Cookies refer to text files sent by the website to the user or visitor's computer and is stored therein, with information related to navigation on the site. Such information is related to access data, such as location and time of access and is stored by the user or visitor's browser so that the platform server can read it later in order to improve the platform's services.
When using the app, information sent is recorded, such as IP address, device name and version, operating system type and version, language preferences, in-app search information, access times and dates, and other statistics.
4.1 Different types of cookies
There are 4 different types of cookies. The following cookie categories are based on the classification presented in The International Chambers of Commerce (ICC) Cookie Guide.
Essential cookies: These cookies are strictly necessary to provide services that visitors have requested.
Performance cookies: These cookies collect information about how visitors use websites, for instance which pages visitors go to most often. The information collected by these cookies is aggregated, so these cookies don’t collect information that identifies individual visitors. The information collected is anonymous and is only used to improve the way websites work.
Functionality cookies: These cookies allow websites to remember choices you make (such as your username, language or the region visitors are in) and provide enhanced, more relevant features.
Targeting or advertising cookies: These cookies are used to deliver advertisements that are more relevant to visitors and their interests. They are also used to limit the number of times visitors see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that visitors have visited a website and this information is shared with other organizations such as advertisers.
4.2 Our cookies
Our services use essential and functional cookies. They are listed below:
At EW2Health, we recognize that your privacy is important — both to you and to us. EW2Health is also committed to the fair and transparent processing of our clients’ and website visitors’ personal information. We also strive to ensure that you have the greatest possible control over your information.
This Privacy Notice applies to all users and visitors to all of EW2Health’s websites www.easywaytohealth.com, www.ew2saude.com.br, www.sinque.com.br, www.sinquepro.com.br, www.sinque.us, www.sinquepro.us, www.sinque.nl, www.sinquepro.nl,
(including and any other site operated by EW2Health) and the Sinque mobile application.
EW2Health is represented in Brazil by the company EW2Saúde Ciência e Tecnologia Ltda, duly registered with the CNPJ under no. 009.348.196/0001-84, located in Santo André/SP.
This document has been prepared in accordance with the laws of the countries in which EW2Health B.V. and its representatives operate and may be updated as a result of any regulatory update of our policies, which is why the user is invited to consult it periodically.
For a better understanding of our Privacy Notice, we list below the main concepts used, as provided for in applicable laws:
Personal Data: Any and all information related to the natural person, whether identified or identifiable, including, but not limited to, name, identification document, address, physical and/or electronic, etc.
Sensitive Personal Data: Information on racial or ethnic origin, religious conviction, political opinion, membership of a trade union or organization of a religious, philosophical or political nature, given regarding health or sexual life, genetic data, or any personal data relating to children and adolescents.
Data Subject: Natural person to whom the personal data that are processed refer.
Database: Structured set of all personal data collected.
Anonymized Data: Data whose data subject cannot be identified.
Data Processing: All operations involving personal and sensitive data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination, or extraction.
Controller: natural or legal person, under public or private law, to whom decisions concerning the processing of personal data are responsible.
Operator: natural or legal person, under public or private law, who carries out the processing of personal data on behalf of the controller.
Data Protection Officer (DPO): Person appointed by EW2Health to act as a communication channel between the company, data subjects and Data Protection Authorities (e.g., European Data Protection Authority (DPA) and the National Data Protection Authority in Brazil (ANPD)).
Anonymization: Technical procedure by which personal data ceases to be associated, directly or indirectly, with a given individual.
Consent: Free, informed, and unambiguous manifestation by which the data subject agrees to the processing of their personal data for a specific purpose.
2. How and why do we collect your data?
We collect personal information through our website and mobile application.
Privacy and data protection is important to us. EW2Health respects privacy and transparency in response to any information collected on the website and in the mobile application, limiting the collection only of data necessary for the provision of services and contractual compliance.
We only ask for personal information when we really need it to provide you with the best service and experience, through legal means, with your knowledge and consent. When we store data, we protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification.
3. What are the purposes, types of data and legal basis for the processing of personal data?
Personal data and/or sensitive personal data collected are processed in strict compliance with data protection legislation. In no circumstances will the collected data be used for any purpose other than that for which the data subject's consent was given, contractual and legal compliance and legitimate interest of EW2Health.
We use third-party payment processors to help us process your payment information securely. The use of information by third parties is governed by their respective privacy policies, which may or may not contain security protections similar to this Privacy Notice. We suggest reviewing their respective privacy notices. All direct payment gateways offered by WIX and used by our company follow the standards defined by PCI-DSS managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
By using the services and providing personal information on the platforms, the user is consenting to this Privacy Notice.
5. What measures have been taken to maintain data security?
The Information Security Policy is a formal statement by EW2Health about its commitment to the protection of the information owned by you and/or under your custody and must be fulfilled by all its employees.
EW2Health is committed to ensuring the security and protection of personal data and/or sensitive personal data made available to us: we approve and implement strict rules, adopt various technical and organizational security measures, all in order to protect personal data made available to us against its dissemination, loss, misuse, alteration, processing or unauthorized access, as well as against any other form of unlawful treatment, ensuring the authenticity, confidentiality and integrity of the information.
Compliance with these rules is an obligation of all who legally access the personal data.
It is fundamental for the protection and safeguarding of information that users take the action of Safe Behavior, consistent with the objective of protection of information, and should assume proactive and engaged attitudes with regard to the protection of information.
Notwithstanding the security measures adopted by EW2Health, we are obliged to alert anyone browsing the Internet that they take additional security measures, ensuring the use of an up-to-date computer and browser in terms of properly configured security patches, with active firewall, antivirus and anti-spyware and to make sure of the authenticity of the websites you visit on the Internet, and avoid websites that you don't trust.
If we become aware that the security of the mobile app has been compromised or users' personal information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, notification and cooperation with law enforcement authorities. In the event of a data breach, we will make every reasonable effort to notify affected individuals if we believe that there is a reasonable risk of damage to you as a result of the breach or if notice is required by law. When we do, we'll post a notice on the mobile app and send you an email.
6. Data sharing
We do not share personally identifiable information publicly or with third parties except as required by law or essential to the provision of our services.
We share the data we generate only with the user and with whom they provide permission to share it, such as their health provider, for example.
We will disclose any information we collect, use or receive if required or permitted by law, such as to comply with a subpoena or legal process, and when in good faith we believe that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
7. How does the Data Retention Policy work?
EW2Health keeps sets of personal data stored in accordance with contractual, regulatory and other legal bases applicable to the modalities of processing of personal data.
There is a variety of processing of personal data whose filing period is not determined by law. In these situations, EW2Health stipulates a time limit of custody that is consistent with market practices and the nature of the treatment, as long as there is no specific determination by law or regulatory authority.
Ongoing investigative hypotheses, administrative and judicial proceedings are valid reasons for data maintenance and, regardless of consent, storage periods may be extended in such cases.
EW2Health reserves the right to store the data until the end of the prescribed and/or expiration period of lawsuits, as stipulated by law.
8. What are your rights?
Under the General Data Protection Act, the data subject is guaranteed, among others, the right of access, update, portability, rectification, or deletion of their Personal Data, upon written request addressed to the Data Protection Officer (DPO) at firstname.lastname@example.org (Brazil) and email@example.com (outside Brazil).
These requests can be exercised free of charge and answered as soon as possible and always within 15 (fifteen) days.
9. About international data transfer
Depending on your location, data transfers may involve transferring and storing your information in a country other than your own. You have the right to learn about the security measures taken by us to protect your information. If such a transfer occurs, you can find out more by checking the relevant sections of this document or by consulting us using the information provided in the contact section on the website or via firstname.lastname@example.org (Brazil) and email@example.com (outside Brazil).
10. About data from children/minors
Our apps are developed to be used by people 18+ years old. We do not knowingly collect or process any personal information from people younger than 18 years old. If you are under the age of 18, do not submit any personal information through our mobile app or service. We encourage parents and legal guardians to monitor their children's Internet usage and help comply with this Notice by instructing their children never to provide Personal Information through our Mobile App or Service without their permission. If you have reason to believe that a person under the age of 18 has provided us with personal information through our mobile app or service, please contact us.
11. Changes to this Privacy Notice
We reserve the right to modify this Privacy Notice at any time. It is therefore recommended that users and visitors review it regularly. Changes and clarifications will take effect immediately after publication on the platform.
12. Jurisdiction for conflict resolution
Brazilian law will be fully applied to the settlement of disputes arising from the services rendered in Brazil. Any disputes must be filed in the City Court of Santo André, São Paulo.
Dutch law will be fully applied to the settlement of disputes arising from the services rendered outside Brazil. Any disputes must be filed in the Courts of The Hague, The Netherlands.