1. Acceptance of the Term of Use
2. Laws, Standards and Documents
The Quality system service is based on the following laws, standards, and documents:
- Law No. 13,709/18 – General Data Protection Law (LGPD);
- Application of family standards:
- ABNT NBR ISO/IEC 27000 – Security Management System of Information;
- ABNT NBR ISO/IEC 20000 – QUALITY MANAGEMENT OF IT Services (Information Technology);
- ABNT NBR ISO/IEC 31000 – Risk Management.
3. Description of the service
4. User rights of the service
According to Law No. 13,460 of June 26, 2017, the user’s basic rights are:
- Participation in the monitoring of the provision and evaluation of services;
- Obtaining and using services with freedom of choice between the means offered and without discrimination;
- Access and obtaining information related to your person contained in records or databases, in accordance with the provisions of item X of the caput of art. 5 of the Federal Constitution and Law No. 12,527, of November 18, 2011;
- Protection of your personal information pursuant to Law No. 12,527 of November 18, 2011;
- Integrated and systemic performance in the dispatch of certificates, certificates and documents proving regularity; and
- Obtaining accurate information and easy access in the places of service provision, as well as its availability on the Internet.
5. User responsabilities
What are the obligations of users using the service?
The user is responsible for the accuracy and veracity of the data reported and acknowledges that their inconsistency may imply the impossibility of using the QUALITY MANAGEMENT SYSTEM service.
During the use of the service, in order to safeguard and protect the rights of third parties, the user undertakes to provide only his personal data. If it is necessary to collect data from third parties, the consent of the data subject or the appropriate purpose for the processing of data should be taken into account.
The login and password can only be used by the registered user. He undertakes to maintain the confidentiality of the password, which is personal and non-transferable, and it is not possible, in any case, the claim of misuse after the act of sharing.
The user of the service is responsible for updating his/her personal data and for the consequences in case of omission or errors in the data provided.
CYF cannot be held responsible for the following facts:
- Equipment infected or hacked by attackers;
- Equipment malfunctioned at the time-of-service consumption;
- Computer protection;
- Protection of information based on users’ computers;
- Abuse of users’ computer use;
- Clandestine computer monitoring of users;
- Vulnerabilities or instabilities existing in users’ systems;
- Insecure perimeter.
Under no circumstances shall CYF be responsible for the installation, on the User’s or third party’s equipment, of malicious code (viruses, trojans, malware, worm, bot, backdoor, spyware, rootkit, or any others that may be created) as a result of the User’s internet browsing.
6. CYF responsabilities
What are CYF’s responsibilities with my data?
CYF undertakes to comply with all laws inherent in the correct use of the user’s personal data in order to preserve the privacy of the data used in the service, as well as to guarantee all the legal rights and guarantees of the data subjects. It also undertakes to promote, regardless of requirements, the disclosure in a place of easy access, within the scope of its competencies, of information of collective or general interest produced or custody by them. It is CYF’s responsibility to implement security controls to protect the personal data of the holders.
CYF may, with as far as court orders request the information, share information necessary for investigations or act related to illegal activities, suspected fraud or potential threats against persons, property or systems that sustain the Service or otherwise necessary to comply with legal obligations. If it occurs, CYF will notify the data subjects, unless the case is in the secret of justice.