1. Who we are

We are iN2, we offer solutions for customer loyalty and Digital Marketing. When the customer (company/person) contacts or hires iN2, it becomes the controller of the personal data of individuals collected exclusively for commercial service. The controller will become the operator of the personal data before the holder (end customer), when the platform is used by the controller (company or person contracting the iN2 platform), processing and handling the data on behalf of the controller. Our tax address is Rodovia José Carlos Daux, 4150, Saco Grande, CEP 88032-005, Florianópolis/SC. You can contact us by post at the address above, or by email at suporte@iN2.com.br or by telephone on 0880 591 0150.

2. Data Controller

The contact details of our data controller:
Name: Josué Felipe Garcia
Email: lgpd@josuegarcia.com.br

3. Processing, data collected and purposes

This document aims to clarify the types of processing carried out by iN2, their legal bases and purposes, as well as to explain which data is collected for this purpose within the scope of the use of the platform.

3.1. Marketing Actions

As for our company’s marketing actions, the most important activities are the promotion of the platform through advertising on our website, social media, our own blog, among others.

For all of this to happen lawfully, the Data Subject, by understanding this document, registers his/her free, informed and unequivocal manifestation, by which he/she agrees to the processing of his/her personal data for a specific purpose, in accordance with Law No. 13,709 – General Law on the Protection of Personal Data (LGPD), when he/she marks that he/she agrees and submits any type of form with this field:

“I agree that my data will be used to process my contact request, to support my experience in contacting iN2, to direct communications of interest to me and for other purposes described in the privacy policy.”

By agreeing to this term, the Data Subject consents and agrees that iN2, hereinafter referred to as Controller, at this stage, makes decisions regarding the processing of his/her personal data, as well as carries out the processing of his/her personal data, involving operations such as those related to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or information control, modification, communication, transfer, dissemination or extraction.

What personal data do we collect?

Main: Name, email and telephone number.
Secondary or occasional: Correspondence address, IP address and geolocation (subject to user acceptance).

We note that not all of the above personal data are collected/processed in all actions.

The main purposes of this processing are:

• To enable the Controller to send or provide the Holder with its products and services, whether paid or free of charge.
• To enable the Controller Structure, Test, Promote and Advertise Products and Services, whether or not Personalized to the Data Subject’s Profile.
• Allow the Controller to Advertise Platform Updates, New Services and Useful Information from iN2 and Partners.
• Allow the Controller to Have Data When You Access the Website, Where We Automatically Receive Your Computer’s Internet Protocol, IP Address, to Obtain Information About Your Browser and Operating System to Ensure Greater Security.

What is the legal basis for the processing of personal data?

According to Art. 7 of the LGPD, the legal basis for this processing is “Data Subject’s Consent”.

Also according to the same Law, the Data Subject exercises the right to revoke consent, as described in the section: “Data Subject Rights”.

3.2. Commercial Service

With regard to commercial service, iN2 processes personal data to carry out an economic activity of its legitimate interest, such as serving a potential customer who wishes to learn about and/or consume a product or service from our portfolio, including conversations through our digital and analog service channels, preparation of commercial proposals and due follow-up, invoicing, execution of contracted deliveries, issuance of invoices, after-sales activities, among others that aim to fully satisfy the customer and protect the related economic activity.

What personal data do we collect?

Main: Name, email, company name, telephone, physical address, CPF. Secondary or occasional: Written or verbal communication with the sales department, bank details and credit cards.

We note that not all of the above personal data is collected/processed in all actions.

The main purposes of this processing are:

• To enable the controller to identify and contact the data subject for commercial relationship purposes.
• To enable the controller to draw up commercial contracts and issue charges against the data subject.
• To enable the controller to comply with its tax obligations as a legal entity, keeping a record of its financial actions.
• Reports for statistical purposes.
• Database management and maintenance.
• Administrative notices.
• Improvement/changes to Product/Service.

What is the legal basis for processing personal data?

According to Art. 7 of the LGPD, the legal basis for this processing is “Legitimate interest of the Controller”.

3.3. Correspondence records and record keeping

When you contact us through our service channels (by email, form, WhatsApp, social networks, etc.), information about a specific communication, request, application will be stored.

What personal data do we collect?

The same data that identifies you as the sender of the communication, such as: Name, physical or electronic address, telephone number and other data provided in accordance with the desired communication.

We note that not all of the above personal data is collected/processed in all actions.

The main purposes of this processing are:

• Non-commercial Service to the Public Sender of the Communication in Question, Aiming at Analysis and Improvement of Our Products and Services, As Well as the Service Provided.
• Registration of Contact Regarding the Exercise of Rights and Freedoms Guaranteed by Law 13.709/2018, Including Aiming at Auditing by the National Data Protection Authority, ANPD.

What is the legal basis for the processing of personal data?

According to Art. 7 of the LGPD, the legal basis for this processing is “Compliance with a legal or regulatory obligation by the controller”.

3.4. Personal Data

iN2 is authorized to make decisions regarding the processing and to carry out the processing of the following personal data of the Holder:

• Full Name.
• E-mail Addresses.
• Full Physical Address.
• Address and Name of the Contractor.
• Telephone Numbers, WhatsApp.
• Username and Password Specific for Use of the Controller’s Services.
• Communication, Verbal and Written, Maintained Between the Holder and the Controller.

3.5. Purposes of Data Processing

3.6. Data Sharing

The Controller reserves the right to share the Data Subject’s personal data with other data processing agents, if necessary for the purposes listed in this document, in compliance with the principles and guarantees established by Law No. 13,709/2018.

As Controller, we declare that we do not share Personal Data of Data Subjects with other external companies, except with Operators hired by the Controller (Legal Consultancy, Accounting Firm and Cloud Computing providers), when applicable, or to maintain its legal tax obligations, in accordance with Brazilian sectoral laws or other State Authorities, if provided for in other legislation.

The Controller also reserves the right to contract the provision of Cloud Computing services, for certain stages of the Personal Data Life Cycle, such as storage, backup, analysis, and other applicable stages, as long as they maintain compliance with the LGPD, equally ensuring the Privacy of the Personal Data of our client Data Subjects, observing their position regarding the same General Data Protection Law.

It is also expected that the National Data Protection Authority (ANPD) itself may audit our databases and processes, and it is inevitable that data processing will also be characterized, the sole purpose of which will also be to ensure the privacy of said data and to guarantee the maintenance of the rights and freedoms of the Data Subjects.

3.7. Data Security

The Controller is responsible for maintaining technical and organizational security measures capable of protecting personal data from unauthorized access and accidental or unlawful situations of destruction, loss, alteration, communication or any form of inadequate, unwanted or unlawful processing.

In accordance with art. 48 of Law No. 13,709/2018, the Controller will notify the Data Subject and the National Data Protection Authority (ANPD) of the occurrence of a security incident that may entail a risk or relevant damage to the Data Subject, known as a Data Breach.

In order to protect your personal data, iN2 adopts the best market practices so that they are not accessed improperly or, in any way, violated, among them:

• Information Technology Service Management.
• Risk Management.
• Incident Management.
• Problem Management.
• Change Management.
• Process Management.
• Event Management.
• Request Management.
• Compliance with Information Security Regulations.
• Compliance with Cybersecurity Regulations.
• Compliance with Business Continuity Plan Regulations.
• Data Protection By Design & By Default.

Navigation information

iN2 may keep and process the Data Subject’s personal data for the entire period in which they are relevant to the purposes listed in this term. Anonymized personal data, without the possibility of association with the individual, may be kept for an indefinite period.

The Data Subject may request via email or correspondence to the Controller, at any time, that the Data Subject’s non-anonymized personal data be deleted.

The Data Subject is aware that it may be unfeasible for the Controller to continue providing products or services to the Data Subject after the personal data has been deleted.

The Data Subject is aware that the Controller is required to maintain certain records in order to comply with its legal tax obligations and other obligations related to its economic activity, however, still in compliance with Law 13.709/2018, it maintains its commitment to exercising all rights of the Data Subjects.

3.9. Data Subject’s Rights

I – confirmation of the existence of the processing of your Personal Data;
II – access to your Personal Data;
III – correction or updating of your Personal Data;
IV – anonymization, blocking or deletion of unnecessary data;
V – data portability;
VI – deletion of data;
VII – information on sharing of your data;
VIII – information on the possibility of not providing consent and on the consequences of refusal;
IX – revocation of consent;
X – contact the ANPD (this resource is not implemented by the Controller).

4. Cookies Policy

We strive to provide a user-friendly experience excellent during your stay on our website. To allow you to explore our products and services as smoothly as possible, we use cookies.

Transparency is also one of the foundations of our relationship with you. And that’s why we value your security and privacy during all your moments with us.

If you don’t know what cookies are, don’t worry, we’ll tell you everything about this tool that allows you to optimize your user experience.

4.1. What are Cookies?

Cookies are small text files that contain a series of characters. They are placed on your computer or mobile device, uniquely identifying your browser or device.

4.2. What are Cookies used for?

Cookies allow a website or service to know some information to make your experience more practical, as if you had already visited the website/service before. They help to understand how you are using these platforms, so that each time you do so, you can navigate between pages more efficiently. An example of this is your language preference. Another function of cookies is to help ensure that the content you are viewing is the most relevant to you and your interests, so that you have the best possible browsing experience.

Types of Cookies

There are 2 types of cookies: Session Cookies and Persistent Cookies. Learn more about both:

Session Cookies: are stored in memory and not on your computer or device. They do not have an expiration date, so as soon as the web browser is closed and the session ends, the cookie is deleted.

Persistent Cookies: different from session cookies, these have an expiration date and are stored on the computer or device’s hard drive. The cookie expires on the date indicated and is only then deleted.

4.3. What Cookies does iN2 use?

When you use our website to browse our products and services and view the information we make available, various cookies are used by us and third parties to enable the website to function, collect useful information about visitors, and help make your user experience better.

Some of the cookies we use are strictly necessary for the operation of our website, and we do not ask for your consent to place them on your computer. These cookies are shown below.

• PHPSESSID – For Exclusive Use By The Browser In Order To Display The Website Correctly.

However, for cookies that are useful but not strictly necessary, we will always ask for your consent before placing them. These are:

• _fbp – Facebook collects data to serve you ads, offers and items of interest.
• _ga – Google collects data to serve you ads, offers and items of interest.

5. Your rights as a data subject

By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate. If we have asked for your consent to process your personal data, you can withdraw that consent at any time.

If we are processing your personal data on the grounds of consent or to perform a contract, you can ask us for a copy of the information in a machine-readable format so that you can transfer it to another provider.

If we are processing your personal data on the grounds of consent or legitimate interest, you can ask us to erase your data.

You have the right to ask us to stop using your information for a period if you believe we are not doing so lawfully.

Finally, in some circumstances, you can ask us not to make decisions affecting you using automated processing or profiling.

To submit a request about your personal data by email, post or telephone, please use the contact details provided above in the About Us section of this policy.

5.1. Your right to complain

If you have a complaint about our use of your information, we would prefer you to contact us directly so that we can address your complaint.

6. Updates to this privacy policy

We update this privacy policy from time to time, and as our services and use of personal data evolve. If we want to use your personal data in a way that you have not previously identified, we will contact you to provide information about this and, if necessary, ask for your consent. We will update the version number and date of this document each time it is changed.

Data Controller

Name: Josué Felipe Garcia
E-mail: lgpd@josuegarcia.com.br