Privacy Policy

The purpose of this Privacy Policy is to demonstrate the commitment of SASI COMUNICAÇÃO ÁGIL LTDA, fantasy name SASI, a private legal entity, registered in the CNPJ under No. 35.379.670/0001-45, headquartered at Rua Alves Guimarães, 462, Conj. 21, Pinheiros, São Paulo, SP, CEP: 69055-736, e-mail: info\\@sasi.com.br; phone: (92) 3648.6777, owner of the SASI platforms, applications and sites, hereinafter referred to as "SASI", with the privacy and protection of personal data collected from its USERS, establishing the rules on the treatment of data within the scope of SASI services and functionalities, in accordance with the laws in force, with transparency and clarity with the USER and the market in general. As a condition for access and use of the exclusive SASI functionalities, the USER declares that he/she has made a full and careful reading of this Privacy Policy, being fully aware, thus conferring his/her free and express agreement with the terms stipulated herein, authorizing the collection of the data mentioned herein, as well as their use for the purposes specified below. If you do not agree with these directives, the USER must discontinue your access. At SASI, we want to provide the best possible experience to ensure that you enjoy our service to the fullest. To do this, we need to get to know you better, which will allow us to provide exceptional service customized to your preferences. Your privacy and the security of your personal information is and will always be of the utmost importance to us. Therefore, we would like to transparently demonstrate how and why we collect, store, share and use your personal data - as well as set out the controls and choices you can use to share your personal data. This is our goal, and the attached Privacy Policy (the "Policy") will provide all necessary clarifications and details. The purpose of this policy is: i. Ensure that the platform user understands the reasons why SASI collects your personal data and how it is shared and stored; ii. Explain the manner in which we use your personal data in order to provide you with a valuable experience in using the SASI Services; iii. Explain your rights and choices regarding your personal data that is collected and processed and how we preserve your privacy. **1. GLOSSARY** 1.1.For the purposes of this document, the following definitions and descriptions should be considered for better understanding: COOKIES: small computer files or data packets sent by an Internet site to the user's browser when the USER visits the site. IP: Abbreviation for Internet Protocol. It is an alphanumeric set that identifies the USERS' devices on the Internet. USER: Any natural person who accesses and/or uses the functionalities and/or services of SASI. **2. COLLECTION AND USE OF DATA AND REGISTRATION OF ACTIVITIES** The data collected from the voluntary submission by the USER or automatically meet the principle of necessity and may include: 2.2. This is personal data provided by you or collected by SASI to enable you to subscribe to and use SASI's services. Depending on the type of plan on the SASI platform, such personal data may include the user's name, e-mail address, telephone number, date of birth, gender, geographical location, residence and country, and will be allocated in the tables below. 2.3. As you will notice, some are necessary to create the account on the platform and others are necessary to make the account even more personalized. **DISTRIBUTOR** | Category | Data | Purpose | |----------------------------- |------------------------------------------------------------------ |---------------------------------------------------------------------------------------------------------------------------------------------------- | | MANDATORY REGISTRATION | Email, First Name, Last Name, Password | Identifying and authenticating the user on the platform, receiving communication from the platform, accessing the SASI platform for development | | FACULTATIVE REGISTRATION | Zip, Address, City, State, Mobile, State | Identifying and authenticating the user on the platform, receiving communication from the platform, accessing the SASI platform for development | | ELECTRONIC RECORDS | IP, Cookies | Registration of access for the purpose of complying with legal obligations, analytics on the SASI website | | PAYMENT | Credit card details (optional) | Payment of monthly, annual or semi-annual plans | | STATISTICS (ANONYMIZED) | Platform usage data
(not considered personal data) | Platform Usage Analytics | **FINAL USER** | Category | Data | Purpose | |------------------------------------- |----------------------------------------------------------------------------------------------------- |--------------------------------------------------------------------------------------- | | MANDATORY REGISTRATION | Email, First Name, Last Name, Password | User identification and authentication on the platform | | FACULTATIVE REGISTRATION | CPF, profession, gender, e-mail, address, zip code, Complement,
Neighborhood, Mobile, Landline | User identification and authentication on the platform | | DATA REQUIRED BY THE DISTRIBUTOR | | Performing service on the platform | | ELECTRONIC RECORDS | IP, Cookies | Logging access for the purpose of fulfilling a legal obligation Analytics on the SASI website | | STATISTICAL (ANONYMOUS) | Platform usage data (not considered personal data) | Platform Usage Analytics | 2.2. All personal data may be used as evidence in cases of unlawful acts or acts contrary to this Privacy Policy or any other any other legal document made available by SASI, as well as for compliance with a court order or administrative request. 2.2.1. It is up to the USER to configure his/her mobile device if he/she wishes to block the collection of cookies or other data. In this case, some of the SASI functionalities may be limited. 2.3. SASI is not responsible for the accuracy, veracity or lack thereof in the information provided by the USER or for its outdating, being the responsibility of the responsibility of the USER to provide them with accuracy and update them whenever necessary when necessary. 2.4. A base de dados é formada por meio da coleta de dados na SASI é de propriedade e responsabilidade da SASI, sendo que seu uso, acesso e compartilhamento, quando necessários, serão feitos dentro dos limites e propósitos dos negócios da SASI e descritos nesta Política de Privacidade e Termos de Uso. 2.4.1. O USUÁRIO é corresponsável pelo sigilo de seus dados pessoais. O compartilhamento de senhas e dados de acesso viola esta Política de Privacidade e os Termos de Uso da SASI. 2.4.2. O tratamento de dados de crianças deve ser realizado apenas com o consentimento específico e em destaque dado por pelo menos um dos pais ou pelo responsável legal da criança, que deve ser enviado ao encarregado de dados da SASI pelo contato: juridico\\@sasi.com.br; 2.5. Internally, the data of the USERS will be accessed only by professionals duly authorized by SASI, respecting the principles of proportionality principles of proportionality, necessity and relevance to the SASI's objectives, in addition to the commitment to confidentiality and preservation of privacy under the terms of this Privacy Policy. **3. STORAGE, INTERNATIONAL TRANSFER, RETENTION AND AND DELETION OF DATA** 3.1. The data collected is stored in the cloud (cloud computing) of the Google Cloud with servers located in Brazil and the United States and also in SASI's own servers. 3.1.1. The international transfer will be made only to those agents and purposes described in this Privacy Policy, which apply international best practices for the protection of personal data and personal data protection and ensure to provide a degree of protection of personal data adequate to the provisions of Law No. 13,709/2018 (General Law of Protection of Personal Data Protection - LGPD), as required by art. 33, item I of the law 3.2. All data collected is stored in a secure environment. However, considering that no security system is infallible, SASI disclaims SASI disclaims any responsibility for any damage and/or loss damage and/or losses resulting from failures, viruses or invasions of the SASI database, except in cases where SASI is at fault. 3.3. For the purposes of auditing, security, fraud control, preservation of rights and rights and compliance with legal obligation, SASI may remain with the historical records of access of the USERS for a period of at least minimum of 6 (six) months. 3.3.1. If there is a request for elimination of the data by the USER, this deletion may only occur if there is no longer any purpose for its use use or legal, regulatory or judicial obligation that justifies its retention. 3.3.2. The data shall be retained for the duration of its intended use or legal, regulatory or judicial obligation that justifies its retention. On end of the purpose of use and the mandatory retention period, data may be may be deleted using secure disposal methods, or used in an anonymized form for statistical purposes. **4. SHARING** 4.1. The data collected and the activities recorded can be shared: i) With judicial, administrative, arbitral or governmental authorities authorities, whenever there is a legal requisition from the authorities or court order; ii) Automatically in case of corporate movements, such as merger, acquisition, spin-off or merger, and iii) Automatically, with the service providers contracted by SASI to enable the SASI site and platform along with all the functionalities and services made available. iv) We emphasize that the clinical data will not be shared, except in the case hypothesis of the item 'i'.. 4.2. All third parties hired for the purpose of item "iii" above are obliged to treat the data with confidentiality and only for the contracted purpose, ensuring legal compliance in matters of privacy and privacy and data protection and using, at all times, the best information security information security practices. **5. LEGAL BASIS** 5.1. When the USER uses or interacts with the SASI service, we use various technologies to process the personal data we collect, for various reasons. | Description of the reasons why SASI processes your data | Legal Basis for Purpose of Processing | Category of Personal Data used by
SASI for the purpose of processing | |----------------------------------------------------------------------------------- |------------------------------------------------------------------------------------------ |------------------------------------------------------------------------------------- | | Take advantage of the SASI development platform | ● Executing a Contract;
● Legitimate interest;
● Consent | ● User Data;
● usage data;
● payment data; | | Understand, diagnose, troubleshoot, and correct SASI platform problems | ● Executing a Contract;
● Legitimate interest | ● User Data;
● usage data | | Evaluate and Develop functionalities, technologies and improvements of the SASI platform | ● Legitimate interest;
● Consent | ● User Data;
● usage data | | Marketing, promotion and advertising purposes | ● Legitimate interest;
● Consent | ● User Data;
● usage data | | Comply with legal obligations and law enforcement requests. | ● Legitimate interest;
● Fulfilling a legal obligation | ● User Data;
● usage data;
● payment and purchase data; | | Take, exercise or defend legal action | ● Legitimate interest | ● User Data;
● usage data;
● payment and purchase data; | | Process payment from the platform | ● Legitimate interest | ● User Data;
● payment data | |Detect fraud, including fraudulent payments and fraudulent and illegal use of the SASI platform | ● Legitimate interest;
● Fulfilling a legal obligation;
● Executing a Contract | | 5.2. The USER may change his/her grants of consent, grant new permissions or withdraw their consent for the current permissions permissions through the SASI service channels available on the site and on the on the platform, being warned about the consequences that the withdrawal of consent consent may cause. **6. DISPLAY, RECTIFICATION, PORTABILITY, LIMITATION, OPPOSITION AND DELETION OF DATA** 6.1. The USER may have access to his/her data (display) and carry out the personal data through the environment logged into the SASI platform or through the service channels made available by SASI. 6.2. Through the SASI service channel, the USER may also request: (i) the portability of his data, when the USER is a customer of the product developed on the SASI platform, (ii) the limitation of the use of his personal data; (iii) express his opposition to the use of his personal data or (iv) request the elimination of his personal data collected by SASI, provided that the possible contractual relationship between the USER and SASI has ended, there is no purpose of use that legitimizes the treatment and the minimum legal term related to data retention has elapsed, according to topic 3.3 of this Privacy Policy. **7. SECURITY** 7.1. SASI, treats personal data according to the best information security practices and, in particular, stores them in the Google Cloud, the same that many high-standard companies use, which applies the most advanced information security techniques available in the market, as well as automated backup of the servers every 12h and 256-bit SSL digital certificate, being certified and recertified in compliance with all security requirements determined by ISO's 27001, 27017 and 27018, SOC'`1/2/3 the code of best international practices for protection of personal data in the cloud (information and certificate available at: , accessed 20.01.2021). 7.2. SASI itself also applies technical and administrative measures to protect personal data from unauthorized access and accidental or unlawful destruction, double-checking, loss, alteration, communication or disclosure, taking into account the structure, scale and volume of its operations, as well as the sensitivity of the data processed and the likelihood and severity of harm to the data subjects **8. HOLDER'S RIGHTS** Product privacy from its conception. In view of this, SASI ensures the exercise of the rights of the data subject provided in the General Law of Data Protection (LGPD) through its website and App, where we provide privacy controls for users. Below is a simplified simplified list of rights applicable to our business provided in the LGPD. 8.1. Right to access information: The information required by data protection laws protection laws are contained in this privacy policy. Other information may be requested through the e-mail: juridico\\@sasi.com.br. described in clause 9.3. 8.2. Right to confirmation of personal data processing: To know if SASI processes your data, you can obtain confirmation by request to the e-mail: juridico\\@sasi.com.br. 8.4. Right to Access Data: This right can be exercised through the the application soon. At the moment, you can contact us through e-mail: juridico\\@sasi.com.br to request confirmation of the processing of your personal data. 8.5. Right to correction of incomplete, inaccurate or outdated data: Although it is the responsibility of the User to enter SASI product, even so, if you can no longer access the platform access to the platform, it is possible to rectify your data through the e-mail: juridico\\@sasi.com.br 8.6. Right of Removal: the right to request the removal of your personal data. 8.7. Right to data portability: the right to request a copy of your personal data in electronic format and the right to transmit such personal data for use in the service of a third party. 8.8. Right to object: the right to object at any time to the processing of your personal data for reasons relating to your particular situation particular situation; the right to object to the handling of your personal data for personal data for direct marketing purposes **9. GENERAL REGULATIONS** 9.1. SASI does not use any type of automated decision that impacts the USER. 9.2. SASI reserves the right to change the contents of this Privacy Policy at any time, according to the purpose or need, such as for such as for adequacy and legal compliance of the provision of law or standard that has equivalent legal force, being up to the USER to check it every time he/she accesses SASI. 9.2.1. In the event of updates to this document that necessarily new collection of consent, SASI will notify the USER through the USER by the means of contact provided by him/her. 9.3. If you have any questions regarding the provisions this Privacy Policy or need to contact the Data Protection Officer (Data Protection Officer) SASI's Data Protection Officer (DPO), the USER may contact DPO of SASI), the USER may contact the e-mail address juridico\\@sasi.com.br, and the answers to the contact will be sent between Monday and Friday, during business hours, except on holidays. 9.4. If third-party companies perform the processing of any data collected by SASI, they data collected by SASI, they must comply with the conditions stipulated herein and information security best practices, obligatorily. 9.5. In the event that any provision of this Privacy Policy is considered illegal or illegal or illegitimate by the authority of the location where the USER resides, the remaining conditions will remain in full force and effect. . 9.6. The USER recognizes that all communication made by e-mail, SMS, instantaneous communication applications or any other electronic form electronic form are also valid as documentary proof, being effective and sufficient for the disclosure of any matter relating to the services rendered by SASI, as well as the conditions of its provision or any other any other matter addressed therein, subject to the provisions expressly different provisions set forth in this Privacy Policy. **10. APPLICABLE LAW AND JURISDICTION** 10.1. This document will be governed and interpreted according to the Brazilian legislation Brazilian legislation, in the Portuguese language, being elected the domicile of the USER to to settle any dispute or controversy involving the present document, unless document, except when there is a specific exception of personal, territorial or functional by the applicable legislation. Thank you for your attention, and welcome to SASI Last update: January 25, 2021