii) until the end of the personal data processing; or (iii) for the time necessary to preserve Lura Editorial's legitimate interest (such as during applicable prescription periods or compliance with legal or regulatory obligations).

The end of the personal data processing will occur when it is verified:

• That the purpose for which the data was collected has been achieved, and that the collected personal data is no longer necessary or relevant to the specific purpose intended;
• A request from the Data Subject to this effect, upon termination of the relationship between Lura Editorial and the Data Subject; or
• Legal determination

In the event of revocation of consent or request for deletion of your personal data, some information may still be kept as necessary for compliance with legal obligations, regular exercise of rights, legitimate interest, detection, and prevention of fraud.

In these cases of termination of personal data processing, except as provided by the applicable legislation or by this Privacy Notice, personal data will be deleted.

7. Legal bases for the processing of personal data.

A legal basis for the processing of personal data is a legal foundation, provided for by law, that justifies the processing. Thus, each personal data processing operation must have a corresponding legal basis.

We process the personal data of our users in the following hypotheses:

- upon the consent of the data subject;

- for the fulfillment of a legal or regulatory obligation by the controller;

- for the regular exercise of rights in a judicial, administrative, or arbitration process;

- when necessary to meet the legitimate interests of the controller or third party;

7.1 Consent.

Certain operations of personal data processing carried out on our site will depend on the prior agreement of the user, who must express it freely, informed, and unequivocally.

The user may revoke their consent at any time, and if there is no legal basis that allows or demands the storage of the data, the data provided with consent will be deleted.

Additionally, if desired, the user may disagree with any operation of personal data processing based on consent. In these cases, however, it may not be possible to use some site functionality that depends on that operation. The consequences of lack of consent for a specific activity are informed in advance of processing.

7.2 Compliance with a legal or regulatory obligation by the controller.

Some operations of personal data processing, especially data storage, will be carried out so that we can comply with obligations established by law or other normative provisions applicable to our activities.

7.3 Legitimate interest.

For certain operations of personal data processing, we rely exclusively on our legitimate interest. To learn more about in which cases, specifically, we use this legal basis, or to obtain more information about the tests we perform to ensure that we can use it, please contact our Data Protection Officer through the channels provided in this Privacy Notice, in the section "How to contact us".

8. User rights.

The General Data Protection Law (Law no. 13,709/18), in art. 18, lists the rights of personal data subjects, which we detail below:

Rights of the Data Subject: The Data Subject has the right to obtain from the Controller, regarding the data processed by it, at any time and upon request:

I - confirmation of the existence of processing;

II - access to data;

III - correction of incomplete, inaccurate, or outdated data;

IV - anonymization, blocking, or deletion of unnecessary, excessive, or processed data in violation of Law no. 13,709;

V - portability of data to another service or product provider, upon express request and observing commercial and industrial secrets, in accordance with the regulations of the supervisory authority;

VI - portability of data to another service or product provider, upon express request, in accordance with the regulations of the national authority, observing commercial and industrial secrets;

VII - deletion of personal data processed with the consent of the data subject, except in the cases provided for in art. 16 of Law no. 13,709;

VIII - information about the public and private entities with which the controller has shared data;

IX - information about the possibility of not providing consent and the consequences of refusal;

X - revocation of consent, pursuant to § 5 of art. 8 of Law no. 13,709/2018.

It is important to highlight that, according to the LGPD, there is no right to delete data processed on legal bases other than consent, unless the data is unnecessary, excessive, or processed in violation of the law.

9. How the data subject can exercise their rights.

Data subjects whose personal data are processed by us may exercise their rights by sending a message to our Data Protection Officer. The necessary information for this is in the section "How to contact us" of this Privacy Notice.

To ensure that the user who intends to exercise their rights is, in fact, the data subject of the personal data subject to the request, we may request documents or other information that may assist in their correct identification, in order to safeguard our rights and the rights of third parties. This will only be done, however, if absolutely necessary, and the requester will receive all related information.

10. Security measures in the processing of personal data.

We employ technical and organizational measures capable of protecting personal data from unauthorized access and situations of destruction, loss, misplacement, or alteration of such data.

The measures we use take into account the nature of the data, the context and purpose of the processing, the risks that any breach would pose to the rights and freedoms of the user, and the standards currently employed in the market by companies similar to ours.

Although we do everything in our power to prevent security incidents, it is possible that a problem may occur solely due to a third party, such as in the case of hacker or cracker attacks, or even in cases of exclusive fault of the user, such as when they themselves transfer their data to a third party. Thus, although we are generally responsible for the personal data we process, we disclaim responsibility in the event of an exceptional situation like these, over which we have no control.

In any case, if any type of security incident occurs that may generate a relevant risk or damage to any of our users, we will notify the affected parties and the National Data Protection Authority about the incident, in accordance with the provisions of the General Data Protection Law, art. 53, Law no. 13,709/2018.

11. Complaint to the NATIONAL DATA PROTECTION AUTHORITY - ANPD.

Without prejudice to any other administrative or judicial remedy, data subjects who feel aggrieved in any way may file a complaint with the National Data Protection Authority.

12. Changes to this policy.

This version of the Privacy Policy was last updated on: 06/10/2023.

We reserve the right to modify these rules at any time, especially to adapt them to any changes made to our website, either by providing new functionalities, by removing or modifying existing ones.

Whenever there is a modification, our users will be notified of the change.

13. Children's Data

As a rule, we do not process children's data to provide our Services.

14. How to contact us.

To clarify any doubts about this Privacy Policy or about the personal data we process, please contact our Data Protection Officer, through one of the channels mentioned below:

Name: Roger Conovalov

E-mail [email protected]