Data Privacy Policy

Effective Date: July 1, 2023

I - Data Privacy Policy

At VSec, we are committed to protecting the privacy and security of personal data to

ensure a secure environment for all users, as such this Data Privacy Policy has been

prepared in accordance with Federal Law No. 12,965 of April 23, 2014 (The Brazilian

Civil Rights Framework for the Internet) and Federal Law No. 13,709 of August 14,

2018 (also known as General Data Protection Law - GDPL), and is guided by the

principles set forth in Article 6 of this legal code. Furthermore, this Data Privacy

Policy outlines how we collect, use, store, and disclose personal data when

individuals interact with our products and services.

By using our services, you agree to the terms of this policy.

II - Data Collection and Usage

We collect and store certain information when you interact with our website or

engage with our services solely for the purpose of communicating with you and

improving our offerings. We do not sell or share your personal information with third

parties without your explicit consent.

2.1 Types of Personal Data Collected

We may collect the following types of personal data:

- Identifying information (e.g., name, identification number).

- Contact information (e.g., address, email, phone number).

- Usage information (e.g., IP addresses, device information) collected

automatically when interacting with our services.

2.2 Purpose and Legal Basis for Data Processing

We collect and process personal data for the following purposes and legal bases:

- Contractual necessity: to fulfill our obligations and provide the requested

services.

- Consent: where required, we will obtain explicit consent for specific data

processing activities.

- Compliance with legal obligations: to comply with applicable laws and

regulations.

- Legitimate interests: to pursue our legitimate business interests, provided they

do not override individuals' fundamental rights and freedoms.

III - Data Security Measures

3.1 Data Security (Article 46)

We implement industry-standard security measures to safeguard the information we

collect from unauthorized access, disclosure, alteration, or destruction. This includes

employing encryption techniques, regularly updating our systems, and conducting

security audits. While we take every reasonable precaution to protect your data,

please note that no method of transmission over the internet or electronic storage is

entirely secure. We encourage you to take necessary precautions when sharing

information online.

3.2 Data Minimization and Retention

We only collect and retain personal data that is necessary for the purposes outlined

in this policy. Personal data will be retained only for as long as necessary to fulfill

these purposes, unless otherwise required by law.

IV - Rights of Data Subjects

4.1 In accordance with the GDPL (Article 18), individuals have the right to:

- Access and obtain a copy of their personal data.

- Rectify incomplete, inaccurate, or outdated personal data.

- Anonymize, block, or delete unnecessary or excessive personal data.

- Obtain information about the entities with whom personal data is shared.

- Obtain information about the possibility of denying consent and the

consequences of such denial.

- Withdraw consent, where applicable.

- Portability of personal data to another service provider, upon express request.

- Delete personal data processed based on consent, except when retention is

required by law or for legitimate purposes.

V - Data Sharing and Disclosure

5.1 Legal Requirements

We may disclose personal data if required to do so by law or in response to valid

requests by public authorities (e.g., court orders, law enforcement agencies).

5.2 Third-Party Service Providers

We may utilize third-party services, such as analytics tools and payment processors,

to enhance our website functionality and provide seamless transactions. These

third-party providers may have their own privacy policies governing the information

they collect. We recommend reviewing their policies to understand how your data is

handled by them

5.3 Links to External Websites

Our website may contain links to external websites for your convenience and

reference. Please be aware that we do not have control over the content or privacy

practices of these sites. We encourage you to review the privacy policies of any

third-party websites you visit.

5.4 Cookies

As many websites, we may use cookies to enhance your browsing experience.

Cookies are small text files stored on your device that enable us to recognize your

preferences, improve site performance, and provide personalized content. You have

the option to disable cookies in your browser settings, but please note that this may

affect certain functionalities of our website.

VI - International Data Transfers

6.1 Cross-Border Data Transfers (Article 33)

In the event of transferring personal data outside Brazil, we will ensure appropriate

safeguards are in place to protect the data in accordance with the GDPL

requirements.

VII - Updates to the Data Policy

7.1 Policy Updates

We may update this Data and Privacy Policy to reflect changes in our practices or

legal requirements. We encourage you to review this page regularly for any updates.

Any material changes will be communicated to individuals through appropriate

channels or by directly notifying affected data subjects. By continuing to use our

website or services, you agree to the updated policy.

Contact Information

VSec is the data controller responsible for the processing of personal data. If you

have any questions, concerns, or requests regarding your personal data, please

contact us at: [email protected]