ESCOLAS LUMINOVA LTDA (“Escolas Luminova”)
Sede: Avenida Itavuvu, n. 2990, Bairro Jardim Santa Cecília, CEP: 18.078-005
Município de Sorocaba, Estado de São Paulo
CNPJ: 28.849.342/0001-08
The present Policy’s purpose is to demonstrate our commitment to safeguarding your privacy and protecting your Personal Data, establishing rules on its Processing, as well as explaining your rights and how to exercise them, and, also, this policy is applicable to all Schools and operations associated to Escolas Luminova Ltda.

Read this Policy carefully, and should there still be doubts, feel free to get in touch with us through our Service Channels here available.
To best understand this Policy, the following definitions should be considered:

Cookies: small files sent to your browser or device, which store your preferences and other information about how and when Our Environments are visited, as well as the amount of people that accessed them.

Personal Data or Data: is the data related to an individual, which is capable of identifying them or making them identifiable. For example: name, email, National Identification Card (RG) number, personal preferences, IP address, geolocation, etc.

Sensitive Personal Data: is any data about racial or ethnic origin, religious beliefs, political opinion, affiliation to union or religious, philosophical or political organizations, data referring to health or sexual orientation, genetic and biometric data, when linked to an individual.

Handler or Data Protection Officer (DPO): person indicated by Escolas Luminova to act as a channel of communication between us, the Owners of Personal Data and the National Data Protection Authority (ANPD).

Applicable legislation: all legislation on privacy and Personal Data protection, especially Law nº 13.709/218 (General Personal Data Protection Law - LGPD).

Our Environments: refers to the online address https:// and other websites linked to Escolas Luminova, including of diverse operations.

Policy: is this Privacy Policy and Personal Data Processing.

Owner of Personal Data: is you, the individual to whom the Personal Data refers to, be it in the condition of user in our environments.

Processing: all operations regarding Personal Data, such as those of collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storing, deletion, assessment or information control, modification, communication, transfer, diffusion or extraction.
How we collect data. The Data may be collected when you interact with Our Environments.

Registration Data:

What we Collect:
Campus of interest
Type of service (online or in person)
Grade of interest
Full Name of guardian
Marital Status
Country of birth
Cellphone number of guardian
Landline number
Email of guardian
Student’s full name
Guardian’s National Identification Card (RG)
Guardian’s Individual Taxpayer Registration (CPF)
Student’s National Identification Card (RG)
Student’s Individual Taxpayer Registration (CPF)
How you learnt of the school
Degree of relatedness with the student
Education level
Date of Birth
Full Address
Bank Data or of credit or debit card
Health related Data

Why we collect?
1. Identify and authenticate You.
2. Fulfill our obligations resulting from the use of our services.
3. Broaden our relationship, informing you of novelties, features, content, news and other events we consider relevant to you.
4. Enrich your experience with us and promote our products and services.
5. Fulfill our legal and regulatory obligations.

Digital Identification Data:

What we Collect:
IP address and Logical Port of Origin
Device (version of operational system)
Registers for date and time of each action you make
Session ID

Why we collect?

1. Identify and authenticate You.
2. Fulfill our legal obligations of maintaining registers established by the Civil Rights Framework for the Internet (law nº12.965/2014).
3. Fulfill our legal and regulatory obligations.
4. Keep a register of our Personal Data Processing operations, as established by the General Personal Data Protection Law (law nº 13.709/2018).
5. Enhance our site/app.

Necessary data. Our services depend directly on some of the data mentioned above. We may be unable of providing total or parts of our services in the absence of some of this data.
Updating and truthfulness of Data. You are solely responsible for the precision, truthfulness or updating of the Data you supply. We are not compelled to process your Data if there are reasons to believe that such Processing may impute infringement of any applicable law, or if you are using our environments for any illegal or illicit purposes.
Database. The database made through the collection of Data is of our property and is under our responsibility, its use, access and sharing, when necessary, will be done within the limits and purposes desired in this Policy.
Technologies employed. We use Cookies in our environments, leaving up to you to set up your Internet browser to allow or not its use. In this hypothesis, some functionalities we offer may be limited. For more information, see our Cookies Policy.
Hypothesis of Data sharing. The collected Data and registered activities (logs) can be shared:
(I) With judicial authorities, administrative or governmental authorities, always that there be a legal determination, requirement, requisition or warrant;
(II) With companies and business areas within Grupo SEB, which act under this Policy;
(III) With service providers or partners, to facilitate, provide or execute activities related to Our Environments;
(IV) With marketing and advertising companies, to deliver promotions and information suitable to your profile and
(V) Automatically, in the event of societal changes, such as a merger, acquisition or incorporation of Grupo SEB.
Should you have any doubt about whom we share you Data with, get in touch with us through our Service Channels made available at the end of this Policy.
Governance and Safety Practices. To safeguard your privacy and protect your Data, we rely on a governance program with rules of good practice, policies and internal procedures, which establish organizational conditions, training, educational activities and supervision and mitigation of risks related to Personal Data Processing.

Access to Data, proportionality and relevance. Internally, collected Data is accessed only by duly authorized professionals, respecting the principals of proportionality, need and relevance to our business’s objectives, and commitment to confidentiality and the preservation of your privacy under the terms of this Policy.

Adoption of good practices. You are also responsible for the confidentiality of your Data and must be aware that sharing passwords and access data and/or, including sharing passwords, violates this Policy and can compromise the safety of your Data and Our Environments. Should you identify or become aware of a compromise in the safety of your Data, get in touch with our Handler through our Service Channels made available at the end of this Policy.

External links. When you use Our Environments, you may be taken, through a link, to other sites, portals or platforms, which may collect your Data and have their own privacy policy. It is up to you to read these policies, befalling to you the responsibility to accept or reject them. We are not responsible for the privacy policy of third parties nor for the content of any site or service related to environments that are not ours.

Processing by third parties under our directives. We seek to carefully assess our partners and service providers and establish with them contractual obligations of confidentiality, information safety and Data protection, with the objective of protecting you.
Storage location. The collected Data and activity logs (logs) are stored in a safe and controlled environment, potentially in our servers located in Brazil, as well as in a resource usage environment or cloud server (cloud computing), which may demand transferring and/or processing your Data outside Brazil. These transfers only involve companies which demonstrate conformity with the applicable legislation, keeping a standard of conformity similar our more rigorous than that envisaged in the Brazilian legislation.

Storage Term. We store your Data only for as long as is necessary to fulfill the purposes for which they were collected or for the fulfillment of any legal or regulatory obligation or the preservation of rights.

Data disposal. Upon the expiry of the maintenance term and legal requirement, the Data will be deleted using safe disposal methods or used anonymously for statistical purposes.
Your basic rights. The Data is yours and the applicable Legislation brings a series of rights related to it, which you may exercise through a requisition to our Handler through the Service Channels made available at the end of this Policy.

(I) Confirmation and access: you may request the confirmation of the existence of Processing and access to your Data, including by requesting copies of records we have about you.
(II) Correction: you may request the correction of your Data that is incomplete, inaccurate or outdated.
(III) Anonymization, blocking or elimination: you may request the anonymization of your Data, so they may no longer be related to you, the blocking of your Data, suspending temporarily the possibility of Processing for certain purposes, or the elimination of your Data.
(IV) Portability: you may request that we provide your Data in a structured and interoperable format aiming a transfer to a third party, respecting our intellectual properties and trade secrets.
(V) Information about sharing: you may request information about third parties with whom we share your Data, limiting this disclosure to information that do not violate our intellectual properties or trade secrets.
(VI) Withdrawal of consent: you may opt to remove your consent for some purpose you have consented to. This withdrawal will not affect the legality of any Processing carried out previously. If you withdraw your consent for fundamental purposes of regulating the functioning of our environments and services, these may become unavailable to you.
(VII) Opposition: you may oppose the Processing of your Data, should you disagree with some purpose.

Request. For your safety, for every request you make to exercise your rights, we may solicit complementary information to prove your identity, seeking to prevent frauds.

Non-attendance to requests. We may abandon the attendance of some request to exercise your rights, should the attendance violate our intellectual properties or trade secrets, as well as when there is a legal or regulatory obligation for Data retention. Also, we may abandon your request if we need to retain your Data to enable our defense or that of third parties in disputes of any nature.

Replies to requests. We are committed your replying all requests within a reasonable term and always in agreement with the applicable legislation
Content change and update. You acknowledge our right to change the content of this Policy at any time, according to purpose or need, being up to you to verify it always that you access our environments. In the event of relevant updates to the Policy, you will be notified through the contact information you informed us of.

Inapplicability. Should some point of this Policy be considered inapplicable by the National Data Protection Authority or judicial, the remaining conditions will remain in force and effect.

Applicable law and jurisdiction. This policy will be interpreted according to Brazilian legislation, in the Portuguese language, with the jurisdiction of your domicile as of now elected to settle any dispute that involves this document, barring specific caveats of personal, territorial or functional jurisdiction by the applicable legislation.

Update: August 4th of 2021
Service Channels. Should you have any doubts related to the provisions of this Policy, including to exercise your rights, you may get in touch with our Handler, who is at your disposal at the following addresses:

Handler: Tatiane Martins Franco Bascuñan

Email contact: