Privacy portal - DuaPi Epi

Privacy portal

PO | Rating: Public | Version Date: 09/08/2022 | Version: 1.0

Dear Owners, welcome to the DuaPi Sistemas Privacy Portal.

For DuaPi Sistema, it is extremely important to ensure that we have a transparent relationship, in addition to guaranteeing the privacy and security of your data. Here you can get to know a little better what the General Law for the Protection of Personal Data (LGPD) is, its main aspects and how you can exercise the rights conferred by this regulation in relation to your data.

If you want to know how DuaPi Sistema processes personal data, learn more in the Privacy Policy and/or Cookie Notice, according to the links below.


The General Law for the Protection of Personal Data (LGPD), Law n° 13.709/2018, was enacted to protect the fundamental rights of freedom and privacy and the free formation of the personality of each individual. The Law talks about the processing of personal data, arranged in physical or digital means, carried out by an individual or legal entity governed by public or private law, encompassing a wide range of operations that can occur in manual or digital means.

Within the scope of the LGPD, the processing of personal data can be carried out by two processing agents, the Controller and the Operator. In addition to them, there is the person in charge of data (DPO), who is the person appointed by the Controller and operator to act as a communication channel between the Controller, the Operator, the data subjects and the National Data Protection Authority (ANPD ).


According to the LGPD, personal data in general terms are information or sets of information capable of identifying (directly) or making a person identifiable (indirectly) within a context. The LGPD differentiates data by groups or that may jeopardize fundamental rights, such as data from children/adolescents and sensitive data respectively.

Some examples of personal data:

-Common personal data: Name, nicknames, surnames, registration of natural persons (CPF), birth certificate, telephones, e-mails, etc.

-Sensitive personal data: Photos, videos, fingerprints, philosophical issues, political and health issues, etc.

We can still have a set of data that receives special emphasis in the legislation when we refer to children/adolescents.


Privacy is the controlled use of the exposure of personal data within public or business entities of the information, without access by third parties (Person without bond), in accordance with current laws and information given to holders.


The LGPD regulates the use of personal data and does not apply to any situation. A few elements need to be clear when you want to invoke this standard to claim rights. Likewise, whenever there is specific legislation for certain issues, the LGPD cannot be invoked to the detriment of specific legislation.

But after all, in which cases does the LGPD apply. Here are some examples:

The. When processing of personal data takes place in national territory;

B. When the processing activity aims to offer or supply goods, services or data processing of individuals located in the national territory;

w. When the treatment data have been collected in the national territory.

There are hypotheses in the legislation when the LGPD does not apply, for more information consult the website of regarding this legislation.


To better understand what processing of personal data is, we will define it as: Collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication , transfer, diffusion or extraction according to the applicable legislation.


Brazilian legislation determines two agents for the processing of personal data, they are:

The. Controller: The controller is responsible for identifying himself as directly responsible for data processing, providing information to data subjects, being transparent, carrying out treatment in accordance with applicable legislation, establishing standards of treatment, security and privacy within the organization and operators;

B. Operator: It is up to the operator to operate the data processing in accordance with the applicable legislation and observe the determinations of the controller.

Controller/operator internal departments are not considered operators as they act on behalf of treatment agents.


Personal data belong to their holders and belong to them, therefore, some rights ensure ownership, as previously informed, when there is legislation or specific understanding that contradicts the LGPD, this must be supplied in line with the specific rule:

The. Confirmation of the existence of treatment;

B. Data access;

w. Correction of incomplete, inaccurate or outdated data;

d. Anonymization, blocking or deletion of data that is unnecessary, exclusive or treated in violation of the LGPD.

It is. Portability of data to another service or product provider, upon express request, in accordance with the regulations of the National Authority, observing commercial and industrial secrets;

f. Elimination of personal data processed with the consent of the holder, except in the cases provided for in art. 16 of the Law;

g. Information from public and private entities with which the Controller carried out shared use of data;

H. Information about the possibility of not providing consent and the consequences of the refusal;

i. Revocation of consent, pursuant to § 5 of art. 8 of the Law.


DuaPi Sistemas establishes Mr. Samuel Machado Cardoso.


DuaPi Sistemas provides the button below called “Speak with the DPO” as the correct way in which you can communicate with our DPO.

If you wish to contact us by letter, please use the information below and use the DPO as recipient.

Rua Princesa Isabel, room 901, nº 40 Prime Tower building – Centro, Criciúma – SC, 88801-110.


DuaPi Sistemas reserves the right to make changes to this Documentation, the Privacy Policy and the Cookies Notice at any time to meet your interest, for necessary actions that reflect practical actions and legal/normative issues. Please regularly consult these documents before taking any action on providing personal data. The organization may notify the data subject whenever there are relevant changes and publish the changes on the website before they become effective for knowledge and consent when relevant.


*When in the condition of data operator, we will not respond to the holders, indicating when possible their controller.

**The request for rights such as the deletion of personal data will only be allowed when the legal basis used allows the procedure.