top of page

HOW DO WE HANDLE 
POTENTIALLY SENSITIVE DATA?

In accordance with the General Data Protection Law, NetLab UFRJ developed its Privacy Policy to demonstrate our commitment to protecting the privacy and personal data of users. In this document, you will see how your privacy is protected by NetLab UFRJ when we collect, process and store potentially personal information collected online.
 

In our surveys, we collect and use personal information only in the ways described in this Policy, under the Data Protection rules (LGPD, Federal Law 13.709/2018), the consumerist act of Federal Law 8078/1990 and the other applicable rules of the Brazilian legal system.

In this way, NetLab UFRJ, in the role of Data Controller, is bound by the provisions of this Privacy Policy.

Personal data are those that we commonly provide in a registration, such as name, RG, CPF, gender, date and place of birth, affiliation, telephone, home address, card or bank details. But some information that we do not always consciously provide is also personal data, such as location via GPS,photograph images, health records, consumer habits, IP address (Internet Protocol) and  cookies . Among all these data, the LGPD paid special attention to what it called “sensitive personal data”, which concerns any and all data about “racial or ethnic origin, religious conviction, political opinion, union membership or organization of a religious nature, philosophical or political data, data referring to health or sexual life, genetic or biometric data, when linked to a natural person”.

 
1. What data do we collect about you and for what purpose?

Our website does not collect or use any of your personal data. In our surveys, we only work with data considered public, pre-collected and made available by third parties, such as social media platforms, or provided by volunteer collaborators. Our research material consists of publications, messages, information and communication content that, in turn, may contain elements of a personal nature, such as cultural and ideological manifestations, opinions and individual behavior registered in the interaction on digital platforms. All this data is collected for the purpose of research and development of technologies at the Federal University of Rio de Janeiro.

 
2. How do we collect your data?

In this sense, the collection of your personal data occurs as follows:

We collect data from platforms through APIs, applications developed for scraping public data, and other forms of access to profiles, pages, public groups, public channels, websites and the like.
 

In some cases, we also conduct qualitative research using data voluntarily provided by individual contributors which forward messages and media content to our researchers.

 
2.1. Consent

It is only with your consent that your personal data can be collected, stored and analyzed by any organization in accordance with Brazilian law. Consent is the free, informed and unambiguous manifestation by which you authorize any company or organization to use them. This process is what happens, for example, when users of a certain social media accept the terms of use of the platform, which must include consent to access personal data, as well as other types of data produced by the user on the network. Thus, in line with the General Data Protection Law, your data will only be collected, processed and stored with prior and express consent.

Your consent must be obtained by any organization specifically for each purpose described in the terms of use of the platforms.

 
3. What are your rights?

NetLab UFRJ assures users/clients who own the data with which we work, their rights as provided for in article 18 of the General Data Protection Law. This way, you can, free of charge and at any time:
 

  • Confirm the existence of data processing, in a simplified way or in a clear and complete format.

  • Access your data, being able to request them in a readable copy in printed form or electronically, safely and reputably.

  • Correct your data, when requesting its edition, correction or update.

  • Limit your data when unnecessary, excessive or treated in violation of the legislation through anonymization, blocking or deletion.

  • Request the portability of your data, through a registration data report with the corresponding platform.

  • Delete your processed data based on your consent, except in cases provided for by law.

  • Revoke your consent, disallowing the processing of your data.

  • get informed about the possibility of not giving your consent and about the consequences of the refusal.


 
4. How can you exercise your titleholder rights?

In order to exercise your rights as a holder, you must contact the respective platform or website that initially collected and stored your data.

 
5. How and for how long will your data be stored?

Your personal data collected by NetLab UFRJ will be used and stored for the time necessary to provide the service or to achieve the purposes listed in this Privacy Policy, considering the rights of data subjects and controllers.

In general, your data will be kept as long as the contractual relationship between you and each respective platform lasts. After the period of storage of personal data, these must be deleted from our databases or anonymized, except for the hypotheses legally provided for in article 16 general data protection law, namely:

I – compliance with a legal or regulatory obligation by the controlling shareholder;

II – study by research body, ensuring, whenever possible, the anonymization of personal data;

III – transfer to a third party, provided that the data processing requirements set forth in this Law are respected; or

IV – exclusive use by the controller, access by a third party is prohibited, provided that the data is anonymised.

That is, personal information about you that is essential for the fulfillment of legal, judicial and administrative determinations and/or for the exercise of the right of defense in judicial and administrative proceedings will be maintained, despite the exclusion of other data.

The storage of data collected by NetLab UFRJ reflects our commitment to the security and privacy of your data. We employ technical protection measures and solutions able to guarantee the confidentiality, integrity and inviolability of your data. In addition, we also have security measures appropriate to the risks and control access to stored information.

 
6. What do we do to keep your data safe?

To keep your personal information safe, we use physical, electronic and managerial tools aimed at protecting your privacy.

We apply these tools taking into account the nature of the personal data collected, the context and purpose of the treatment and the risks that possible violations would generate for the rights and freedoms of the holder of the data collected and processed.

Among the measures we adopt, we highlight the following:

Only authorized persons have access to your personal data
Access to your personal data is only done after the commitment of confidentiality
Your personal data is stored in a safe and suitable environment.

NetLab UFRJ undertakes to adopt the best postures to avoid security incidents. However, it is necessary to point out that no virtual page is entirely safe and risk-free. It is possible that, despite all our security protocols, problems that are solely the fault of third parties may occur, such as cyber attacks by hackers, or also as a result of negligence or imprudence by the user/customer.

In case of security incidents that could generate risk or relevant damage for you or any of our users/customers, we will inform those affected and the National Data Protection Authority about what happened, in line with the provisions of the General Data Protection Law. Data.

 
7. Who may your data be shared with?

With a view to preserving your privacy, NetLab UFRJ will not share your personal data with any unauthorized third party.

There are other hypotheses in which your data may be shared, which are:

I – Legal determination, application, requisition or court order, with competent judicial, administrative or governmental authorities.

II – Protection of the rights of NetLab UFRJ in any type of conflict, including legal ones.

 
7.1. international data transfer

Some of the third parties with whom we share your data may be located in or have facilities located in foreign countries. Under these conditions, in any case, your personal data will be subject to the General Data Protection Law and other Brazilian data protection legislation.

In this sense, NetLab UFRJ undertakes to always adopt efficient cybersecurity and data protection standards, in the best efforts to guarantee and comply with legislative requirements.

By agreeing to this Privacy Policy, you agree to this sharing, which will take place according to the purposes described in this instrument.

 
8. Cookies or browsing data 

NetLab UFRJ does not use Cookies, which are text files sent by the platform to your computer and stored there, which contain information related to website navigation.

 
9. Amendment to this Privacy Policy

The current version of the Privacy Policy was formulated and last updated on: January 1, 2022.

We reserve the right to modify this Privacy Policy at any time, mainly in terms of adaptation to any changes made to our website or in the legislative field. We recommend that you review it frequently.

Any changes will come into effect as of their publication on our website and we will always notify you of any changes that have occurred.

By using our services and providing your personal data after such changes, you consent to them.

 
10. Liability

NetLab UFRJ provides for the responsibility of agents who work in data processing processes, in accordance with articles 42 to 45 of the General Data Protection Law.

We are committed to keeping this Privacy Policy up to date, observing its provisions and ensuring compliance.

In addition, we are also committed to seeking technical and organizational conditions that are safely able to protect the entire data processing process.

If the National Data Protection Authority requires the adoption of measures in relation to the data processing carried out by NetLab UFRJ, we undertake to follow them.

 
10.1 Disclaimer

As mentioned in Topic 6, although we adopt high security standards to prevent incidents, no virtual page is entirely risk-free. In this sense, NetLab UFRJ is not responsible for:

I – Any consequences arising from the negligence, imprudence or malpractice of users in relation to their individual data. We guarantee and are only responsible for the security of the data processing processes and the fulfillment of the purposes described in this instrument.

We emphasize that the user is responsible for the confidentiality of access data.

II – Malicious actions by third parties, such as hacker attacks, unless proven culpable or deliberate conduct by NetLab UFRJ.

We emphasize that in case of security incidents that may generate risk or relevant damage for you or any of our users/customers, we will inform those affected and the National Data Protection Authority about what happened and we will comply with the necessary measures.

III – Inaccuracy of the information entered by the user/client in the data records analyzed by NetLab UFRJ; any consequences arising from false information or information entered in bad faith are entirely the responsibility of the user/client.

 
11. Data Protection Team

NetLab UFRJ provides the following means for you to contact us to exercise your titleholder rights: netlab@eco.ufrj.br.

If you have questions about this Privacy Policy or the personal data we process, you can contact our Personal Data Protection Team through the following channels: netlab@eco.ufrj.br

bottom of page