Política de privacidade
Introduction
- Welcome to the Tatame privacy policy provided via tatame.com.br. This Privacy Notice sets out what personal information we collect from you when you use, access or interact with the Tatame Website (or any other electronic platforms) (together the “Tatame Platform”), how we collect your personal information, why we collect it and how we use it, and related matters.
- Please read this Privacy Notice carefully to understand Our views and practices regarding your personal information and how we will treat it and contact Us if you need any clarity or assistance, using the contact details set out at the end of this notice.
- Tatame respects your privacy and is committed to protecting your personal data and processing it in compliance with applicable laws – notably:
- The Maltese Data Protection Act (Chapter 586 of the Laws of Malta) as well as the various subsidiary legislation issued under the same – the ‘DPA’;
- The Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – the ‘GDPR’;
- Any other data protection legislation or instrument in the territory or market of operation, as may be applicable by virtue of territorial or extra-territorial scope of application.
This Privacy Notice is applicable to:
- This privacy policy aims to give you information on how We collect and process your personal data through or in conjunction with your use of this website and Our Services.
- This Privacy Policy stipulates details and conditions of collecting and processing your Personal Details and provides you with information in accordance with the transparency principle and requirements under the applicable data protection laws.
- This website is not intended for children and we do not knowingly collect data relating to children (below 18 years of age).
- Tatame is the controller responsible for your personal data and forms part of the CX Media Ltd. CX Media Ltd is incorporated and registered in Malta with company number C99478 whose registered office is at Q2, Ground Floor, Unit B,Tigne Point, Sliema TP01, Malta (referred to as "Tatame", "We", “we”, "us" or "our" in this Privacy Policy).
- Although Our goal is to always be as clear and transparent as possible, if You need any clarification on this Privacy Policy or a specific legal basis We are relying on to process Your Personal Data for a specific processing operation, We would be happy to provide You with any such information You may need, by the email address [email protected]
- We reserve the right, at Our complete discretion, to change, modify, add and/or remove portions of this Privacy Policy at any time. You shall be, in advance, informed by Us of any material changes made to this Privacy Policy (as well as other terms and conditions relevant to the Site).
Links to Third-Party Websites and Apps
Our website may contain links to third party websites and applications. Please note that within these third-party websites and applications you will be subject to other Terms of Use and Privacy Policies. Our Terms of Use and Privacy Policy are not valid on third-party websites and applications.
What Personal data we collect
- We may receive and process different categories of your personal data, such as information about the device or browser accessing Tatame website, such as unique device identifiers, IP address, type, model, settings, operating system, system activity and crash reports for your device and browser, such as unique device identifiers, IP addresses, the type of device used to access the Tatame Website, hardware model and settings, operating system, browser type, language, system activity, and crash reports.
- We also collect certain information about your activities observed when you are accessing and using the Tatame Website including details of how, when and for how long you have accessed, viewed or used any of our platforms as well as details regarding site traffic and usage information (for example search queries, navigation behaviour and viewing time).
- We may also store certain information collected via the use of cookies, web beacons, advertising IDs and other technologies, including ad data. For more information on cookies please refer to the Cookies section of this Privacy Policy.
- When you access the Tatame Website based on your IP address, we may determine the geographical location of a device used to access Tatame Platform based on your IP address or third party geolocation services.
For What purposes do we process personal data?
- We collect, use and store your personal data for the purpose of providing, promoting, maintaining, personalising and improving our services, to develop new services, to improve your overall user experience, develop content on our website, secure and maintain website function and to protect Us, our Tatame Platforms, content partners and our users from fraudulent or illegal activity.
- We process your data in order to provide customer support services and to communicate with you, including to inform you about any changes to Tatame Terms of Use and Privacy Policy.
- We might process your data to fulfil any contractual obligations with our business partners for the purpose of offering the Tatame Platforms. Where you give consent, we may use your personal data for the purposes of marketing of the Tatame Platform and each of Our affiliate group company products and services (including but not limited to CX Media Ltd), including through advertising tailored for individual or group needs and preferences, for example online advertising, which is our legitimate interest for processing personal data.
- We process information about you for the purposes of research, analytics, development, improvement (including user experience improvement), administration, maintenance, technical support and security of the Tatame Website which is our legitimate interest for processing personal data.
Who are the recipients of personal data?
- Your personal data may be disclosed to the following categories of recipients:
1.1 Tatame and its affiliates, which includes our holding companies, subsidiaries and entities that control or are under common control with Tatame for the following purposes: (a) processing for the purposes of customer preferences, analytics and research, and subject to your consent the marketing of Tatame and its affiliates’ products and services; and (b) processing it on behalf of Tatame for various operational purposes when necessary (such as website hosting, maintenance, email communication services and get all information required for the computation and tabulation of points);
1.2 marketing services providers supporting us in promoting the Tatame Platform, including marketing agencies, email distribution and other marketing tools providers, publicly available sources (e.g. Google search, all social media services like Facebook, Twitter, Pinterest, Instagram, LinkedIn), as well as other services/sites, as well as analytics services providers;
1.3 partners who may offer access to the Tatame Platform on our behalf and/or partners with whom We cooperate with respect to hosting and placing the Tatame on their platforms;
1.4 third parties, including governmental bodies, courts or bodies of similar nature, when it is required in order to comply with Applicable laws, to enforce or investigate potential violations of our terms of use or any other contract between you and us, to protect our rights, property or safety or that of our customers, employees, and other third parties; and/or
1.5 third party in relation to reorganisation of the Tatame or CX Media Ltd, in particular a third party that acquires (or proposes to acquire) ownership or control of our assets, shares or management, or that of our affiliates by any means, or a third party from whom we acquire, ownership or control of assets, shares or management.
1.6 Some of our suppliers and partners (as listed above) are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- transfer your personal data is performed to countries, territories, or subject to arrangements or mechanisms that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see here
- where we use service providers which are not subject to an adequacy mechanism, we will ensure that additional safeguards and measures are put in place as required, including by incorporating specific contracts approved by the European Commission. For further details, see here.
- Please Contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
How long do we store data?
- Data Retention Principles: We process your personal data for the duration of your registration and holding of a Tatame Account on the relevant Tatame Platform and following the end of such registration or holding of the Tatame Account to the extent that the data is necessary for the purposes with respect to which we are permitted and/or required to process data, in any event no longer than for the period of expiry of claims, including for the following purposes:
1.1 compliance with obligations resulting from Applicable laws to which We are subject;
1.2 establishment, exercise or defence of legal claims as well as for the purposes any other legal proceedings or compliance with any judgments and/or decisions issued by public authorities;
1.3 research and analytics;
1.4 marketing of Our products and services; and
1.5 maintaining the Tatame Account in accordance with clause 2.
- Access to your Tatame Account after termination: Following the cancellation or termination of your Tatame Account, your Tatame Account, and your personal data and any related information will be deleted and not available should you re-subscribe. Data shall only be retained for a legitimate legal purpose as may be required by any relevant data laws.
- Data retention Principles with respect to consent: As outlined in clause above we might be processing your data based on consent. In addition, we process data only as long as the consent is valid and to the extent that the data is necessary for the purposes with respect to which we are permitted and/or required to process data.
- Where appropriate we will encrypt, pseudonymize, anonymize and/or segregate information so that we may make use of it in a manner that avoids unnecessary identification, in the interest of protecting your privacy and enhancing security practices.
Your rights under the Data Protection Laws
1.1 Your Right of Access
You may, at any time, with reasonable intervals, request Us to confirm whether or not We are processing personal data that concerns You and, if We are, you shall have the right to access that personal data.
1.2 The Right to Erasure (The Right to be Forgotten)
You have the right to ask Us to delete Your personal data and We shall comply without undue delay but only where:
- The personal data are no longer necessary for the purposes for which they were collected; or
- You have withdrawn Your consent (in those instances where We process on the basis of Your consent) and We have no other legal ground to process Your personal data; or
- You have successfully exercised Your right to object; or
- Your personal data have been processed unlawfully; or
- There exists a legal obligation to erase the data to which We are subject; or
- Special circumstances exist in connection with certain children’s rights.
In any case, We shall not be legally bound to comply with Your erasure request if the processing of Your personal data is necessary:
- for compliance with a legal obligation to which We are subject (including but not limited to Our data retention obligations); or
- for the establishment, exercise or defence of legal claims. There are other legal grounds entitling Us to refuse erasure requests although the two instances above are the most likely grounds that may be invoked by Us to deny such requests. You may request the erasure by contacting us.
1.3 The Right to Data Restriction
You have the right to ask Us to restrict (that is, store but not further process) Your personal data but only where:
- The accuracy of Your personal data is contested, for a period enabling Us to verify the accuracy of the personal data; or
- The processing is unlawful, and You oppose the erasure of Your personal data; or
- We no longer need the personal data for the purposes for which they were collected but You need the personal data for the establishment, exercise or defence of legal claims; or
- You exercised Your right to object and verification of Our legitimate grounds to override Your objection is pending.
Following Your request for restriction, except for storing Your personal data, We may only process Your personal data:
- Where We have Your consent; or
- For the establishment, exercise or defence of legal claims; or
- For the protection of the rights of another natural or legal person; or
- For reasons of important public interest.
You may request the restriction by contacting us.
1.5 Right to withdraw consent (when we process your data on the basis of consent)
In those cases where We process Personal Data on the basis of Your consent (which We will never presume but which We shall have obtained in a clear and manifest manner from You), YOU HAVE THE RIGHT TO WITHDRAW YOUR CONSENT AT ANY TIME and this, in the same manner as You shall have provided it to Us.
Should You exercise Your right to withdraw Your consent We will determine whether at that stage an alternative legal basis exists for processing Your Personal Data (for example, on the basis of a legal obligation to which We are subject) where We would be legally authorised (or even obliged) to process Your Personal Data without needing Your consent and if so, notify You accordingly.
When We ask for such Personal Data, You may always decline, however should You decline to provide Us with necessary data that We require to provide requested services, We may not necessarily be able to provide You with such services (especially if consent is the only legal ground that is available to Us).
Just to clarify, consent is not the only ground that permits Us to process Your Personal Data (there are various grounds that We rely on when processing Your Personal Data for specific purposes).
1.6. The Right to lodge a Complaint
You also have the right to lodge complaints with the appropriate Data Protection Supervisory Authority. The competent authority in Malta is the Office of the Information and Data Protection Commissioner (OIDPC). We kindly ask that You please attempt to resolve any issues You may have with Us first (even though, as stated above, You have a right to contact the competent authority at any time).
Cookies
- In order to ensure that the Tatame Website work properly, to provide you with a personalised experience, we and certain of our third party service providers may set cookies or similar technologies (such as in particular web beacons, pixels and advertising identifiers) on your device, subject to your consent where relevant. A cookie is a small text file that a website saves on your computer or mobile device when you visit the website. It enables the website to remember your actions and preferences (such as session status, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
- The Tatame Website uses two basic cookie types: session cookies and persistent cookies. Session cookies are temporary files stored on the user’s end device until the user logs out, leaves the website or closes the software (web browser). Persistent cookies are stored on the user’s end device for the time specified in the parameters of the cookies or until deleted by the user.
- In many cases, the default settings of the web browsing software (web browser) enable cookie storage on the user’s end device. You can delete or block cookies from being set in your web browser settings or relevant software. Cookies set by Us will likely be labelled as first party cookies, and those set by our partners will be labelled third party cookies. Certain parts of the Tatame Website may not work properly if first party cookies are blocked or deleted.
- The types of cookies and the purposes for which they are used on the Tatame Website include:
4.1 strictly necessary cookies, which enable use of the services available on the Tatame Website for example cookies used for authentication of users and cookies that ensure security;
4.2 performance cookies, which help us collect information about how the Tatame Website is used, so that we can perform analytics and improve their performance;
4.3 functionality cookies, which remember choices made by the user and personalise the interface and allow enhanced functionality and personalisation of the Tatame Website;
4.4 targeting cookies and advertising IDs for delivering adverts more relevant to users and their interests, as well as ad conversion tracking; these cookies are mainly set by our advertising partners; and
4.5 Third parties that engage in online behavioural advertising, or that provide such services to us as service providers, may offer additional control over this practice via a self-regulatory body called the European Interactive Digital Advertising Alliance. For further details regarding the collection of information by third-party advertising companies or to exercise choices over online behavioural advertising practices, visit https://youronlinechoices.eu/.
This version of this Privacy Notice applies from October 1st, 2023.