Skip to content

Privacy Policy

General information

This Privacy Policy contains information about the collection, use, storage, treatment, and protection of personal data of users and visitors to our website. Its purpose is to demonstrate absolute transparency regarding the matter and clarify to all interested parties the types of data collected, the reasons for the collection, and how users can manage or delete their personal information.

This document was prepared in compliance with the General Data Protection Law (Law 13.709/18) and may be updated due to regulatory updates, which is why users are invited to periodically consult this section.

Responsible for information processing

All information covered by this policy will be handled by Pictorama Design e Vídeo Ltda., a legal entity registered under CNPJ No. 10.595.410.0001/86, controller of the Lumi brand.

Contact information

For the role of data protection officer, Pictorama appoints Marcus Siqueira, with whom users and authorities can contact via email at [email protected] or by mail sent to the following address: Rua Alcindo Guanabara, 24/1803 – 20031-130 – Centro, Rio de Janeiro, RJ.

Who in our team has access to data

The following brands may process data under the responsibility of Pictorama:

  • Lumi: a brand controlled by Pictorama.
  • Pictorama

Pictorama also shares personal data with the following course management, event, and payment processing companies:

  • PagSeguro Internet S/A: CNPJ No. 08.561.701/0001-01.
  • PayPal do Brasil Serviços de Pagamento Ltda.: CNPJ No. 10.878.448/0001-66.
  • Launch Pad Tecnologia, Serviços e Pagamentos Ltda. (“Hotmart”): CNPJ No. 13.427.325/0001-05.
  • Eventbrite Brasil Gestão Online de Eventos: CNPJ No. 15.913.672/0001-65.

The third parties mentioned receive data as necessary to perform the contracted services. Each has its own privacy policy, which we recommend reading to understand how they use personal information.

Suppliers may be located in or have facilities in different countries. In these cases, personal data transferred may be subject to the laws of the jurisdictions where the service provider or its facilities are located. By accessing our services and providing your information, you consent to the processing, transfer, and storage of this information in other countries.

In the event of a merger or sale of the platform to another company, user data may be transferred to the new owners to maintain the services offered.

Our team members have access to the information you provide us. For example, administrators and store managers can access:

  • Order information, such as what was purchased, when it was purchased, and where it should be sent.
  • Customer information, such as name, email address, and billing and delivery information.

Team members have access to this information to help fulfill orders, process refunds, and offer support to you.

The following brands may process data under the responsibility of Pictorama:

  • Lumi: a brand controlled by Pictorama.
  • Pictorama

Pictorama also shares personal data with the following course management, event, and payment processing companies:

  • PagSeguro Internet S/A: CNPJ No. 08.561.701/0001-01.
  • PayPal do Brasil Serviços de Pagamento Ltda.: CNPJ No. 10.878.448/0001-66.
  • Launch Pad Tecnologia, Serviços e Pagamentos Ltda. (“Hotmart”): CNPJ No. 13.427.325/0001-05.
  • Eventbrite Brasil Gestão Online de Eventos: CNPJ No. 15.913.672/0001-65.

The third parties mentioned receive data as necessary to perform the contracted services. Each has its own privacy policy, which we recommend reading to understand how they use personal information.

Suppliers may be located in or have facilities in different countries. In these cases, personal data transferred may be subject to the laws of the jurisdictions where the service provider or its facilities are located. By accessing our services and providing your information, you consent to the processing, transfer, and storage of this information in other countries.

In the event of a merger or sale of the platform to another company, user data may be transferred to the new owners to maintain the services offered.

Our team members have access to the information you provide us. For example, administrators and store managers can access:

  • Order information, such as what was purchased, when it was purchased, and where it should be sent.
  • Customer information, such as name, email address, and billing and delivery information.

Team members have access to this information to help fulfill orders, process refunds, and offer support to you.

How we collect data

User and visitor personal data are collected by the platform in the following ways:

  • When the user creates an account/profile on the site.
  • When the user registers for one of our events.
  • When the user requests the download of a file available on our site.
  • When the user purchases one of our products.
  • When the user sends us a message through our contact form.
  • When a user accesses site pages.
  • Through third parties: the site receives data from third parties, such as Facebook and Google, when a user logs in with their profile from one of these sites. The use of these data is previously authorized by users with the third party in question.
  • When the user subscribes to a newsletter or requests notification about an event.

What personal data is collected

The personal data collected from users and visitors are as follows:

  • Account/Profile creation data: basic information such as name, email, city or state of residence, and profession.
  • Data for completing transactions: in addition to basic data, address, CPF, and payment and transaction details such as credit card number and other card information, as well as payments made. Credit card data collected by partner companies responsible for payment methods are not stored on the platform and cannot be shared.
  • Data for navigation optimization: access to pages, search keywords, recommendations, comments, interaction with other profiles and users, followed profiles, IP address.
  • Newsletter subscription data: the email registered by the visitor who chooses to subscribe to the newsletter will be collected and stored until the user requests unsubscription.
  • Contract-related data: upon formalizing a purchase and sale or service provision contract between the platform and the user, data related to the contractual execution may be collected and stored, including communications between the company and the user.

Sensitive data

We do not collect any sensitive user data such as ethnic or racial origin, political opinions, religious beliefs, health information, or sexual orientation.

Purpose of data collection and processing

The personal data of users and visitors collected and stored are intended to:
  • User and visitor well-being: improve the product and/or service offered, facilitate, expedite, and fulfill commitments established between the user and the company, improve the user experience, and provide specific features depending on the basic characteristics of the user.
  • Platform improvements: understand how the user utilizes the platform’s services to aid in business and technical development.
  • Advertisements: present personalized advertisements to the user based on the data provided.
  • Commercial: data are used to personalize the content offered and generate support for the platform to improve the quality of service functionality.
  • User profile forecasting: automated processing of personal data to evaluate platform usage.
  • Registration data: allow user access to certain platform content, exclusive to registered users.
  • Contract data: provide legal security to the parties and facilitate business completion.
The processing of personal data for purposes not provided for in this Privacy Policy will only occur upon prior communication to the user, so that the rights and obligations herein remain applicable.

How long data is stored

The personal data of users and visitors are stored by the platform for the period necessary to provide the service or fulfill the purposes outlined in this document, as provided in Article 15, Section I of Law 13.709/18.

Data may be removed or anonymized at the user’s request, except in cases where the law provides for different treatment.

Furthermore, personal data of users can only be kept after the end of their processing in the following cases provided for in Article 16 of the referred Law:

  • Compliance with a legal or regulatory obligation by the controller.
  • Study by a research body, ensuring, whenever possible, the anonymization of personal data.
  • Transfer to a third party, provided the data processing requirements established in this Law are respected.
  • Exclusive use by the controller, provided access by a third party is prohibited, and the data are anonymized.

Upon revocation or cancellation, you will automatically renew your registration by subscribing to new events or filling out a form on our site again.

Data security

Pictorama commits to applying technical and organizational measures to protect personal data from unauthorized access and situations of destruction, loss, alteration, communication, or dissemination.

We use encryption and other appropriate measures to protect your information. Specifically, we take precautionary measures to protect personal data against loss or misuse and use security procedures to prevent unauthorized access to these personal data. However, data transmission over the internet is not completely secure. Therefore, we cannot guarantee that third parties will not be able to unlawfully intercept or access private transmissions and communications. Your security also depends on you, so it is important that you protect and securely maintain your registration data, especially your password.

In the event of a security breach of your personal data, the company commits to notifying the user.

Cookies or browsing data

Cookies refer to text files sent by the platforms to the user’s and visitor’s computer and stored there, containing information related to website navigation. Such information is related to access data, such as location and access time, and is stored by the user’s and visitor’s browser so that the platform’s server can read it later to personalize the platform’s services.

The user and visitor of the platform acknowledge and accept that a data collection system may be used through the use of cookies.

The persistent cookie remains on the user’s and visitor’s hard drive after the browser is closed and will be used by the browser in subsequent visits to the site. Persistent cookies can be removed by following your browser’s instructions. The session cookie is temporary and disappears after the browser is closed. You can reset your web browser to refuse all cookies, but some features of the platform may not function properly if the ability to accept cookies is disabled.

Links and embedded media

Our site may contain links to third-party sites. By clicking on one of these links, you will be directed to these pages, which may collect information about you. Please review the privacy policies of these sites to understand their practices and how they use your information. We are not responsible for your access to third-party sites.

Pages and articles on this site may also include embedded content such as videos, images, articles, etc. Embedded content from other sites behaves exactly as if the visitor were visiting the other site.

These sites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with embedded media.

Comments

When visitors leave comments on the site, we collect the data shown in the comments form, as well as the visitor’s IP address and browser data, to help detect spam.

An anonymized string of characters created from your email (also called a hash) may be sent to Gravatar to verify if you use the service. Gravatar’s privacy policy is available at https://automattic.com/privacy. After your comment is approved, your profile picture is publicly visible next to your comment.

Consent

By using our website, the user consents to this Privacy Policy. If you do not agree with these terms, you should cease using the platform.

By using the forms available on our website, the user authorizes the company to contact them through the provided channels, including email, phone, WhatsApp, and any other means provided.

When registering, the user acknowledges their rights to cancel their registration, access, and update their personal data, and guarantees the truthfulness of the information provided.

The user has the right to withdraw their consent at any time. To do so, they should contact us through one of the channels provided in the Contact Information section.

Minors

We do not collect information about children and adolescents without the express and specific consent of a parent or legal guardian, except when necessary to contact the parent or legal guardian, used only once and without any storage.

Changes to the Privacy Policy

In the event of a change in the Privacy Policy, Pictorama will inform its users either by posting in a prominent area on the website, by email, or by any other means that allows communication with you. We also invite the user to periodically review this section.

Changes and clarifications will take effect immediately upon their publication. By using the service or providing personal information after any modifications, the user and visitor demonstrate their agreement with the new terms.