1. Who We Are

We are iN2, offering solutions for customer loyalty and Digital Marketing. When a client (company/person) contacts or hires iN2, it becomes the controller of the personal data of individuals collected solely for commercial service. The controller will become the operator of personal data before the data subject (end customer), when the platform is used by the controller (company or person contracting the iN2 platform), processing and handling the data on behalf of the controller. Our fiscal address is Rodovia José Carlos Daux, 4150, Saco Grande, CEP 88032-005, Florianópolis/SC. You can contact us by mail at the address above, or by email at suporte@iN2.com.br or by phone at 0880 591 0150.

2. Data Officer

Contact details of our data officer:
Name: Josué Felipe Garcia
Email: lgpd@josuegarcia.com.br

3. Treatments, Data Collected, and Purposes

This document aims to clarify the types of treatments carried out by iN2, their legal bases and purposes, as well as to explain which data is collected for this purpose within the scope of the platform's use.

3.1. Marketing Actions

Regarding our company's Marketing actions, the disclosure activities of the platform through advertising on our website, social media, own blog, among others, stand out.

For all this to happen legally, the Data Subject, by understanding this document, registers their free, informed, and unambiguous manifestation, by which they agree with the processing of their personal data for a specific purpose, in accordance with Law No. 13.709 – General Data Protection Law (LGPD), when marking that they agree and submit any type of form with this field:

“I agree that my data will be used to process my contact request, to support my experience in contact with iN2, direct communications of my interest, and for other purposes described in the privacy policy.”

By agreeing to this term, the Data Subject consents and agrees that iN2, hereinafter referred to as the Controller, at this stage, makes decisions regarding the processing of their personal data, as well as performs the processing of their personal data, involving operations such as those referring to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction.

1. Who we are

We are iN2, offering solutions for customer loyalty and Digital Marketing. When a client (company/person) contacts or hires iN2, it becomes the controller of the personal data of natural persons collected exclusively for commercial service. The controller will become the processor of personal data regarding the data subject (end customer) when the platform is used by the controller (company or person contracting the iN2 platform), processing and handling the data on behalf of the controller. Our registered address is Rodovia José Carlos Daux, 4150, Saco Grande, ZIP 88032-005, Florianópolis/SC. You can contact us by mail at the above address, or by email at suporte@iN2.com.br or by phone at 0880 591 0150.

2. Data Protection Officer

Contact details of our data protection officer:
Name: Josué Felipe Garcia
Email: lgpd@josuegarcia.com.br

3. Processing, collected data and purposes

This document aims to elucidate the types of processing carried out by iN2, its legal bases and purposes, as well as to explain which data is collected for this purpose within the scope of the platform's use.

3.1. Marketing Actions

Regarding the Marketing actions of our company, the highlights are platform promotion activities through advertising on our website, social media, own blog, among others.

For all this to happen lawfully, the Data Subject, by understanding this document, registers their free, informed and unequivocal manifestation, agreeing with the processing of their personal data for specific purposes, in accordance with Law No. 13.709 – General Data Protection Law (LGPD), when they check that they agree and submit any form with this field:

“I agree that my data may be used to process my contact request, to support my experience in contacting iN2, to direct communications of my interest and for other purposes described in the privacy policy.”

By agreeing with this term, the Data Subject consents and agrees that iN2, henceforth referred to as Controller, at this stage, makes decisions concerning the processing of their personal data, as well as carries out the processing of their personal data, involving operations such as those referring to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, deletion, evaluation or control of the information, modification, communication, transfer, dissemination, or extraction.

Which personal data do we collect?

Main: Name, email and phone.
Secondary or occasional: Mailing address, IP address, and geolocation (upon user acceptance).

We note that not all the personal data above is collected/processed in all actions.

The main purposes of this processing are:

• To enable the Controller to send or provide the Data Subject with its products and services, either for a fee or free of charge.
• To enable the Controller to structure, test, promote and advertise products and services, personalized or not to the Data Subject's profile.
• To enable the Controller to advertise platform updates, new services, and useful information from iN2 and partners.
• To enable the Controller to have data when you access the website, where we automatically receive your computer's Internet Protocol, IP address, to obtain information about your browser and operating system to ensure greater security.

What is the legal basis for processing personal data?

According to Art. 7 of the LGPD, the legal basis for this processing is the "Consent of the Data Subject".

Still according to the same Law, the Data Subject exercises the right to revoke consent, as described in the section: "Data Subject Rights".

3.2. Commercial Service

Concerning commercial service, iN2 carries out personal data processing for the exercise of economic activity of its legitimate interest, such as service to a potential client who wishes to know and/or consume a product or service from our portfolio, including conversations through our digital and analog service channels, preparation of commercial proposals and due follow-up, billing, execution of contracted deliveries, issuing invoices, post-sale activities, among others that aim at full customer satisfaction and protection of the related economic activity.

Which personal data do we collect?

Main: Name, email, company name, phone, physical address, CPF.
Secondary or occasional: Written or verbal communication with the commercial area, bank details, and credit cards.

We note that not all the personal data above is collected/processed in all actions.

The main purposes of this processing are:

• Enable the Controller to identify and contact the Data Subject for business relationship purposes.
• Enable the Controller to draft commercial contracts and issue charges against the Data Subject.
• Enable the Controller to fulfill its tax obligations as a legal entity, keeping a record of its financial actions.
• Reports for statistical purposes.
• Database management and maintenance.
• Administration notices.
• Product/Service improvement/changes.

What is the legal basis for the processing of personal data?

According to Art. 7 of LGPD, the legal basis for this processing is "The controller's legitimate interest."

3.3. Correspondence records and record maintenance

When you contact us through our service channels (by email, form, WhatsApp, social networks, etc.), information will be retained about a particular communication, request, application.

What personal data do we collect?

The same data that identifies you as the sender of the communication, such as: Name, physical or electronic address, phone number, and other data provided in accordance with the desired communication.

We note that not all the above personal data are collected/processed in all actions.

The main purposes of this processing are:

• Non-commercial service to the public sender of the communication in question, aiming to analyze and improve our products and services, as well as the service provided.
• Contact record regarding the exercise of rights and freedoms guaranteed by Law 13,709/2018, including auditing by the National Data Protection Authority, ANPD.

What is the legal basis for the processing of personal data?

According to Art. 7 of LGPD, the legal basis for this processing is "Compliance with a legal or regulatory obligation by the controller."

3.4. Personal Data

iN2 is authorized to make decisions regarding the processing and to carry out the processing of the following personal data of the Data Subject:

• Full Name.
• Email Addresses.
• Complete Physical Address.
• Contractor's Address and Name.
• Phone Numbers, WhatsApp.
• Specific Username and Password for the use of the Controller's services.
• Verbal and written communication maintained between the Data Subject and the Controller.

3.5. Purposes of Data Processing

3.6. Data Sharing

The Controller reserves the right to share the Data Subject's personal data with other data processing agents if necessary for the purposes listed in this document, observing the principles and guarantees established by Law No. 13,709/2018.

As a Controller, we declare not to share the Personal Data of Data Subjects with other external companies, except with Operators contracted by the Controller (Legal Consultancy, Accounting Office, and Cloud Computing providers), when applicable, or even to maintain its legal tax obligations, according to Brazilian sectoral laws or other State Authorities, if provided by other legislations.

The Controller also reserves the right to contract Cloud Computing services for certain stages of the Personal Data Life Cycle, such as storage, backup, analysis, and other applicable stages, provided they comply with the LGPD, ensuring equally the Privacy of the Personal Data of our client Data Subjects, observing their position concerning the same General Data Protection Law.

It is also foreseen that the National Data Protection Authority itself, ANPD, may audit our databases and processes, and it is inevitable that it will also characterize a data processing, whose sole purpose will be to ensure the privacy of those data and guarantee the maintenance of the Data Subjects' rights and freedoms.

3.7. Data Security

The Controller is responsible for maintaining security measures, both technical and organizational, capable of protecting personal data from unauthorized access and accidental or unlawful situations of destruction, loss, alteration, communication, or any form of inadequate, unwanted, or unlawful processing.

In compliance with art. 48 of Law No. 13.709/2018, the Controller will communicate to the Data Subject and the National Data Protection Authority (ANPD) the occurrence of a security incident that may lead to risk or significant damage to the Data Subject, known as a Data Breach.

With the aim of protecting your personal data, iN2 adopts the best market practices so they are not accessed improperly or, in any way, violated, among them:

• IT Service Management.
• Risk Management.
• Incident Management.
• Problem Management.
• Change Management.
• Process Management.
• Event Management.
• Request Management.
• Compliance with Information Security Norms.
• Compliance with Cybersecurity Norms.
• Compliance with Business Continuity Plans.
• Data Protection By Design & By Default.

Navigation Information

iN2 may maintain and process the Data Subject's personal data during the entire period in which they remain relevant to the purposes listed in this term. Anonymized personal data, without the possibility of being associated with the individual, may be retained for an indefinite period.

The Data Subject may request via email or correspondence to the Controller, at any time, to have their non-anonymized personal data deleted.

The Data Subject is aware that it may be unfeasible for the Controller to continue providing products or services to the Data Subject following the deletion of personal data.

The Data Subject is aware that the Controller is obligated to maintain certain records to comply with its legal tax obligations and others related to its economic activity. Nonetheless, in keeping with Law 13.709/2018, it maintains its commitment regarding the exercise of all rights of Personal Data Subjects.

3.9. Rights of the Data Subject

I – confirmation of the existence of the processing of your Personal Data;
II – access to your Personal Data;
III – correction or updating of your Personal Data;
IV – anonymization, blocking, or deletion of unnecessary data;
V – data portability;
VI – deletion of data;
VII – information on data sharing;
VIII – information about the possibility of not providing consent and the consequences of refusal;
IX – revocation of consent;
X – contacting the ANPD (this resource is not implemented by the Controller).

4. Cookies Policy

We strive to offer an excellent experience during your stay on our site. To enable you to explore our products and services in the smoothest possible way, we use cookies.

Transparency is also one of the foundations of our relationship with you. Therefore, we prioritize your security and privacy at all times with us.

If you don't know what cookies are, don't worry, we will tell you all about this tool that allows the optimization of your user experience.

4.1. What are Cookies?

Cookies are small text files containing a string of characters. They are placed on your computer or mobile device, uniquely identifying your browser or device.

4.2. What are Cookies used for?

Cookies allow a site or service to know some information to make your experience more convenient, such as if you have visited the site/service before. They help to understand how you are using these platforms, so each time you do, you can navigate between pages more efficiently. An example of this is your language preference. Another functionality of cookies is to help ensure that the content you are viewing is most relevant to you and your interests, providing you the best possible browsing experience.

Types of Cookies

There are 2 types of cookies: Session Cookies and Persistent Cookies. Learn about both:

Session Cookies: are stored in memory and not on your computer or device. They do not have a validity date, so once the web browser is closed and the session ends, the cookie is deleted.

Persistent Cookies: unlike session cookies, these have a validity date and are stored on the computer's or device's disk. The cookie expires on the specified date and only then is deleted.

4.3. What Cookies does iN2 use?

When you use our site to browse our products and services and view the information we make available, various cookies are used by us and by third parties to enable the site to function, collect useful information about visitors, and help make your user experience better.

Some of the cookies we use are strictly necessary for the functioning of our site, and we do not seek your consent to place them on your computer. These cookies are shown below.

• PHPSESSID – For Exclusive Use by the Browser to Display the Website Correctly.

However, for cookies that are useful but not strictly necessary, we will always ask for your consent before placing them. These are:

• _fbp – Data Collection from Facebook for Display of Ads, Offers, and User-Interest Items.
• _ga – Data Collection from Google for Display of Ads, Offers, and User-Interest Items.

5. Your Rights as a Data Subject

By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate. If we requested your consent to process your personal data, you may withdraw that consent at any time.

If we are processing your personal data on the grounds of consent or to fulfill a contract, you can ask us for a copy of the information in a readable format so you can transfer it to another provider.

If we are processing your personal data on the grounds of consent or legitimate interest, you may request that your data be deleted.

You have the right to ask us to stop using your information for a period if you believe we are not doing so legally.

Finally, in some circumstances, you can ask us not to make decisions that affect you using automated processing or profiling.

To submit a request regarding your personal data via email, mail, or phone, use the contact information provided above in the Who We Are section of this policy.

5.1. Your Right to Complain

If you have a complaint about the use of your information, we prefer you to contact us directly so we can address your complaint.

6. Updates to this Privacy Policy

We regularly review and, if appropriate, update this privacy policy from time to time, as our services and the use of personal data evolve. If we wish to use your personal data in a way we have not previously identified, we will contact you to provide information about it and, if necessary, seek your consent. We will update the version number and date of this document each time it is changed.

Data Officer

Name: Josué Felipe Garcia
Email: lgpd@josuegarcia.com.br