fbpx
Skip links

sac@tminformatica.com.br

Av. Marcos Penteado de Ulhôa Rodrigues, 690 - Tamboré

Instagram Facebook Linkedin Youtube
Financeiro
Report channel
Support
Enter here
TM Informática

Data Privacy

Trabalhando intensamente para proteger os seus dados pessoais

TM AND PERSONAL DATA PRIVACY

SEPTEMBER 2023

TABLE OF CONTENTS. 


  • INTRODUCTION AND INFORMATION OF PERSONAL DATA (DPO)
  • HOW DATA IS OPERATED
  • DELETE OR RECTIFY DATA
  • DATA TRANSFER
  • GLOSSARY 
  • RIGHTS OF DATA SUBJECTS


  • INTRODUCTION.

TM INFORMÁTICA CONSULTORIA E SISTEMAS LTDA has been on the market for over 25 years and we have a personal data privacy policy in accordance with Act No. 13.709/18 – General Data Protection Law.

 

Our Information Technology team has more than 70 professionals working hard to protect your personal data.

We work with data anonymized by encryption.

Our employees receive continuous training on the General Data Protection Law.

With us your data is protected.

Personal Data Manager Information (DPO) Stefano Del Sordo Neto – stefano@stefanodelsordo.adv.br – (55 11) 98249 0009 

  • HOW YOUR DATA IS OPERATED BY TM.

TM does not collect your data. 

Your personal data is collected in hospitals and laboratories with your prior consent. These hospitals and laboratories are the controllers of the data collected.

In accordance with the General Data Protection Law, TM is the Data Operator, which means that it complies with the determinations of the Data Controller, which is the company or institution that collects your personal data and determines, by contract, for what purpose we should operate your personal data.

We receive personal data through software installed in hospitals and laboratories, and this software calculates the test results, which are sent to the company or institution that collected the data. 

This is how you get your medical test results.

TM is honored to participate in your health care.

  • TM MAY DELETE OR RECTIFY YOUR DATA.

Act  no. 13.787, of December 27, 2018, which determines that paper and digitized medical records should be kept for a minimum period of 20 years from the last registration.

Therefore, TM cannot rectify or delete your data.

We suggest that you contact the hospital or laboratory where your personal data was collected and make your request.

  • DOES TM TRANSFER YOUR PERSONAL DATA?

Yes, TM transfers your personal data in encrypted form. We are obsessed with information security. And in order for us to be successful in protecting your personal data, we have a highly qualified and trained team, in addition to the company Oracle, which has international recognition in terms of data hosting security.

  • GLOSSARY

PERSONAL DATA: information related to an identified or identifiable individual;

SENSITIVE PERSONAL DATA: personal data concerning racial or ethnic origin, religious conviction, political opinion, membership of a trade union or religious, philosophical or political organization, data concerning health or sex life, genetic or biometric data when linked to an individual;

ANONYMIZED DATA: data relating to a data subject who cannot be identified, considering the use of reasonable technical means available at the time of processing;

DATABASE: structured set of personal data, established in one or more locations, in electronic or physical format;

DATA SUBJECT: natural person to whom the personal data that is subject to processing refers;

CONTROLLER: natural or legal person, governed by public or private law, who is responsible for decisions regarding the processing of personal data;

OPERATOR: individual or legal person, governed by public or private law, who processes personal data on behalf of the controller;

HEAD: a person appointed by the controller and operator to act as a communication channel between the controller, data subjects and the National Data Protection Authority (ANPD)

PROCESSING PERSONAL DATA: any operation carried out with personal data, such as those relating to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, diffusion or extraction;

ANONYMIZATION: anonymization: use of reasonable technical means available at the time of processing, through which data loses the possibility of association, directly or indirectly, with an individual;

CONSENT: free, informed and unequivocal expression by which the data subject agrees to the processing of their personal data for a specific purpose;

NATIONAL AUTHORITY: government body responsible for ensuring, implementing and monitoring compliance with this Law throughout the national territory

  • RIGHTS OF DATA SUBJECTS.

The LGPD provides for a wide range of data subject rights, among which the following can be highlighted:

The data subject has the right to facilitated access to information about the processing of their data, which should be made available in a clear, adequate and conspicuous manner regarding, among other characteristics provided for in regulations to comply with the principle of free access:

I – Specific purpose of the treatment;

II- form and duration of the processing, observing commercial and industrial secrets;

III – Identification of the controller;

IV – Controller contact information;

V – Information about the shared use of data by the controller and the purpose;

VI – Responsibilities of the agents who will carry out the treatment; and

VII – Data subject’s rights, with explicit mention of the rights contained in art. 18 of this Act.

Every individual has guaranteed ownership of their personal data and the fundamental rights of freedom, intimacy and privacy are guaranteed, in accordance with this Act.

The data subject of personal data has the right to obtain from the controller, in relation to the data subject’s data processed by him, at any time and upon request:

I – Confirmation of the existence of processing;

II – Access to the data;

III – Correction of incomplete, inaccurate or outdated data;

IV- Anonymization, blocking or deletion of data that is unnecessary, excessive or processed in non-compliance of this Act;

V – Data portability to another service or product provider, upon express request, in accordance with the regulations of the national authority, subject to commercial and industrial secrets;  

VI – Elimination of personal data processed with the data subject’s consent, except in the cases provided for in art. 16 of this Act;

VII – Information on public and private entities with which the controller shared data use;

VIII – Information about the possibility of not providing consent and the consequences of refusal;

IX- Revocation of consent, pursuant to § 5 of art. 8th of this Act.

The data subject has the right to request the review of decisions taken solely on the basis of automated processing of personal data that affect their interests, including decisions intended to define their personal, professional, consumer and credit profile or aspects of their personality.