1. Presentation

We at Bemobi ("Bemobi") take your privacy very seriously. This privacy statement, which also includes our cookie policy, applies to websites bemobi.com, ri.bemobi.com, ethics channel and other websites of Bemobi and its controlled companies (“websites”). This privacy statement explains what data we collect, why we collect it and how we use it. It also provides information about the rights of holders of the personal data we collect. Bemobi is the controller of the processing of personal data on the websites. Bemobi owns or operates different services that may also process personal data, provided that specific privacy statements apply to these services. We always honor your decisions about how your data is used. We have safeguards in place to protect your data from loss, misuse, unauthorized access, disclosure, alteration or destruction.

When we post changes to this privacy statement, we will let you know the date on which the update was made.

2. What Data We Collect and Why We Collect This Data

When you visit the website, we collect certain information from the device you use and information about how you use the website. Information collected from the device includes:

• IP address and Device ID;
• the duration of your stay on the website;
• what content you read;
• scroll behavior, etc.

We use this information on an aggregated level to obtain information that allows us to develop and improve the website.

While you may use the website without revealing your identity, you may also choose to submit additional information to us, using web forms, applications or contacting us as provided on the website,
such as:

• yourName;
• Address
• Company Name
• Telephone
• e-Mail;

Files with personal data, such as your resume.

Any information you send us is only used to fulfill the purpose of your request.

The legal basis for our processing of your data will, in most cases, be Bemobi's legitimate interest in improving the website or processing your information to satisfy your request.

In addition, we may process your personal data in accordance with the following legal bases:

(a) when necessary to comply with legal and regulatory obligations;

(b) when necessary to enter into or perform the terms of your contract (for example, to provide contractual payments and benefits);

(c) your consent for the specific purposes that require such consent; and/or

(c) for the regular exercise of rights in judicial, administrative or arbitration proceedings.

3. Cookies

Your personal data may be processed through cookies and other technologies that we use to improve the user experience and make the most effective use of the service. For more information on the processing of data carried out by cookies, please consult our Cookies Policy, available here.

4. How Do We Protect Your Data?

We process your personal data in accordance with the current local Data Privacy Legislation, considering the European GDPR as a benchmark. We implement appropriate technical and organizational measures to protect your personal data from unauthorized disclosure, misuse and modification. We require our suppliers to adopt security measures and comply with the same laws and industry standards. Only Bemobi employees with specific needs have access to the data we collect. Our work procedures and internal compliance policies are designed to ensure that applicable regulations are strictly followed to maintain your privacy in accordance with applicable law.

5. How and When Do We Share Your Data?

The personal data provided by you, or those collected by our website, are not shared with third parties and serve exclusively to meet the legitimate interests of your request or to compose anonymous statistics about our products and services, however we may be asked to provide this sharing in the following cases:

• For government bodies and law enforcement agencies to comply with the law, for example, in court proceedings, by court order or other legal process.

• To third parties, whose sharing is in accordance with data protection legislation

• As eventually described elsewhere in this statement; and/or

• As otherwise permitted by applicable law or regulation.

As we are an international company with data centers around the world, if you are accessing a website from the European Union (EU) or European Economic Area (EEA), your data may be transferred to countries that have the same level of data data protection as in the EU/EEA. When we do, there will be an agreement in place to ensure that the recipient protects the data to EU/EEA-like standards or transfers it to Privacy Shield organizations (in the case of transfers between the US and EU countries ). You can find out more about data protection on the European Commission Justice website.

Likewise, it is possible for personal data to be transferred outside of your country to countries that have the same level of data protection laws as provided in the GDPR. When we do, we will use the legal bases provided for in the GDPR, such as standard contractual clauses or for countries recognized as adequate by the National Authority for Data Protection. In the absence of instructions from the National Authority, we may use the standard contractual clauses of the European Union or another jurisdiction.

6. Your Rights

In Brazil, you have the following guaranteed rights:

• Right of confirmation and access. You have the right, upon request, to be informed if there is any processing of personal data and, if so, you can request information about the processing of your personal data and a copy of the personal data processed, provided that such copying does not harm you.or affect the rights and freedoms of others.

• Right to rectification. You can request the correction of your personal data that is incorrect and/or the completion of data that is incomplete. We encourage you to update or correct your personal data if the data changes or if you believe that the personal data we hold about you is incorrect, inaccurate or out of date.

• Right to anonymization, blocking or deletion. You can request the anonymization, blocking or erasure of your personal data, in particular when (i) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, (ii) you object processing and there are no legitimate interests that substantiate processing, (iii) your personal data was processed illegally or (iv) your personal data must be deleted to comply with a legal obligation to which we are subject. The right to erasure, however, does not apply in particular when the processing of your personal data is necessary for the fulfillment of a legal obligation or for the establishment, exercise or defense of legal claims.

• Right to data portability. Youyou have the right for your personal data to be transmitted to another provider of services or products, limited to commercial or industrial secrets.

• Right to grant and withdraw consent. You have the right to grant your informed consent for the specific purpose and retention period and may withdraw your consent at any time using an opt-out function or by contacting us as provided in this privacy statement. The revocation will not affect the legality of the treatment based on the consent before its withdrawal. You can also request the deletion of your personal data processed with the consent of the data subject, except in situations provided for by law.

• Right to object. You also have the right to object to treatment carried out on the basis of one of the legal bases other than your consent, if there is non-compliance with the provisions of the LGPD.

• Right of revision. You have the right to request a review of decisions taken exclusively based on the automated processing of personal data that affect your interests, including decisions aimed at defining your personality, professional, consumer and/or aspects of your personality, if applicable.

• Right to information. You have the right to information about public and private entities with which we share your data.

• Right to file a complaint. You have the right to petition, in relation to your data, against the controller before the Brazilian National Data Protection Authority (“ANPD”), as well as consumer protection entities.

To exercise your rights, except for the right to petition, or if you have any questions about the processing of your personal data, please contact us, as provided below.

7. How long is my data stored?

We retain personal data only for as long as necessary to process it in accordance with the purposes described in this term or as necessary to comply with applicable laws. When your data is no longer necessary or relevant for our purposes, or required by applicable law, we take steps to delete, aggregate or anonymize it.

8. Privacy Committee

Bemobi has a Privacy Committee dedicated to ensuring the implementation of adequate protections when processing the personal information of our customers, employees and business partners. The committee is responsible for monitoring and reviewing our privacy policies and procedures, and ensuring that we are in compliance with applicable data privacy laws.

9. Term and updates

This Privacy Statement is effective as of its original posting on 03/31/2023 and may be updated from time to time. When that happens, we'll publish the new version and include the date of the last update.

10. Contact information

If you have any questions or concerns about this privacy statement, please contact us through our data channel:

or via email address:

Felipe Goldin