Privacy Policy

Section 1.1 — Data Provided Directly by the Data Subject

We collect information that is essential to delivering our services and improving your professional experience with us. This data includes, but is not limited to:

• Identifying data: full name, taxpayer ID, identity document, date of birth.
• Contact information: e-mail address, phone number and residential/business address.
• Financial data: payment information, banking data and transaction history required for corporate billing.

Section 1.2 — Data Collected Automatically

For information security, internal auditing and compliance with legal obligations, our servers record technical browsing data:

• IP address, browser type, operating system, approximate geolocation and history of interactions with our digital platform through cookies and equivalent identifiers.

Section 2.1 — Institutional and Commercial Purpose

In line with Article 6 of the LGPD (Purpose Principle), data processing is intended to:

• Perform service agreements or terms of use accepted by the user;
• Manage customer service, technical support and the processing of financial requests;
• Communicate security updates, important corporate notices and personalized marketing (subject to the right to opt out).

Section 2.2 — Legal Grounds

We ensure that all personal data processing is supported by a legitimate legal basis, such as:

• Performance of a contract: necessary to fulfill the established relationship.
• Legitimate interest: to develop and protect our operational activities, provided they do not override the data subject's fundamental rights.
• Compliance with a legal/regulatory obligation: storage of digital records required by regulators or tax law.
• Consent: collected expressly and prominently for specific, ancillary purposes.

Section 3.1 — Sharing with Third Parties

The Organization restricts access to personal data only to business partners and service providers strictly necessary to operations (e.g., cloud infrastructure providers, payment gateways and external auditors). All third parties are contractually bound to maintain strict confidentiality and security levels equivalent to our standards.

Section 3.2 — International Transfer

Where data is stored on servers located outside the national territory, we ensure that the receiving country or international entity provides an adequate level of protection, using contractual safeguards such as Standard Contractual Clauses.

Section 4.1 — Technical and Administrative Protection Measures

We adopt strict information governance and security measures to shield data against unauthorized access, leakage or accidental destruction. Corporate safeguards include encryption of data at rest and in transit, strict access control for employees and periodic vulnerability audits.

Section 4.2 — Retention Periods

Personal data is kept only for the period necessary to fulfill the purposes described in this Policy, or as required by applicable statutory limitation periods for the corporation's legal defense.

Section 5.1 — Exercising Rights Guaranteed by the LGPD

Any data subject may request, at any time and free of charge, through our official channel:

• Confirmation that processing exists and access to the stored data;
• Correction of incomplete, inaccurate or outdated information;
• Anonymization, blocking or deletion of unnecessary data or data processed in non-compliance;
• Withdrawal of previously granted consent.

Section 5.2 — Official Communication Channel (Data Protection Officer / DPO)

For legal questions or privacy requests, contact our Data Protection Officer (DPO) directly through the standard service address of the privacy portal.