Privacy Policy

In this document (“Privacy Policy”) you will be informed about the general conditions for using the platform and application Token.com (together, “Platform”), offered by Token.com.com Serviços Digitais Ltda. , a company incorporated in Brazil under CNPJ 43.533.362/0001-50, headquartered at Avenida Paulista, 2202, conj. 61 A1, Bela Vista, CEP:01310-932, São Paulo - SP,referred to simply as “hereinafterToken.com”.

Our Platform is intended for all persons: (a) over 18 years of age. If you, as a parent or guardian, become aware that your non-emancipated child under the age of 18 (eighteen) has access to the Platform and its resources, you must contact us via the email address dpo.br@token.com and request the deletion of your child’s data.

By registering on our Platform to enjoy our services, you (“User”) MANIFEST YOUR FREE, EXPRESS AND INFORMED CONSENT REGARDING THE TERMS OF OUR PRIVACY POLICY. If you do not agree with our Privacy Policy, please do not continue your registration and do not use the logged area of ​​our Platform. In addition to reading this Privacy Policy, it is necessary that you read the Terms of Use, available at [https://www.token.com/en/terms-and-conditions], and, if you have any questions, contact us at the email address -mail dpo.br@token.com.

From time to time, we may make changes to our Privacy Policy, including to add new features to our Platform or to implement changes as a result of legislative changes. In any case, you will be notified in advance and will have the opportunity to assess whether you wish to continue (or not) to use the services made available through our Platform. If you do not wish to continue using our services, you must terminate your account and uninstall the application, if applicable. 

1. INTRODUCTION
1.1.
The Privacy Policy establishes the information and data that Token.com will have access to as a result of the User's and third parties' interaction with the Platform, as well as the way in which such information may be stored, used and how it will be protected. In the next topics, you will find out how your personal data is treated and all information collected automatically and/or sent by the User during interaction with the Platform and/or made available by third parties so that we can offer our services. 

2. WHAT INFORMATION DO WE COLLECT
2.1.
We collect certain information directly from users, such as information entered by the User and information from third-party platforms with which the User may connect to the Platform. Token.com also may collect automatically information about the device used by the User and their interaction with the Platform.
(a) Registration information: In order to access the Platform, it is necessary for the User to provide their personal registration data, such as their name, date of birth, telephone number, email address, as applicable. 
(b) Information obtained through your device: During the use of the Platform, other information may be obtained by Token.com, such as information about: your geographic position, IP address, browser used, cookie information, type and brand of mobile device, identifiers of mobile devices, operating system version, network information,  connection provider Internet used device settings, camera (access to stored images by User on your mobile device and camera for capturing images), software data and permission to send electronic notices, as applicable.
(c) User-generated content and User interactions with the Platform: We collect and store information and/or preferences shared by the User while using the Platform. The information stored depends on the degree of User interaction with the resources made available through the Platform.
(d) Banking information: Considering that the Platform allows transfers between the User and the Platform and vice versa, Token.com will store the User's bank account data, as applicable. 
(e) Information provided by third parties: If the User chooses to integrate their account on the Platform with social networks or third-party platforms, as available, the Platform may collect and store, among other information, the email address, full name, and profile image, subject to the settings and authorizations given by the User to the platform or integrated social network. 

3. HOW WE USE YOUR INFORMATION
3.1.
Data and User information will be stored, in identifiable form in our database, and will be used for the following purposes under the terms of the Terms of Use of the Platform:
(a) Provide and manage the services offered by Platform;
(b) Identify the User, improve the navigability of the Platform and personalize their interactive experience while using the Platform;
(c) Develop new products, services and features for users;
(d) Process requests involving the contribution and redemption of values ​​from the Platform;
(e) Comply with legal obligations to collect and share data with the public authorities, in accordance with applicable legislation and regulations; 
(f) Allow fraud prevention;
(g) Allow the dissemination of targeted advertising to Users and send promotional emails and requests for User participation in satisfaction surveys;
(h) Allow sending administrative communication to users;
(i) Respond to requests of a judicial and/or administrative nature;
(j) Send push notifications to the User's mobile device to provide information and/or updates and relevant information;
(k) Respond to user queries and requests; and
(l) Allow communication between Token.com and the User.
3.2. Token.com employs service providers to perform certain activities, such as managing and providing databases and cloud hosting. Such partners and service providers are aware of and are contractually obliged to comply with the provisions of our Privacy Policy, and cannot use the information made available for other purposes, and it is also certain that only authorized persons are allowed to access the registration information collected, under penalty of disciplinary sanction in case of violation of the rules set forth herein. 
3.3. The User is also aware that Acesso Digital Tecnologia da Informação SA, a joint stock company headquartered at Praça General Gentil Falcão, n.º 108, 10º andar, Bairro Cidade Monções, CEP: 04571-150, São Paulo/SP, 05.563.165/0001-95, the company responsible for verifying User data at the time of registration on the Platform, will receive and store your personal and biometric data to promote greater security in the use of your identity and prevent misuse of your data. If you want more information, visit: https://unico.io/privacidade-e-gestao-de-dados/
3.4. Except for the situations described above and in accordance with applicable law, Token.com will not disclose user information without your prior and express consent. However, Token.com reserves the right to provide users' data and information in response to administrative and/or judicial proceedings of any nature, or when requested by authorities to comply with legal obligations, under the terms of applicable legislation. 
3.5. The User agrees to receive communications containing promotional materials about the services provided by Token.com. If the User chooses to stop receiving such communications, he/she may request to unsubscribe from his/her e-mail through the link provided in such communications.
3.6. The information and data collected during the User's interaction with the Platform may be used for the preparation of statistics, without any restriction by Token.com, as long as it is not possible to identify the User directly or indirectly.
3.7. The User's data and information will be stored, in an identifiable way, in our database for the time necessary to comply with the applicable legal obligations and activities provided for in this Privacy Policy, in compliance with the legal provisions on the subject. After carrying out the activities provided for in this Privacy Policy and other legal obligations, the data will be discarded, rendered useless and/or anonymized.

4. REGISTRATION ON THE PLATFORM
4.1.
In order to access the restricted content area of ​​the Platform and the functionalities available on our Platform, it is necessary for the User to register and provide the registration information.
4.2. The basic registration may be carried out in 2 (two) ways: (i) by providing the information contained in item 4.4; or (ii) synchronizing the Platform with your account on a social network, informing login and password, in addition to other necessary registration information, provided for in item 4.4 below (available only for Apple, Google and Facebook). If the User opts for synchronization, the social network will make available to the Platform the User's e-mail address, full name, age, profile picture, telephone number and date of birth . The process of integrating the Platform with the chosen social network will not give Token.com access to other information made available by the User on said social network, such as, for example, password to access the social network, publications or friends list.
4.3.
It is the User's responsibility to correctly fill in the data, as well as to keep their registration information updated, under penalty of not being able to use the resources offered by the Platform or, even, the suspension/deletion of their registration. Token.com is not responsible for errors or mistakes in filling out the User's registration.
4.4. The User agrees that it will be necessary to provide registration information, as applicable, such as:
(a) Full name;
(b) Date of birth;
(c) CPF number;
(d) Phone number;
(e) Nationality;
(f) User photo;
(g) Email address;
(h) Income Tax Return (if applicable).
4.5. The User may, at any time, correct and update the data reported to the Platform by sending an email to the address dpo.br@token.com Token.com, at any time, may ask the User for information and/or additional documents that prove the origin of the resources contributed to the Platform, as well as the other information provided at the time of registration.
4.6.Token.com reserves the right to suspend and/or cancel the User's account if the documents are not sent within the stipulated period. 
4.7. Each individual may have only one account registered on the Platform. If Token.com identifies that an individual is responsible for more than one registration/user, it will keep only one of the users active, canceling the other(s).
4.8. At the end of the registration, the User expressly declares the veracity of all the information provided, and may be held civilly and criminally liable for fraudulent misrepresentation, pursuant to applicable legislation and art. 299 of Law 2,848/40.
4.9. Token.com may also deny the User's registration, suspend or cancel, at any time, their login, if any information presented is irregular, insufficient or false, or even if any indication of fraud or irregularity is identified in the information. registrations or in the use of the Platform by the User.
4.10. The User must immediately notify Token.com of any forgetting, loss or theft of his access password, as well as any risk of access to it by third parties.

5. USE OF COOKIES
5.1.
Cookies (“Cookies”) are simple text files that are transferred to the device used by the User to access a website and have several functions, such as storing basic information, memorizing the User's preferences and facilitating navigability in a certain website.
5.2. By accessing https://token.com, the User authorizes Token.com to use Cookies as described in this Privacy Policy.
5.3. During the use of the website, Cookies may capture information such as geographic location, IP address, browser used, operating system version, network information, other websites visited by the User and software data.
5.4. If the User does not agree with the use of Cookies, he must adjust his browser settings to not allow the use of Cookies. The User understands and agrees that by disabling Cookies, some website functionality may be affected.
5.5.
What we use Cookies for:
(a) Improve navigation and features offered by the Platform;
(b) Collect information about how the User uses the Platform to provide better navigability;
(c) Provide a personalized experience to the User; and
(d) Provide targeted advertising. 

6. USER RIGHTS
6.1.
Users will always be guaranteed the following rights:
(a) Confirmation of the existence of data processing, access, portability, correction of incomplete or outdated data and/or deletion of personal data provided, including those identified in your register;
(b) Anonymization, blocking or deletion of data considered unnecessary or excessive for the use of the platform;
(c) The information of the entities with which your data has been shared;
(d) The inviolability of intimacy and private life, its protection and compensation for material or moral damage resulting from its violation;
(e) The inviolability and secrecy of the flow of your communications over the Internet, except by legal obligation or court order or a governmental body, pursuant to the law and provided that the applicable legislation is observed;
(f) Failure to provide third parties with your registration data, including connection records and access to Internet applications, with the exception of service providers and the financial institution and partner for fraud verification, which will have access to the User's information, according to item 3.2 above, or in cases where there is free, express and informed consent from the User, Token.com of the cases provided for by law;
(g) Clear and complete information about the collection, use, storage, treatment and protection of your registration data, which can only be used for purposes that justify their collection, are not prohibited by legislation and are specified in terms of application use of Internet.
(h) The provision of your express consent on the collection, use, storage and treatment of registration data, which must occur separately from the other contractual clauses, when applicable; and
(i) The revocation, at any time, of the consent given for the processing of data, in the form of the applicable legislation, as applicable.

7. DELETION AND PORTABILITY OF DATA
7.1.
The deletion and/or portability of information and data stored by Token.com may be requested at any time by the User dpo.br@token.com. Token.com undertakes to use its best efforts to respond to all deletion and/or portability requests as soon as possible. However, except in cases where storage is required to comply with legal obligations, only the deletion process will lead to the definitive deletion of data, making it impossible for the User to access the Platform's functionalities. 

8. INFORMATION SECURITY

8.1. All the User's personal information is identified in his/her account and is protected by the password chosen at the time when the registration on the Platform was carried out.
8.2. Data and information security is reinforced by effective protection mechanisms, such as encryption, security devices, access protocols, firewall and secure web environment.
8.3. The custody of the User's information will be maintained by a server chosen by Token.com, which must observe the security and reliability aspects required by law. By accepting the terms of this Privacy Policy, the User allows their data to be transferred to servers located abroad.
8.4. Despite adopting high levels of security for the protection of the data and information collected, it is important that users are aware that, due to the very nature and technical characteristics of the Internet, there is always the risk that unauthorized third parties, in some way, may be able to violate these protection mechanisms and have access to such information, which is why Token.com cannot guarantee complete privacy and security in the use of the Platform or in the storage of data.
8.5. The data and information that may be stored or archived on external servers are subject to the same security principles adopted by Token.com, since suppliers and partners are obliged to respect our Privacy Policy.
8.6. Token.com will keep the Platform's access logs confidential, in a controlled and secure environment, for a period of 06 (six) months, as determined by article 15 of Law 12.965/2014 (Marco Civil da Internet). This information may only be made available to the police, administrative authorities or the Public Prosecutor's Office, upon request and with due judicial authorization, respecting the provisions of paragraphs 1, 2 and 3 of article 15 of the same law.
8.7. In the event of incidents related to the breach of security of the information collected and stored during the interaction with the Platform, Token.com will communicate, within a reasonable period, the User about the information reached and measures to mitigate the possible damages caused as a result of the breach. of security.
8.8. The security measures described above apply to your information only from the moment Token.com receives it and while keeping it in its custody. The functioning and security of the device you use to access the Platform, as well as the network over which the data travels, is not the responsibility of Token.com. In order to ensure a more secure environment, Token.com suggests (without guaranteeing against incidents) that you respect the following basic security precautions:
(a) Do not trust strange emails;
(b) Do not access websites suspicious;
(c) Keep protection mechanisms active and updated, such as antivirus and anti-malware;
(d) Do not install applications or programs from strange or illegal sources; and
(e) Do not access “promotional content” from unknown sources.

9. SERVICES OFFERED BY THIRD PARTIES
9.1.
This Privacy Policy is not applicable to other platforms, services or social networks, even if they are directly or indirectly linked to Token.com. Token.com recommends that the User carefully read the terms of use and the privacy policy of other platforms, services or social networks they use.

TOKEN.COM SERVIÇOS DIGITAIS LTDA | CNPJ 43.533.362/0001-50
O produto Token.com não é valor mobiliário e não é regulado pela CVM (Comissão de Valores Mobiliários)
Esta não é uma Oferta Pública