PT EN
PT EN

Privacy Policy

The purpose of this policy is to clarify for users, partners and others who wish to learn about or engage with the institution the privacy practices and rights guaranteed to data subjects, as adopted by IDESAM.

1. This Terms of Use and Privacy Policy sets out the access guidelines and describes the practices of the Institute for Conservation and Sustainable Development of the Amazon – IDESAM (“we”, “our” or “the Institute”) regarding the processing and security of information; copyright; responsibility for the use of and information available on the domain https://idesam.org/; and information collected from users who access our website, or who otherwise share personal information and interact with us (collectively: “Users”).

  1. “NATIONAL DATA PROTECTION AUTHORITY – ANPD”: the body responsible for supervising compliance with the provisions of the General Data Protection Law, Federal Law No. 13.709/2018, within the national territory;
  2. “DATA SHARING”: communication, dissemination, international transfer, interconnection of personal data or shared processing of personal databases by public bodies and entities in the exercise of their legal powers, or between such bodies and private entities, reciprocally, with specific authorisation, for one or more forms of processing permitted by such public bodies, or between private entities;
  3. “CONSENT”: a free, informed and unambiguous expression by which the data subject agrees to the processing of their personal data for a specific purpose;
  4. “CONTROLLER”: the party responsible for decisions regarding the processing of personal data, particularly concerning the purposes and means of processing personal data, represented in this policy by IDESAM;
  5. “ANONYMIZED DATA”: data relating to the data subject that cannot be identified, taking into account the use of reasonable technical means available at the time of its processing;
  6. “PERSONAL DATA”: any information obtained pursuant to a contract or private agreement entered into with IDESAM, relating to an identified or identifiable natural person, such as: name, CPF, RG, home or business address, landline or mobile telephone number, email address, geolocation information, amongst others;
  7. “SENSITIVE PERSONAL DATA”: personal data concerning racial or ethnic origin, religious beliefs, political opinions, membership of a trade union or an organisation of a religious, philosophical or political nature, data relating to health or sex life, genetic or biometric data, when linked to a natural person;
  8. “SECURITY INCIDENTS”: any event that results in a breach of the principles of Confidentiality, Integrity and Availability of information;
  9. “OPERATOR”: a party that processes personal data in accordance with the Controller’s instructions, referred to in this policy as the contractor’s supplier and/or partner;
  10. “DATA SUBJECT”: the natural person to whom the personal data being processed relates;
  11. “PROCESSING”: any operation or set of operations performed on personal data or sets of personal data (data processing), by automated or non-automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of making available, comparison or interconnection, restriction, erasure or destruction;
  12. “PERSONAL DATA BREACH”: any accidental, unlawful or unauthorised access, acquisition, use, alteration, disclosure, loss, destruction or damage involving personal data.

IDESAM’s Privacy Policy is based on the following principles:

  1. Confidentiality: restricting access to information and resources to authorised persons only.
  2. Integrity: accuracy of information and the processing methods to which the information is subjected, ensuring it remains accurate, complete and up to date.
  3. Availability: ensuring that authorised users have access to information and information assets when necessary.
  4. Purpose: processing carried out for legitimate, specific, explicit purposes communicated to the data subject, without the possibility of further processing incompatible with these purposes;
  5. Relevance: compatibility of the processing with the purposes communicated to the data subject, in accordance with the context of the processing;
  6. Necessity: limiting processing to the minimum necessary to achieve its purposes, covering data that is relevant, proportionate and not excessive in relation to the purposes of data processing;
  7. Free Access: guaranteeing data subjects easy and free access to information regarding the manner and duration of processing, as well as the completeness of their personal data;
  8. Data quality: guaranteeing data subjects that data is accurate, clear, relevant and up to date, in accordance with necessity and for the fulfilment of the purpose of its processing;
  9. Transparency: guaranteeing data subjects clear, accurate and easily accessible information regarding the processing and the respective data controllers, whilst respecting commercial and industrial secrecy;
  10. Security: use of technical and administrative measures capable of protecting personal data from unauthorised access and from accidental or unlawful destruction, loss, alteration, disclosure or dissemination;
  11. Prevention: adoption of measures to prevent damage arising from the processing of personal data
  12. Non-discrimination: prohibition of processing for unlawful or abusive discriminatory purposes;
  13. Accountability and Transparency: demonstration by the controller of the adoption of effective measures capable of proving compliance with personal data protection rules, including the effectiveness of such measures.

Controller or Processor

In situations where IDESAM collects data for its own purposes, it acts as a Controller. In situations where data collection takes place in connection with a service to be developed and defined by the parties involved, IDESAM acts as a Processor.

When acting as a Processor, IDESAM is responsible for its share of data protection, as agreed with the respective Controller; however, it has no decision-making power or authority to process data in a manner that does not comply with the processes and workflows agreed with the Controller.

The processing of your personal information (i.e. all information that could potentially identify you by reasonable means; hereinafter referred to as “Personal Information”) is necessary to enable safe browsing and a better experience on our website, to fulfil our contractual obligations to you (where there is an option to enter into a contract), and to comply with the legal obligations to which we are subject.

We encourage our Users to read the Privacy Policy and use it to make informed decisions.

We collect two types of data and information from Users.

The first type of information is non-identifying and non-identifiable information relating to a User, which may be made available or collected through the use of the Website (“Non-Personal Information”). We do not know the identity of a User from whom Non-Personal Information has been collected. Non-Personal Information that is collected may include your aggregated usage information and technical information transmitted by your device, including certain software and hardware information (e.g. the type of browser and operating system your device uses, language preference, access time, etc.) in order to improve the functionality of our Website. We may also collect information about your activity on the site (e.g. pages viewed, online browsing, clicks, actions, etc.).

The second type of information is Personal Information, which is individually identifiable information, i.e. information that identifies an individual or could, with reasonable effort, identify an individual. Such information includes:

Device information: we collect personal information from your device. Such information includes geolocation data, IP address, unique identifiers (e.g. MAC address and UUID) and other information relating to your activity via the Website.

We may receive your Personal Information from a number of sources:

  1. When you voluntarily provide us with your personal data by filling in forms on our Website;
  2. When you use or access our Website as part of your use of our services;
  3. From third-party providers, services and public records (e.g. traffic analytics providers).
  4. When visitors leave comments on the site, we collect the data shown in the comments form, as well as the visitor’s IP address and browser data, to help detect spam.
  5. An anonymised string created from your email address (also known as a hash) may be sent to Gravatar to check whether you are using the service. Gravatar’s privacy policy is available here: https://automattic.com/privacy/. Once your comment has been approved, your profile picture will be publicly visible alongside your comment.
  1. To communicate with you – by sending notifications regarding our activities, providing technical information and responding to any queries or requests you may have;
  2. To identify possible improper and/or criminal actions, such as attempts to hack into or compromise the functioning of this website;
  3. For statistical and analytical purposes with the aim of improving the browsing experience on the Website.
  4. In addition to the various uses listed above, we may transfer or disclose Personal Information to partners and subcontractors, provided they have been previously informed and authorised through contact for negotiations.
  5. In addition to the purposes mentioned in this Privacy Policy, we may share personal information with our trusted third-party providers, who may be located in different jurisdictions around the world, for any of the following purposes:
  • Hosting and operating our Website;
  • To provide a personalised display of our Website;
  • Storing and processing such information to fulfil service requests.

We may also disclose information if we believe in good faith that the disclosure of such information would be useful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or government request; (ii) enforce our policies, including investigations into potential breaches thereof; (iii) investigate, detect, prevent or take action regarding illegal activities or other offences, suspected fraud or security issues; (iv) establish or exercise our rights to defend ourselves against legal claims; (v) prevent harm to our rights, property or safety, or that of our users, your own safety or that of third parties; or (vi) for the purpose of cooperating with law enforcement authorities and/or where we deem it necessary to enforce intellectual property or other legal rights.

As a data subject, you may request:

  1. Confirmation as to whether or not non-personal information about you is being processed, and access to your stored personal information, together with supplementary information.
  2. To receive a copy of the personal information that you have voluntarily and directly provided to us in a machine-readable, commonly used and structured format.
  3. Request the rectification of your personal information that is under our control.
  4. Request the erasure of your personal information.
  5. Object to the processing of your personal information by us.
  6. Request a restriction on our processing of your personal information.
  7. Lodge a complaint with the ANPD.

We will retain your Personal Information for as long as necessary to carry out our activities and as required to comply with our legal obligations, resolve disputes and enforce our policies. Retention periods will be determined taking into account the type of information collected and the purpose of such collection, bearing in mind the requirements applicable to the situation and the need to destroy information that is out of date and has not been used within a reasonable period of time. In accordance with applicable regulations, we will retain records containing users’ personal data, communications and any other information in compliance with laws and regulations.

If you leave a comment, the comment and its metadata are retained indefinitely. We do this so that we can automatically recognise and approve any subsequent comments rather than holding them back for moderation.

For users who register on our site, we also store the personal information they provide in their user profile. All users can view, edit or delete their personal information at any time (although you cannot change your username). Site administrators can also view and edit this information.

We may correct, update or remove incomplete or incorrect information at any time and at our own discretion.

We use cookies and other technologies in our related services, including when you visit our Website.

A cookie is a small piece of information that a website assigns to your device whilst you are viewing a website. Cookies are very useful and can be used for a wide variety of purposes. These purposes include enabling you to navigate between pages efficiently, enabling certain features to be activated automatically, remembering your preferences, and making interaction between you and our services quicker and easier. Cookies are also used to help ensure that the adverts you see are relevant to you and your interests, and to compile statistical data on your use of our services.

The Website uses the following types of cookies:

If you edit or publish something, an additional cookie will be saved in your browser. This cookie does not contain any personal data and simply indicates the post ID of the post you have just edited. It expires after 1 day.

When you log in to your account on the site, we set cookies to save your account details and your screen display choices. Login cookies last for two days, and screen options cookies last for one year. If you select “Remember Me”, your login will last for two weeks. If you log out of your account, the login cookies will be removed.

The cookies do not contain information that personally identifies you, but personal information that we store about you may be linked by us to information stored in and obtained from the cookies. You can remove cookies by following the instructions in your device settings; however, if you choose to disable cookies, some features of our Website may not function properly and your online experience may be limited.

Our policy addresses only the use and disclosure of information we collect from you. To the extent that you disclose your information to other parties or websites across the internet, different rules may apply to their use or disclosure of the information you provide to them. In this regard, we encourage you to read the terms and conditions and privacy policy of each party to whom you choose to disclose information.

This Privacy Policy does not apply to the practices of companies that we do not own or control, nor to individuals whom we do not employ or manage, including third parties to whom we may disclose information as set out below in this Terms of Use and Privacy Policy.

The third-party services we use are:

  1. Cloud Computing Environment Provider (Microsoft-SharePoint (local storage).
  2. Hostinger: Website hosting and email database.

We take great care in implementing and maintaining the security of the Website, our systems and your information. We employ current standard procedures and policies to ensure the security of the information we collect and retain, prevent the unauthorised use of any information, and require any third parties to comply with similar security requirements, in accordance with this Privacy Policy.

We have adopted data protection measures, which include, but are not limited to, an environment with physical and logical access controls, encryption, password protection, tokens, a code of conduct, policies and confidentiality clauses, amongst others.

Although we take reasonable measures to protect the information, we cannot be held responsible for the actions of those who gain unauthorised access or misuse our Website through attacks and intrusions resulting from criminal techniques that are beyond IDESAM’s ability to prevent or stop, even when adopting preventive technical and organisational measures, and we give no guarantee, explicit or implicit, that we will prevent such access.

However, in our capacity as a potential controller and/or processor of personal data, we are committed to privacy and data protection regulations, as well as to adopting the necessary practices to ensure data governance and the rights and freedoms of our users/customers. To this end, we also have action plans in place to mitigate and address any incidents should they occur, always seeking to preserve our users’ data and information in an ethical and responsible manner.

We would like to point out that some data recipients may be located outside the national territory. In such cases, your data will only be transferred to countries approved by the National Data Protection Agency – ANPD and/or the European Commission (where applicable under the GDPR), ensuring an adequate level of data protection, or we will enter into legal agreements (including audit processes, certification assessments and other due diligence practices) that ensure an adequate level of data protection.

We may use your Personal Information, such as your name, email address, telephone number, etc., either ourselves or through our third-party subcontractors, for the purpose of providing you with materials about our activities which we believe may be of interest to you.

Out of respect for your right to privacy, we will provide you, within such communication materials, with the means to opt out of receiving communications, campaigns and engagement initiatives promoted by us. If you unsubscribe, we will remove your email address or telephone number from our mailing lists.

We understand the importance of protecting children’s privacy, especially in an online environment. The Website is not designed for or directed at children. Under no circumstances shall we permit the use of our services by minors without the prior consent or authorisation of a parent or legal guardian. We do not intentionally collect Personal Information from minors. If a parent or guardian becomes aware that their child has provided us with Personal Information without their consent, they should contact us by email.

IDESAM authorises the total or partial reproduction, for non-profit purposes, of the content, provided that its integrity is maintained. Restricted, confidential or third-party information may only be accessed and/or reproduced by authorised persons.

In all cases, the source must be clearly and visibly cited, including the date and time of extraction. The use of the trademark or name is prohibited without the prior written authorisation of IDESAM’s legal representatives.

The inclusion of links to the IDESAM website on other websites is only permitted provided the source is cited. In specific cases, seek express authorisation from a legal representative of IDESAM.

Contact person:

Email:

Address:

Diego Rangel de Souza Leão

[email protected]

Rua Barão de Solimões, 12, Cj. Parque das Laranjeiras, Flores, Postcode: 69.058-250 Manaus – AM.

...
Follow us on social media
IDESAM
AREAS OF FOCUS
selo melhores ongs 2017
selo melhores ongs 2020
selo pcn2401 2024
selo melhores ongs 2022
selo melhores ongs 2023
selo inovacao em meio ambiente 2022
© IDESAM. 2026. All rights reserved.
Development: IDESAM Communications and Click Multiplatform