top of page


General information

This Privacy Policy contains information about how we treat, in whole or in part, whether automated or not, the personal data of users who access our website. Its objective is to clarify to the interested parties about the types of data that are collected, the reasons for the collection and the way in which the user can update, manage or delete this information.

This Privacy Policy was prepared in accordance with Federal Law n. 12,965 of April 23, 2014 (Marco Civil da Internet), with Federal Law n. 13,709, of August 14, 2018 (Personal Data Protection Law) and EU Regulation n. 2016/679 of April 27, 2016 (European General Regulation for the Protection of Personal Data – RGDP).

This Privacy Policy may be updated as a result of any regulatory update, which is why the user is invited to periodically consult this section.


user rights

The website undertakes to comply with the rules set out in the LGPD, in compliance with the following principles:

– The user's personal data will be processed in a lawful, loyal and transparent manner (lawfulness, loyalty and transparency);

– The user's personal data will only be collected for specific, explicit and legitimate purposes, and may not be further processed in a way that is incompatible with those purposes (purpose limitation);

– The user's personal data will be collected in an adequate, relevant and limited manner to the needs of the purpose for which they are processed (data minimization);

– The user's personal data will be accurate and updated whenever necessary, so that inaccurate data is erased or rectified whenever possible (accuracy);

– The user's personal data will be kept in a way that allows the identification of data subjects only for the period necessary for the purposes for which they are processed (conservation limitation);

– The user's personal data will be treated securely, protected from unauthorized or unlawful treatment and against accidental loss, destruction or damage, adopting the appropriate technical or organizational measures (integrity and confidentiality).

The website user has the following rights, conferred by the Personal Data Protection Law and the LGPD:

– Right of confirmation and access: it is the right of the user to obtain from the website confirmation that the personal data concerning him are or are not being processed and, if that is the case, the right to access his personal data;

– Right of rectification: it is the right of the user to obtain from the website, without undue delay, the rectification of inaccurate personal data concerning him;

– Right to delete data (right to be forgotten): it is the user's right to have their data deleted from the website;

– Right to limit the processing of data: it is the user’s right to limit the processing of their personal data, being able to obtain it when they contest the accuracy of the data, when the treatment is illegal, when the website no longer needs the data for the proposed purposes and when you have objected to the processing of data and in case of unnecessary data processing;

– Right of opposition: it is the right of the user to, at any time, oppose for reasons related to his particular situation, the processing of personal data concerning him, being able to oppose the use of his personal data for definition of marketing profile (profiling);

– Right to data portability: it is the right of the user to receive the personal data concerning him and that he has provided to the website, in a structured, commonly used and machine-readable format, and the right to transmit this data to another website ;

– Right not to be subjected to automated decisions: it is the user’s right not to be subject to any decision taken exclusively based on automated processing, including profiling, which has effects in its legal sphere or which affects it significantly similarly.

The user may exercise their rights by means of a written communication sent to the website with the subject “”, specifying:

– Full name or company name, CPF number (Individual Taxpayer Registry, Federal Revenue Service of Brazil) or CNPJ (National Corporate Taxpayer Registry, Federal Revenue Service of Brazil) and e-mail address of the user and, if it is the case, of its representative;

– Right you wish to exercise with the website;

– Order date and user signature;

– Any document that can demonstrate or justify the exercise of your right.

The request must be sent to the email:, or by mail to the following address:

Information Technology (IT) Manager

Rua Howard Archibald Achenson Jr, 623 – Jardim da Glória – Cotia – SP – 06711280

The user will be informed in case of rectification or deletion of his data.


Duty not to provide third party data

During the use of the site, in order to safeguard and protect the rights of third parties, the user of the site must only provide his personal data, and not those of third parties.


Information Collected

The collection of user data will take place in accordance with the provisions of this Privacy Policy and will depend on the user's consent, which is expendable only in the cases provided for in art. 11, item II, of the Personal Data Protection Law.


4.1. Types of data collected

4.1.1. Data provided in the contact form

Any data eventually informed by the user who uses the contact form available on the website, including the content of the message sent, will be collected and stored.


4.1.2. sensitive data

Sensitive data from users will not be collected, thus understood those defined in arts. 9 and 10 of the LGPD and in arts. 11 and following of the Personal Data Protection Act. Thus, among others, the following data will not be collected:

– data revealing the user's racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership;

– genetic data;

– biometric data to uniquely identify a person;

– data relating to the health of the user;

– data relating to the user's sex life or sexual orientation;

– data relating to criminal convictions or offenses or related security measures.


4.1.3. Collection of data not expressly provided for

Eventually, other types of data not expressly provided for in this Privacy Policy may be collected, provided that they are provided with the user's consent, or that the collection is permitted or imposed by law.


4.2. Legal basis for the processing of personal data

By using the website services, the user is consenting to this Privacy Policy.

The user has the right to withdraw his consent at any time, not compromising the lawfulness of the processing of his personal data before the withdrawal. Withdrawal of consent can be done by email:, or by mail sent to the following address:

Rua Howard Archibald Achenson Jr, 623 – Jardim da Glória – Cotia – SP – 06711280

The consent of the relatively or absolutely incapable, especially of children under 16 (sixteen) years old, can only be given, respectively, if duly assisted or represented.

The processing of personal data without the user's consent will only be carried out on grounds of legitimate interest or for the cases provided for by law, that is, among others, the following:

– for compliance with a legal or regulatory obligation by the controller;

– for carrying out studies by research body, ensuring, whenever possible, the anonymization of personal data;

– when necessary for the execution of a contract or preliminary procedures related to a contract to which the user is a party, at the request of the data subject;

– for the regular exercise of rights in judicial, administrative or arbitration proceedings, the latter pursuant to Law No. 9,307, of September 23, 1996 (Arbitration Law);

– for the protection of the life or physical safety of the data subject or a third party;

– for health protection, in a procedure carried out by health professionals or health entities;

– when necessary to meet the legitimate interests of the controller or a third party, except where the fundamental rights and freedoms of the data subject prevail that require the protection of personal data;

– for credit protection, including the provisions of the relevant legislation.


4.3. Purposes of processing personal data

The user's personal data collected by the site are intended to facilitate, expedite and fulfill the commitments established with the user and to enforce requests made by filling in forms.

Personal data may also be used for commercial purposes, to customize the content offered to the user, as well as to provide subsidy to the website to improve the quality and functioning of its services.

The processing of personal data for purposes not provided for in this Privacy Policy will only occur upon prior notice to the user, and, in any case, the rights and obligations set forth herein will remain applicable.


4.4. Period of retention of personal data

The user's personal data will be kept for a period not exceeding that required to fulfill the purposes for which they are processed.

The data retention period is defined according to the following criteria:

The data will be stored for the time necessary for the provision of the services displayed by the Site.

Users' personal data may only be retained after the end of their treatment in the following cases:

– for compliance with a legal or regulatory obligation by the controller;

– for study by a research body, ensuring, whenever possible, the anonymization of personal data;

– for the transfer to a third party, provided that the data processing requirements set out in the legislation are respected;

– for the exclusive use of the controller, access by a third party is prohibited, and provided that the data is anonymised.


4.5. Recipients and transfer of personal data

The user's personal data may be shared with the following people or companies:

Google Analytics, with address at Av. Brigadeiro Faria Lima, 3477, Itaim Bibi, São Paulo/SP

The transfer can only be made to another country if the country or territory in question or the international organization in question ensures an adequate level of protection of the user's data.

If there is not an adequate level of protection, the site undertakes to guarantee the protection of your data in accordance with the strictest rules, through specific contractual clauses for a given transfer, standard contractual clauses, global corporate standards or seals, certificates and regularly issued codes of conduct.


Processing of personal data

5.1. The data controller (data controller)

The controller, responsible for processing the user's personal data, is the natural or legal person, public authority, agency or other body that, individually or jointly with others, determines the purposes and means of processing personal data.

On this website, the person responsible for processing the personal data collected is the Information Technology (IT) Manager, who can be contacted by email:  or in person at the address:

Rua Howard Archibald Achenson Jr, 623 – Jardim da Glória – Cotia – SP – 06711280

The website also has the following persons responsible for processing the personal data collected:

Information Technology (IT) Manager, email:, Rua Howard Archibald Achenson Jr, 623 – Jardim da Glória – Cotia – SP – 06711280

The data controller will be directly responsible for processing the user's personal data.


5.2. From the data protection officer

The data protection officer is the professional in charge of informing, advising and controlling the data controller, as well as the workers who process the data, regarding the obligations of the website under the terms of the RGDP, the Law of Personal Data Protection and other data protection provisions present in national and international legislation, in cooperation with the competent control authority.

On this site, the data protection officer is the Information Technology (IT) Manager, who can be contacted by email:🇧🇷


Security in the treatment of the user's personal data

The website undertakes to apply technical and organizational measures capable of protecting personal data from unauthorized access and situations of destruction, loss, alteration, communication or dissemination of such data.

To guarantee safety, solutions will be adopted that take into account: adequate techniques; application costs; the nature, scope, context and purposes of the processing; and the risks to user rights and freedoms.

However, the site disclaims responsibility for the sole fault of a third party, as in the case of hackers or crackers, or the sole fault of the user, as in the case where he himself transfers his data to a third party. The site also undertakes to notify the user within an appropriate period of time in the event of any type of violation of the security of their personal data that may pose a high risk to their personal rights and freedoms.

The breach of personal data is a breach of security that causes, accidentally or unlawfully, the destruction, loss, alteration, disclosure or unauthorized access to personal data transmitted, stored or subject to any other type of treatment.

Finally, the site undertakes to treat the user's personal data confidentially, within legal limits.


Browsing data (cookies)

Cookies are small text files sent by the website to the user's computer and which are stored there, with information related to the navigation of the website.

Through cookies, small amounts of information are stored by the user's browser so that our server can read them later. For example, data about the device used by the user, as well as the location and time of access to the website, may be stored.

Cookies do not allow any file or information to be extracted from the user's hard drive, and it is not possible, through them, to have access to personal information that did not come from the user or the way he uses the website's resources. .

It is important to emphasize that not every cookie contains information that allows the identification of the user, and certain types of cookies can be used simply for the website to load correctly or for its functionalities to work as expected.

Any information stored in cookies that allow identifying a user is considered personal data. In this way, all the rules provided for in this Privacy Policy are also applicable to them.


7.1. website cookies

Website cookies are those sent to the user and administrator's computer or device exclusively by the website.

The information collected through these cookies is used to improve and personalize the user experience, and some cookies may, for example, be used to remember user preferences and choices, as well as to offer personalized content.

This navigation data may also be shared with any partners of the site, seeking to improve the products and services offered to the user.


7.2. Social network cookies

The website uses social media plugins, which allow you to access them from the website. Thus, in doing so, the cookies used by them may be stored in the user's browser.

Each social network has its own privacy and personal data protection policy, and the individuals or legal entities that hold them responsible for the data collected and the privacy practices adopted.

The user can search, along with social networks, information on how their personal data is treated. For information purposes, we provide the following links, from which the privacy and cookies policies adopted by some of the main social networks can be consulted:









7.3. Management of cookies and browser settings

The user may oppose the registration of cookies by the website, simply by deactivating this option in their own browser or device.

Disabling cookies, however, may affect the availability of some tools and features of the website, compromising its correct and expected functioning. Another possible consequence is the removal of user preferences that may have been saved, harming your experience.

Below are some links to the help and support pages of the most used browsers, which can be accessed by users interested in obtaining more information about managing cookies in their browser:

Internet Explorer:


Google Chrome:

Mozilla Firefox:



Complaint to a control authority

Without prejudice to any other administrative or judicial remedy, all data subjects are entitled to file a complaint with a control authority. The complaint may be made to the authority of the site's headquarters, the user's country of habitual residence, his place of work or the place where the infringement was allegedly committed.


of the changes

This version of this Privacy Policy was last updated on: 01/09/2020.

The editor reserves the right to modify the present rules at any time on the website, especially to adapt them to the evolution of the website, either by making new functionalities available, or by suppressing or modifying those that already exist.

The user will be explicitly notified in case of changes to this policy.

By using the service after any modifications, the user demonstrates his agreement with the new rules. If you disagree with any of the modifications, you must immediately interrupt access to the website and present your reservation to the customer service, if you so wish.


Applicable law and forum

For the solution of disputes arising from this instrument, Brazilian law will be fully applied. Any disputes must be submitted to the jurisdiction of the district where the headquarters of the website editor is located.

© 2021 by Naturelle Ind. Natural products

All rights reserved

bottom of page