Privacy Policy
1. INTRODUCTION
This Privacy Policy describes how YINFLOW LTDA, a legal entity governed by Private Law, registered with the CNPJ under number 42.516.954/0001-00, established at Avenida Brigadeiro Faria Lima, No. 2369, Conj. 1102 - Neighborhood: Jardim Paulistano, São Paulo/SP - CEP 01452922, collects, uses and protects the personal data of USERS who access and use the features and services of the Yinflow.Life website (available at
https://yinflow.life). This policy complies with Federal Law No. 12,965 of April 23, 2014 (Internet Civil Framework) and Federal Law No. 13,709, of August 14, 2018 (Personal Data Protection Act).
2. DATA COLLECTION AND USE
2.1. We obtain your personal data through your registration carried out at the time of your registration or use of our services. When you register on our platform or app, we ask you to provide basic data, including your name, email address.
2.2. You can also add information that includes, but is not limited to:
Name
Last Name
Marital status
Birthdate
CPF
Townships
Townships
Address
Number
District
State
2.3. The use of our services can take place through our website or mobile application. Our services allow: scheduling an appointment with specialists, evaluating your experience, verifying the history of your visits, and managing your user account. From your user account on the mobile app, you can manage push notifications and other system notifications.
2.4. The data will be stored on our platform and transferred to the health professional and/or the clinic that employs the specialist. Once your personal data is transferred to the health professional or establishment, the latter becomes, in accordance with the legislation, a data controller who will process your personal data for their own purposes.
3. Data Sharing
3.1. We may share your personal data with other companies that operate data for Yinflow.Life under contractually established privacy protection clauses, solely for the purpose of providing services to you. However, we don't share or sell your SMS opt-in option or your phone number for SMS purposes.
3.2. Examples of data operator categories include:
Cloud hosting and server maintenance providers
Communication tools
Customer support tools
External advisors, auditors, or advisors
Health insurance companies and operators, payment service providers, banks, credit reference and fraud prevention agencies, and insurance companies
IT companies that provide us with software and similar services
Companies that authorize appointments and procedures through health plan operators
Companies that allow the issuance of revenues, electronic prescriptions, and invoices
3.3. We may share data in order to meet legal requirements, to enforce our policies, to contact judicial or regulatory authorities, when required by applicable law, and to protect our rights and property.
3.4. We may also share your personal information with other business entities if we plan to merge, receive investments, or be acquired by a business entity.
4. Anonymized Data
4.1. Sensitive data, in particular, the health data that you provide to us will be anonymized. Anonymization is a data processing technique that removes or modifies data that can identify a person, resulting in anonymized information that cannot be associated with a specific individual.
4.2. By analyzing anonymized data, we can create safe and useful products and features for you, based on a better understanding of the needs and preferences of our users. We may also share anonymized data with others, without compromising the privacy of our customers.
4.3. Some of our providers (data operators) are based outside Brazil, however, in order to transfer your personal data to third countries, we always guarantee that these transfers meet the security requirements of the Personal Data Protection (LGPD), Law No. 13,709, of 14/08/2018.
5. Personal Data Processing Time
5.1. At any time, if you have any questions about your personal data, you can contact us through our communication channels. You have the right to request the deletion of the submitted data at any time, by e-mail:
dpo@yinflow.life or by mail to our address.
5.2. We will only keep the information we collect about you for as long as necessary for the purposes set out above or as necessary to comply with any legal obligations to which we are subject.
5.3. The period for which we will have information about you will vary depending on the type of information and the purposes for which we use it. In general, we will keep our records for up to 5 years after you end your relationship with us in order to comply with our legal obligations. For more details, see the following table:
|
| Providing you with our services | We will process your personal data until you have a user account or an active service contract. If you delete your user account or service contract is terminated, we will process your personal data for an additional period of 5 years from the date of deletion. |
| Patient data: Book a visit or organize a medical exam | We will process your personal data until you have a user account. If you delete your user account, we will process your personal data for an additional period of 5 years. |
| Technical information and statistics | We will process your personal data until you have a user account. If you delete your user account, we will process your personal data for an additional period of 5 years. |
| Marketing | We will process your personal data until you withdraw your consent for marketing purposes, included in this Privacy Policy or object to the processing of your personal data. To withdraw your consent, please contact dpo@yinflow.life. |
| Complaints | We will process your personal data for 5 years after you have submitted a complaint. |
| Health data storage functionality for sharing with health professionals | The health data included in your health profile will be deleted after the account is deactivated or if you revoke your consent. The rest of the data will be kept for 5 years after you delete the Health Profile or your account. |
| Medical records | The length of time a medical record is kept in Brazil for 20 years, in accordance with Law 13,787/18, which regulates the digitization and use of computerized systems for keeping, storing, and handling patient records. |
| What is done with my data after 20 years? | According to Law No. 13,787, dated December 27, 2018: “Article 6 After a minimum period of 20 (twenty) years has elapsed from the last record, paper and digitized medical records may be deleted. § 1 Differentiated deadlines for keeping a patient record, on paper or digitized, may be fixed by regulation, according to the potential for use in studies and research in the areas of health, human and social sciences, as well as for legal and evidentiary purposes. § 2 Alternatively to elimination, the medical record may be returned To the patient . § 3 The deletion process must protect the patient's privacy and the confidentiality and confidentiality of the information. § 4 The final destination of all medical records and their disposal will be recorded in the form of a regulation. § 5 The provisions of this article apply to all patient records, regardless of their form of storage, including those microfilmed and those archived electronically on an optical medium, as well as those consisting of documents originally generated and maintained electronically.” |
6. Cookie Policy
6.1. Cookies are small files downloaded to your computer or other device that you use to navigate our site. Most sites use cookies. A cookie typically includes the following information: the name of the site from which it came; how long the cookie will remain on your computer or device; and a value (generally a randomly generated unique number). Some cookies may include additional data, in particular related to your time zone or language used for navigation.
6.2. This topic describes what information we collect, how we use it, and why we sometimes need to store cookies. We will also share how you can prevent these cookies from being stored, however, this may degrade or make certain elements of the site's functionality dysfunctional.
6.3. Some cookies are always on when you visit us and you cannot turn them off unless you change your browser settings. We call these necessary cookies. We use them to ensure that our digital services work properly and allow the use of functionalities, such as user login, account management, and persistence of data and system states.
6.4. We also use functional cookies to make your experience more user-friendly, in particular to remember and store your information on our sites and to personalize the content of our services.
6.5. We also use performance cookies to observe how our services are used and obtain usage statistics.
6.6. We also use third-party cookies. These cookies may track how you use different sites, including ours. For example, you may obtain cookies from a social media company when you register on our site using a social media plugin for authentication or when you simply visit a site containing generators of these cookies. If you wish, you can disable these marketing cookies, as set out on our site. If you wish, you can disable these cookies, also having access to our Yinflow.Life Data Protection Officer available at the e-mail address:
dpo@yinflow.life.
7. How We Use Cookies
7.1. We use cookies for a variety of reasons detailed below. To make the most of our site, we recommend that you configure your device to accept all cookies. However, using your device settings, you can disable or limit certain types of cookies. We use cookies to:
Provide you with a better experience: cookies are used to improve your online experience. They can help in different ways, including: ensuring that our sites load faster, keeping you connected, even on different devices, making logins faster and more accessible, remembering your details, remembering the way you used our service previously, allowing you to schedule an appointment or session with a healthcare professional more quickly and accessible, or making sure that our pages are optimized for your browser or device.
Adjust our services to your preferences: cookies can help us present you with content that better meets your interests and preferences. Cookies also help us to personalize our site for you.
Improve security: we use some cookies to ensure the security of our platform.
Improve our sites: we use cookies to improve our services and predict the way in which users use our sites to make them better for our users.
Marketing: we use some cookies to inform advertising algorithms for our services and other platforms. We use these cookies in cooperation with our marketing partners (Google and Meta).
7.2. We use Third-Party Cookies to pursue our legitimate interests and make our sites better for our users. Below we detail more about this sharing.
We use Google Analytics - We use Google Analytics. Google Analytics is widely used by sites around the world. This tool helps us understand, predict, and adjust our sites for our users and helps us manage our databases and improve our SEO (Search Engine Optimization).
Other advertising and data analysis platforms, connected to Google Analytics through the Google Tag Manager tool. The processing of cookies by these tools has the sole purpose of helping us to know if the content that we provide through our communication channels is interesting to you and also to be able to personalize the content of our communication.
We also use third-party cookies to measure the use of our site. In particular, these cookies may record how much time you spend on our site and how you navigate.
We also use third-party cookies to test our new features and products. These cookies help us ensure that you receive a consistent experience of our services.
We also use social media authentication buttons and/or third-party site accounts. For these features to work properly, it is necessary to write and read cookies.
We use technical solutions provided by Meta, Google and others to better adapt our services and offer a better user experience on our site and better performance of our communications on those platforms.
7.3. Depending on the type of cookie, some of them are stored for a short period, while others are stored for longer periods.
|
| Under construction | Under construction |
7.4. We use session cookies - these cookies authenticate your browser to our systems, and if you're using a shared computer or cell phone, we recommend that you delete the cookies from your browser at the end of your session.
7.5. We use persistent cookies - these cookies remain stored even if your browser is closed or your device is turned off, and are active for a time defined in the cookie. We use persistent cookies when we need to know who you are for more than one browsing session. For example, we use it to remember your preferences for the next time you visit or if you scheduled an appointment.
7.6. You can prevent the setting of cookies by adjusting your browser settings. You can find instructions on how to do this in the table below. Please be aware that disabling cookies will affect the functionality of this and many other sites you visit. Disabling cookies will generally also result in the deactivation of certain functionalities and features of our services. Therefore, it is recommended that you do not disable cookies so as not to impair functionality. If you wish to do so, you can manage them as follows:
|
| Google Chrome | | You must click on three dots that are at the top of the right side and open “settings”. On the setup site, click on “security and privacy” to manage cookies. |
| Safari | | You must go to the “preferences” settings page and click on “security”. In the “security” section, you can manage your cookies. |
| Microsoft Edge | | You must click on three dots that are at the top of the right side and open “settings”. On the setup site, click on “privacy, search, and services” to manage cookies. |
| Mozilla Firefox | | You must click on three bars that are at the top of the right side and open “options”. On the options site, click on “security and privacy” to manage cookies. |
8. How to Get a Copy of My Data
8.1. To obtain a copy of any of your personal data (s) in our databases, please contact
dpo@yinflow.life from an email that you have already used on our sites.
9. How to Delete My Data
9.1. Here, you can better understand how to exercise your rights under the General Personal Data Protection Act (LGPD) and the condition for the portability of patient records.
9.2. The user may have access to their data and request their rectification by means of a formal request made from the email associated with the data in question to the email address
dpo@yinflow.life.
9.3. Through the YINFLOW service channel, the USER may also request: (i) the limitation of the use of their personal data; (ii) express their opposition to the use of their personal data; or (iii) request the elimination of their personal data collected by YINFLOW, provided that any contractual relationship between the USER and YINFLOW has ended, that there is no purpose of use that would legitimate the treatment and that the minimum legal period related to the retention of the data has elapsed.
9.4. In view of the role of Operator that Yinflow.Life plays in relation to patient data, the portability of medical record data must be requested by the patient himself from the health professional who treats him or the clinic where he performs health treatment, responsible for storing the data from the medical records.
9.5. Yinflow.Life processes personal data in accordance with the best information security practices and, in particular, stores them in the Amazon Web Services cloud, which applies the most advanced information security techniques available on the market, and is certified in compliance with all security requirements determined by ISO 27018, the code of international best practices for the protection of personal data in the cloud and others. The full list of certificates and protocols adhered to by Amazon Web Services is available at:
AWS Compliance.
9.6. Yinflow.Life itself also applies technical and administrative measures to protect personal data from unauthorized access and from accidental or illegal situations of destruction, loss, alteration, communication or dissemination, taking into account the structure, scale and volume of its operations, as well as the sensitivity of the data processed and the probability and severity of the damages for the data subjects. Among these measures, the use of SALT techniques, CAPTCHAs for password coding, backup, anonymization, data segregation, and control of access to data based on the need and permission granted by the USER stands out.
7.4. We use session cookies - these cookies authenticate your browser to our systems, and if you're using a shared computer or cell phone, we recommend that you delete the cookies from your browser at the end of your session.
7.5. We use persistent cookies - these cookies remain stored even if your browser is closed or your device is turned off, and are active for a time defined in the cookie. We use persistent cookies when we need to know who you are for more than one browsing session. For example, we use it to remember your preferences for the next time you visit or if you scheduled an appointment.
7.6. You can prevent the setting of cookies by adjusting your browser settings. You can find instructions on how to do this in the table below. Please be aware that disabling cookies will affect the functionality of this and many other sites you visit. Disabling cookies will generally also result in the deactivation of certain functionalities and features of our services. Therefore, it is recommended that you do not disable cookies so as not to impair functionality. If you wish to do so, you can manage them as follows:
10. General Provisions
10.1. Here you will find some general information, such as the contact of the Data Protection Officer (e-mail:
dpo@yinflow.life) from Yinflow.Life and that, if one clause is found to be invalid, the others will automatically remain valid, without the need for further communication.
10.2. Yinflow.Life does not use any type of automated decision that impacts the USER.
10.3. Yinflow.Life reserves the right to change the content of this
Privacy Policy at any time, depending on the purpose or need, such as for the adaptation and legal compliance of a provision of law or regulation that has equivalent legal force, and it is up to the USER to verify it every time they access Yinflow.Life.
10.4. If there are updates to this document and which necessarily require a new collection of consent, Yinflow.Life will notify the USER through the contact means provided by the USER.
10.5. In case of any doubt regarding the provisions contained in this
Privacy Policy or need to contact the Yinflow.Life Data Protection Officer (DPO), the USER may contact the Owner's Service Channel at the email address
dpo@yinflow.life.
10.6. If third-party companies process any data collected by Yinflow.Life, they must respect the conditions stipulated here and the best information security practices.
10.7. If any provision of this
Privacy Policy whether considered illegal or illegitimate by the authority of the location where the USER resides, the other conditions will remain in full force and take effect.
10.8. The USER recognizes that any communication made by any electronic form is valid as documentary evidence and is effective and sufficient for the disclosure of any matter to which it refers, the services provided by Yinflow.Life, as well as the conditions of their provision or any other matter addressed therein, subject to the expressly different provisions provided for in this
Privacy Policy.
11. Information, Questions, Suggestions and Complaints
11.1. In the case of information, questions, suggestions and complaints regarding matters not related to data, users may contact Yinflow.Life via e-mail
falecom@yinflow.life, where emails will be answered during business hours from Monday to Friday within 72 hours.
12. Applicable Law and Jurisdiction
12.1. This document will be governed and interpreted according to Brazilian law, in the Portuguese language, and the registered office of the City of São Paulo will be elected with respect to the data and Application of the LGPD and the jurisdiction of the Capital district to settle any dispute or controversy involving this document, unless specifically provided for personal, territorial or functional competence by applicable law.
12.2. The user is aware that services provided outside Brazilian territory will have their jurisdiction and application of laws, the jurisdiction of the country of purchase or provision of services that will be contracted outside Brazilian jurisdiction.
12.3. Except in cases where otherwise indicated, the foreign company YINFLOW LLC, a partner of YINFLOW LTDA, holds intellectual property rights to all proprietary material posted on Yinflow.Life tools and applications, operated by YINFLOW LTDA and partner health professionals, as it holds all intellectual property rights reserved in accordance with the law.
.svg)
.avif)
.webp)
