At Guaporé Office, privacy and security are priorities and we are committed to transparency in the processing of our clients’ personal data. Therefore, this Privacy Policy establishes how the collection, use and transfer of information from customers or other people who access or use our website is carried out.

When using our services, you understand that we will collect and use your personal information in the ways described in this Policy, under the rules of the Federal Constitution of 1988 (art. 5, LXXIX; and art. 22, XXX – included by EC 115/2022) , Data Protection standards (LGPD, Federal Law 13,709/2018), consumerist provisions of Federal Law 8078/1990 and other applicable standards of the Brazilian legal system.

Therefore, Guaporé Serviços Contábeis Ltda. Office, hereinafter referred to simply as “Guaporé Office”, registered with the CNPJ under no. 14.233.794/0001-48, in the role of Data Controller, is obliged to comply with the provisions of this Data Policy Privacy.

1. What data do we collect about you and for what purpose?

Our website collects and uses some of your personal data in order to enable the provision of services and improve the user experience.

1.1. Personal data provided by the holder

• The “Contact/Work with us” link collects the data that the user fills in their CV, including personal data such as name, CPF, affiliation, address, telephone number, professional experiences, references, etc. This data is only stored after the user clicks on “Send”, and is kept for up to 5 (five) years in our CV database, and may be deleted by the user within a shorter period of time, at their discretion, or by the Office itself. , at the user’s request.

• In the “Client Area” link, the user must enter an email and password to access the interaction system between the office and its clients, and this may, at the client user’s discretion, be a personal email.

1.2. Personal data collected automatically

• This website does not collect personal data automatically.

2. Consent

It is based on your consent that we process your personal data. Consent is the free, informed and unequivocal expression by which you authorize Guaporé Office to process your data.

Therefore, in accordance with the General Data Protection Law, your data will only be collected, processed and stored with prior and express consent.

Your consent will be obtained specifically for each purpose described above, demonstrating Guaporé Office’s commitment to transparency and good faith towards its clients and users, following the relevant legislative regulations.

By interacting with the Guaporé Office and providing your personal data, you are aware of and consent to the provisions of this Privacy Policy, in addition to knowing your rights and how to exercise them.

At any time and at no cost, you may revoke your consent.

It is important to highlight that revoking consent for data processing may result in the impossibility of adequate performance of some functionality of the website that depends on the operation, such as deleting the login email for accessing the system.

3. What are your rights?

• The Guaporé Office guarantees its users/clients their rights as holders provided for in article 18 of the General Data Protection Law. This way, you can, free of charge and at any time:

• Confirm the existence of data processing, in a simplified manner or in a clear and complete format.

• Access your data, directly on the platform, or you can even request it in a readable copy in printed form or electronically, securely and appropriately.

• Correct your data, directly on the platform, or request it to be edited, corrected or updated.

• Limit your data when unnecessary, excessive or treated in non-compliance with legislation through anonymization, blocking or deletion.

• Request the portability of your data, through a registration data report that the Guaporé Office processes regarding you.

• Delete your data processed with your consent, except in cases provided for by law.

• Revoke your consent, denying the processing of your data.

• Find out about the possibility of not providing your consent and the consequences of refusal.

4. How can you exercise your rights as a holder?

To exercise your rights as a holder, you must contact the person in charge of the LGPD at the Guaporé Office (DPO) through the following available means:

• Telephone: (55) 3511-9300 extension 227

• Email: dpo@ Escritorioguapore.com.br

In order to guarantee your correct identification as the holder of the personal data subject to the request, we may request documents or other information that can prove your identity. In this hypothesis, you will be informed in advance.

5. How and for how long will your data be stored?

Your personal data collected by Guaporé Office will be used and stored for as long as necessary to provide the service or for the purposes listed in this Privacy Policy to be achieved, considering the rights of data holders and controllers.

Once the personal data has been stored for a period of time, it will be deleted from our databases or anonymized, except in the cases legally provided for in article 16 of the General Data Protection Law, namely:

I – compliance with legal or regulatory obligations by the controller;

II – study by a research body, guaranteeing, whenever possible, the anonymization of personal data;

III – transfer to a third party, provided that the data processing requirements set out in this Law are respected; or

IV – exclusive use by the controller, access by third parties is prohibited, and provided that the data is anonymized.

That is, personal information about you that is essential for complying with legal, judicial and administrative orders and/or for exercising the right to defense in judicial and administrative proceedings will be maintained, despite the deletion of other data.

The storage of data collected by Guaporé Office reflects our commitment to the security and privacy of your data. We employ technical protection measures and solutions capable of guaranteeing the confidentiality, integrity and inviolability of your data. In addition, we also have security measures appropriate to the risks and control access to stored information.

6. What do we do to keep your data safe?

To keep your personal information safe, we use physical, electronic and managerial tools aimed at protecting your privacy.

We apply these tools taking into account the nature of the personal data collected, the context and purpose of the processing and the risks that possible violations would generate for the rights and freedoms of the holder of the data collected and processed.

Among the measures we adopted, we highlight the following:

• Only authorized people have access to your personal data;

• Access to your personal data is only done after a commitment to confidentiality;

• Your personal data is stored in a safe and suitable environment.

The Guaporé Office is committed to adopting the best postures to avoid security incidents. However, it is necessary to highlight that no virtual environment is entirely safe and risk-free. It is possible that, despite all our security protocols, problems that are solely the fault of third parties may occur, such as cyber attacks by hackers, or also as a result of the negligence or recklessness of the user/client themselves.

In the event of a security incident that could create significant risk or damage for you or any of our users/clients, we will communicate to those affected and to the National Data Protection Authority about what happened, in accordance with the provisions of the General Data Protection Law. Data.

7. Who can your data be shared with?

In order to preserve your privacy, Guaporé Office will not share your personal data with unauthorized third parties.

However, there are other hypotheses in which your data may be shared, which are:

I – Legal determination, request, requisition or court order, with competent judicial, administrative or governmental authorities;

II – Case of corporate transactions, such as mergers, acquisitions and incorporations, automatically;

III – Protection of the rights of the Guaporé Office in any type of conflict, including those of a judicial nature.

7.1. International data transfer

Some of the third parties with whom we share your data may be located in or have facilities located in foreign countries. Under these conditions, in any case, your personal data will be subject to the General Data Protection Law and other Brazilian data protection legislation.

In this sense, the Guaporé Office is committed to always adopting efficient cybersecurity and data protection standards, in its best efforts to guarantee and comply with legislative requirements.

By agreeing to this Privacy Policy, you agree to this sharing, which will take place in accordance with the purposes described in this instrument.

8. Cookies or browsing data

The collection of information and data from our USERS occurs as they provide us, through access and use of the website, clicks on hyperlinks, interaction with the website’s applications and services, their preferences and references.

The Guaporé Office website only uses necessary, performance and functional cookies to perform activities that are essential to provide the service. No advertising, analysis or other cookies are used.

– Essential cookies: necessary for the platform to function correctly and perfectly provide the services that are available to our USERS. Therefore, under penalty of the platform malfunctioning, the website will not be able to efficiently provide all the tools or resources associated with it.

– Performance cookies: responsible for collecting anonymous information about how USERS use and interact with the platform and the tools provided.

– Functionality cookies: associated with the memory of the data provided, these cookies allow the platform to remember any choices made by the USER, directing them to the functions they may choose. It is responsible for providing better experiences and ensuring practicality for the USER. This information may also be associated with anonymized data, which will not track the USER’s activity outside the platform space.

As a rule, data will not be communicated to third parties, except in the case of cookies owned by other websites or due to legal obligation.

9. Changes to this Privacy Policy

The current version of the Privacy Policy was formulated and last updated on: June 6, 2024.

We reserve the right to modify this Privacy Policy at any time, mainly to adapt to any changes made to our website or in legislation. We recommend that you review it frequently.

Any changes will come into effect as soon as they are published on our website and we will always notify you of the changes that have occurred.

By using our services and providing your personal data after such modifications, you consent to them.

10. Responsibility

The Guaporé Office provides for the responsibility of agents who work in data processing processes, in accordance with articles 42 to 45 of the General Data Protection Law.

We are committed to keeping this Privacy Policy updated, observing its provisions and ensuring compliance.

Furthermore, we are also committed to seeking technical and organizational conditions that are safely capable of protecting the entire data processing process.

If the National Data Protection Authority requires the adoption of measures in relation to data processing carried out by the Guaporé Office, we undertake to follow them.

10.1 Disclaimer

As mentioned in Topic 6, although we adopt high security standards to prevent incidents, there is no virtual environment that is entirely risk-free. In this sense, the Guaporé Office is not responsible for:

I – Any consequences arising from the negligence, recklessness or incompetence of users in relation to their individual data. We guarantee and are only responsible for the security of the data processing processes and the fulfillment of the purposes described in this instrument.

We emphasize that the user is responsible for the confidentiality of access data.

II – Malicious actions by third parties, such as hacker attacks, unless culpable or deliberate conduct by the Guaporé Office is proven.

We emphasize that in the event of security incidents that may create significant risk or damage for you or any of our users/clients, we will inform those affected and the National Data Protection Authority about what happened and take the necessary measures.

III – Inaccuracy of the information entered by the user/client in the records necessary for the use of Guaporé Office services; Any consequences arising from false information or information entered in bad faith are the sole responsibility of the user/client.

11. Data Protection Officer

If you have questions about this Privacy Policy or the personal data we process, you can contact our Personal Data Protection Officer, Helmuth Grossmann Júnior, through the following channels:

dpo@ Escritorioguapore.com.br

(55) 3511-9300 extension 227