**PRIVACY POLICY**
**SECTION 1 – GENERAL INFORMATION**
This Privacy Policy contains information regarding the collection, use, storage, processing, and protection of the personal data of users and visitors of the buyleptofix.shop website. Its purpose is to demonstrate absolute transparency on the subject and clarify to all interested parties about the types of data collected, the reasons for collection, and how users can manage or delete their personal information.
This Privacy Policy applies to all users and visitors of the website and is part of the General Terms and Conditions of Use of the website , a company duly registered under CNPJ (National Registry of Legal Entities) No. 08921487/0001-57, located at João Maria Carmona 127 Street, São Paulo, Brazil, hereinafter referred to as Thiago Ramos Santiago ME.
This document was drafted in accordance with the Brazilian General Data Protection Law (Lei 13.709/18), the Brazilian Civil Rights Framework for the Internet (Lei 12.965/14), and the EU Regulation 2016/6790. Furthermore, the document may be updated due to any eventual regulatory changes, which is why the user is invited to consult this section periodically.
**SECTION 2 – HOW DO WE COLLECT USER AND VISITOR PERSONAL DATA?**
The personal data of the user and visitor are collected by the platform in the following ways:
*(Include a multiple-choice question with an “other” option)*
* **When the user creates an account/profile on the platform:** This data consists of basic identification information, such as email, full name, city of residence, and profession. From these, we can identify the user and visitor, as well as ensure greater security and well-being for their needs. Users and visitors are aware that their profile on the platform will be accessible to all other users and visitors of the platform.
* **When a user and visitor accesses the site pages:** Information about interaction and access is collected by the company to ensure a better user and visitor experience. This data may include keywords used in a search, the sharing of a specific document, comments, page views, profiles, the URL from which the user and visitor come, the browser they use and their access IPs, among others that may be stored and retained.
* **Through third parties:** The platform receives data from third parties, such as Meta and Google, when a user logs in with their profile from one of these sites. The use of this data is previously authorized by the users with the respective third party.
*Other*
**SECTION 3 – WHAT PERSONAL DATA DO WE COLLECT ABOUT THE USER AND VISITOR?**
The personal data of the user and visitor collected are as follows:
*(Include a multiple-choice question with an “other” option)*
* **Data for account/profile creation on the platform:** email, full name, city of residence, and profession.
* **Data for navigation optimization:** pages accessed, keywords used in searches, recommendations, comments, interaction with other profiles and users, followed profiles, IP address.
* **Data to complete transactions:** data related to payment and transactions, such as credit card number and other card information. Payments made are controlled by other partner companies such as Buygoods, Maxweb, Hotmart, Digistore, Webvork, and other companies in the affiliate marketing sector.
* **Newsletter:** The email registered by the visitor who chooses to subscribe to the Newsletter will be collected and stored until the user requests unsubscription.
* **Sensitive data:** The platform may collect the following sensitive data from the user: ethnic or racial origin, political opinion, religious conviction, genetic data, health-related data, sexual orientation.
* **Contract-related data:** In the event of formalization of a sales contract or service provision agreement between the platform and the user and visitor, data related to contract execution may be collected and stored, including communications carried out between the company and the user.
*Other*
**SECTION 4 – FOR WHAT PURPOSES DO WE USE THE USER AND VISITOR’S PERSONAL DATA?**
*(Include a multiple-choice question with an “other” option)*
The personal data of the user and visitor collected and stored by the platform are intended for:
* **User and visitor well-being:** improving the product and/or service offered, facilitating, expediting, and fulfilling the commitments established between the user and the company, improving user experience, and providing specific functionalities depending on the user’s basic characteristics.
* **Platform improvements:** understanding how the user uses the platform’s services to aid in business and technical development.
* **Advertising:** presenting personalized advertisements to the user based on the data provided.
* **Commercial:** Data is used to personalize the content offered and generate subsidies for the platform to improve the quality of service operation.
* **User profile prediction:** automated processing of personal data to evaluate usage on the platform.
* **Registration data:** To allow the user access to certain content on the platform, exclusive to registered users.
* **Contract data:** To provide legal security to the parties and facilitate the conclusion of the deal.
*Other*
The processing of personal data for purposes not provided for in this Privacy Policy will only occur upon prior communication to the user, so that the rights and obligations provided herein remain applicable.
**SECTION 5 – FOR HOW LONG IS PERSONAL DATA STORED?**
The personal data of users and visitors is stored by the platform for the period necessary to provide the service or fulfill the purposes set forth in this document, in accordance with item I of Article 15 of Law 13.709/18.
Data may be removed or anonymized at the user’s request, except in cases where the law provides otherwise.
Furthermore, users’ personal data may only be retained after the end of its processing in the following hypotheses provided for in Article 16 of said law:
I – compliance with a legal or regulatory obligation by the controller;
II – study by a research body, ensuring, whenever possible, the anonymization of personal data;
III – transfer to a third party, provided that the data processing requirements set forth in this Law are respected;
IV – exclusive use by the controller, with access by third parties prohibited, and provided the data is anonymized.
**SECTION 6 – SECURITY OF STORED PERSONAL DATA**
The platform undertakes to apply the technical and organizational measures capable of protecting personal data from unauthorized access and situations of destruction, loss, alteration, communication, or dissemination of such data.
Credit card data is encrypted using “secure socket layer” (SSL) technology, which guarantees secure and confidential data transmission, so that data transmission between the server and the user occurs in an encrypted manner.
The platform is not exempt from liability due to the exclusive fault of a third party, such as in the case of hacker or cracker attacks, or the exclusive fault of the user, such as when they themselves transfer their data to third parties. The site undertakes to notify the user in the event of any breach of security of their personal data.
Stored personal data is treated confidentially, within legal limits. However, we may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
**SECTION 7 – DATA SHARING**
The sharing of user data occurs only with data related to publications made by the user themselves; such actions are shared publicly with other users.
The user’s profile data is shared publicly in search systems and within the platform, with the user allowed to modify this setting so that their profile does not appear in the search results of such tools.
**SECTION 8 – WILL THE STORED PERSONAL DATA BE TRANSFERRED TO THIRD PARTIES?**
Personal data may *(not)* be shared *(with third parties)* except with the partner companies mentioned above.
The indicated third parties receive the data to the extent necessary to allow them to perform the contracted services.
Regarding third-party service providers such as payment transaction processors, we inform you that each has its own privacy policy. Therefore, we recommend reading their privacy policies to understand what personal information will be used by these providers.
*(If transfer to other countries)*
Providers may be located or have facilities located in different countries. Under these conditions, transferred personal data may be subject to the laws of the jurisdictions in which the service provider or its facilities are located.
By accessing our services and providing your information, you are consenting to the processing, transfer, and storage of this information in other countries.
When you are redirected to a third-party application or website, you will no longer be governed by this Privacy Policy or our platform’s Terms of Service. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
**SECTION 9 – COOKIES OR BROWSING DATA**
Cookies refer to text files sent by the platform to the user’s and visitor’s computer and stored there, containing information related to website navigation. This information is related to access data such as location and time of access and is stored by the user’s and visitor’s browser so that the platform server can read it later to customize the platform’s services.
The user and visitor of the platform acknowledge and accept that a system for collecting browsing data through the use of cookies may be used.
The persistent cookie remains on the user’s and visitor’s hard drive after the browser is closed and will be used by the browser on subsequent visits to the site. Persistent cookies can be removed by following your browser’s instructions. The session cookie is temporary and disappears after the browser is closed. It is possible to reset your web browser to refuse all cookies; however, some platform features may not work properly if the ability to accept cookies is disabled.
**SECTION 10 – CONSENT**
By using the services and providing personal information on the platform, the user is consenting to this Privacy Policy.
Upon registration, the user acknowledges and can exercise their rights to cancel their registration, access and update their personal data, and guarantees the veracity of the information provided by them.
The user has the right to withdraw their consent at any time. To do so, they must contact us via email at contato@trsxdigital.com.br.
**SECTION 11 – CHANGES TO THIS PRIVACY POLICY**
We reserve the right to modify this Privacy Policy at any time, so it is recommended that the user and visitor review it frequently.
Changes and clarifications will take effect immediately upon their publication on the platform. When changes are made, users will be notified. By using the service or providing personal information after any modifications, the user and visitor demonstrate their agreement with the new rules.
In the event of a merger or sale of the platform to another company, user data may be transferred to the new owners so that the services offered can continue.
**SECTION 12 – JURISDICTION FOR RESOLVING DISPUTES**
For the resolution of disputes arising from this instrument, Brazilian law shall be fully applied.