1. Introduction: Welcome to SellFlux! Your privacy is of utmost importance to us. At SellFlux, we are committed to protecting the personal data of our users, customers, and partners. This Privacy Policy describes how we collect, use, store, and protect your personal information, in compliance with the General Data Protection Regulation (GDPR) and other applicable legislation. Our mission is to provide you with a safe and transparent experience when using our services. We want you to clearly understand how we handle your personal data and what your rights are regarding this information. This policy applies to all visitors, subscribers, and former subscribers of our services. Please take a moment to read this Privacy Policy. If you have any questions or need further clarification, please do not hesitate to contact us through our customer service channels. By using our services, you agree to the terms and conditions of this Privacy Policy. Thank you for your trust and for the opportunity to assist you. 2. Subscription Service: SellFlux offers a subscription service, acting as a data processor. This means that our subscribers are responsible for the processing of data imported into our platform. It is therefore their responsibility to ensure that this data is processed and collected in compliance with current regulations and legislation. As a service provider, we provide the necessary infrastructure for our clients to manage their data securely and efficiently. 3. Privacy Policy Updates: This Privacy Policy is reviewed and updated periodically to ensure it remains compliant with applicable laws and regulations and to reflect any changes in our data processing procedures. The most recent version of this policy will always be published on our official website. We recommend that you review this policy regularly to stay informed about how we are protecting your information. 4. Data Collection We collect personal data from our users to provide a personalized and efficient experience on our platform. The information collected may include, but is not limited to, full name, email address, and phone number. This data is essential for user identification, communication, account recovery, sending notifications, newsletters and promotional materials, as well as direct contact for support and identity verification. Personal data is collected through various methods. First, when registering directly on our website, we request information such as name, email, and phone to create an account and allow access to our services. Additionally, on specific pages designed for data capture, such as newsletter subscription forms, exclusive content downloads, or events, users may be asked to provide personal information to complete the registration process. When users contact us through our service channels, such as chat, email, or phone, we may collect additional information necessary to resolve questions, provide technical support, or attend to other requests. Furthermore, we send satisfaction surveys to evaluate users' experience with our services. Responses to these surveys provide opinions, suggestions, and other information that help us continuously improve our products and service. We collect and process personal data to create more effective and targeted campaigns. The information collected includes name, email, phone number, which are obtained through subscription forms on our website, social media interactions, and responses to email marketing campaigns. This data allows for precise audience segmentation, content personalization, and measurement of the effectiveness of our marketing strategies, ensuring that our communications are relevant and engaging for each user. Our application uses Google Workspace data in a restricted manner and in compliance with the Limited Use Requirements for Google Workspace API User Data. Available in https://developers.google.com/workspace/workspace-api-user-data-developer-policy & https://developers.google.com/photos/support/api-policy We declare that our use of raw or derived data received from Google Workspace APIs is in full compliance with the Google Workspace API User Data Policy, including specifically the Limited Use requirements described in the policy. For Google Calendar integration, we access and synchronize your calendar events exclusively to provide scheduling functionalities within our platform. The data is used only to display, create, and manage calendar events as requested by the user, being processed securely and not shared with unauthorized third parties. You can revoke access to your Google data at any time by disconnecting from your account through our application or directly in your Google account. 5. Automatically Collected Information We automatically collect various information when you use our services, with the goal of improving user experience and optimizing our platform's performance. Among this information is the IP address, which we use to identify the origin of requests, helping to improve service security, detect and prevent fraud, and understand the geographical distribution of our users. We also collect data about the type of browser you use to access our services. This information is important for optimizing website compatibility, ensuring that all functionalities work correctly in different browsers and to improve website performance. Additionally, we identify your device's operating system to ensure compatibility of our software with the various systems used by our users, allowing us to resolve specific problems related to the operating system and provide a consistent user experience. We record the pages you access on our website to better understand your preferences and interests. This allows us to adjust our content and layout according to what is most relevant to our users, continuously improving the browsing experience. We also monitor the time you spend on our pages to evaluate the effectiveness of our content and determine which areas of the website are most useful or attractive to users, helping to identify areas that may need improvements or updates. Although we do not use our own cookies to collect information directly through our website, we use third-party cookies and similar technologies to improve your browsing experience. However, other platforms, such as Facebook, Instagram, and Google, may collect cookies and browsing data when you interact with our content on these platforms. We recommend that you consult the privacy policies of these platforms for more information about how they collect and use data through cookies and similar technologies. 6. Use of Information Your data is used for various purposes, always with the goal of offering a personalized, efficient, and secure experience on our platform. Among the main uses, we highlight: Ensuring contract execution: We use your data to fulfill our contractual obligations with you. This includes managing your account, providing contracted services, and communication about changes and updates related to the contract. Personalizing and improving our services: The information provided by you helps us adjust and improve our services according to your specific preferences and needs. This includes interface personalization, product and service recommendations, and content adjustments to make it more relevant. Conducting studies and lead mapping for marketing: We collect and analyze data to develop more effective marketing strategies and identify potential customers. This involves audience segmentation, behavior and preference analysis, and creating targeted campaigns that increase the efficiency and reach of our marketing actions. Transferring data between sectors and to third parties/partners: We share your data with other company sectors and external partners when necessary for contract execution and to offer an integrated and efficient service. This includes collaboration with service providers, business partners, and other entities involved in the supply chain. Service provision and transaction processing: We use your data to provide requested services and process all associated transactions, ensuring that financial operations are secure and accurate. Customer service: We respond to your emails, questions, comments, requests, and complaints, in addition to providing effective and personalized customer support. This includes technical assistance, problem resolution, and guidance on using our services. Usage monitoring and trend analysis: We analyze how our services are used to identify trends, personalize and improve your experience at SellFlux. This includes increasing the functionality and ease of use of our services. Administrative communications: We send confirmations, updates, security alerts, support, and administrative messages to facilitate your use and assist in the administration and operation of our services. These communications are essential to keep you informed about important aspects of your account and the services offered. Other specific purposes: We use your information for any other purpose that has been specifically communicated to you at the time of collection. This ensures transparency and clarity about the use of your data in specific contexts. 7. Acting as data processor (processing on behalf of clients when they subscribe and use Sellflux): Our product, the Subscription Service, allows our clients to create and share marketing, sales, and customer service content. When using our product, clients may collect Personal Data, such as name, surname, email, address, phone, or other information about you. We do not control the content of our clients' pages nor the types of Personal Data they choose to collect or manage using the Subscription Service. However, we indicate best practices for platform use and have an Acceptable Use Policy that provides for access blocking in case of misuse or transmission of illicit content. Data imported/collected from our clients is stored on our service providers' servers. We act as processors, following client instructions and automations, according to our policies, which prohibit us from using such data, except as required by law or necessary to provide the Subscription Service. Our clients control and are responsible for correcting, deleting, or updating data they process using the Subscription Service, as well as for complying with any regulations or laws that require notification, disclosure, and/or obtaining consent before transferring Personal Data to Sellflux for processing purposes. 8. Data Sharing: To ensure adequate provision of our services and compliance with legal and contractual obligations, your personal information is shared in some circumstances. Essential suppliers and service providers, such as data hosting companies, payment services, and technical support, have access to your personal information only to perform services on our behalf. They are contractually obligated to protect your information and maintain confidentiality, and cannot disclose or use it for other purposes. In compliance with legal requirements, we may share your information with authorities when required by law, or when we believe, in good faith, that such disclosure is necessary to comply with legal processes or respond to judicial requests, including subpoenas, legal warrants, or court orders. This sharing may also occur to cooperate with investigations, prevent illegal activities, or protect the rights, property, or security of our company, our users, and others. To improve our services, we use information in ads and data analysis tools. Advertising platforms, such as Google Ads and Facebook Ads, help us understand how users interact with our services and evaluate the effectiveness of our marketing campaigns. Information shared with these platforms is aggregated and de-identified, protecting your privacy while improving the efficiency of our marketing actions. Aggregated and de-identified information may also be shared with third parties for industrial analysis, demographic profiling, and other similar purposes. This information, which does not personally identify, is used to better understand market trends and user behavior, helping us improve our services and make strategic decisions based on robust data. Whenever you give us explicit consent, we share your information as agreed. This may occur, for example, when you agree to participate in surveys, promotions, or other activities that involve disclosing your information to third parties. This consent is obtained clearly and transparently, ensuring that you are fully informed about how your information will be used. To protect our rights and ensure that our users are aware and in compliance with our regulations and standards, we share information to comply with or enforce our privacy policy, our terms of use, and other policies or agreements. This ensures the integrity of our services and our users' trust in our platform. Finally, we emphasize that we are not responsible for the actions of service providers or third parties with whom we share information, nor for any additional information you provide directly to third parties. We recommend that you review the privacy policies of these third parties to understand how they handle your information. We ensure that any data sharing is performed with maximum care, always with the goal of protecting your privacy. 9. Information Security We adopt a comprehensive set of security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. First, we use two-factor verification to increase security in accessing our platforms, ensuring that only authorized users can access your accounts. Additionally, firewalls are implemented to monitor and control network traffic, blocking malicious access attempts to our systems. To mitigate risks related to compromised credentials, we require periodic password changes, encouraging the creation of strong and unique passwords. In access management, we apply the principle of least privilege, which means that users receive only the permissions strictly necessary to perform their functions, minimizing the risk of privilege abuse. We use data encryption both in transit and at rest, ensuring that information is encoded and accessible only to authorized individuals. To maintain the availability of our services, we implement anti-DDoS measures that protect against distributed denial of service attacks, ensuring that our systems remain operational even under attack. To protect our applications, we perform code obfuscation, making reverse engineering and vulnerability exploitation more difficult. Additionally, we conduct regular security tests, including SQL Injection tests and other forms of data manipulation, to identify and correct possible vulnerabilities in our systems. Finally, we adopt data replication to ensure information integrity. This process involves duplicating data across multiple servers, ensuring that, in case of server failure, data remains intact and accessible. These measures are continuously reviewed and improved to maintain our high security standards and compliance with GDPR, ensuring the protection and privacy of our users' data. 10. Data Subject Rights: As a data subject, you have several rights regarding your personal information, ensuring control and transparency over how your data is used. You have the right to access a copy of your personal data that we hold, including details about its use, the types of stored data, processing purposes, and possible sharing. If you identify that any information is incorrect, incomplete, or outdated, you can request correction to ensure that data is always accurate. Additionally, you can request deletion of your personal data, especially if it is no longer necessary for the purposes for which it was collected. You also have the right to withdraw your consent at any time, without affecting the legality of processing performed previously based on the given consent. Furthermore, you can object to the processing of your data without needing to present legitimate reasons, or request data deletion if processing is considered unlawful. You also have the right to request the transfer of your personal data to another organization or to yourself, in a structured, commonly used, and machine-readable format, facilitating data movement between different services. Additionally, you must be informed about the existence of any processing of your data, the objectives of this processing, the categories of processed data, recipients, and the retention period. If the processing of your personal data is not in compliance with legislation or if you do not want your data to be used for direct marketing, you can object to this processing. If there are legitimate reasons to continue processing that prevail over your interests, rights, and freedoms, these reasons will be evaluated. To exercise any of these rights, contact us through our customer service channels. We will analyze your request and respond within the established legal timeframes, ensuring that your rights are respected and that you have full control over your personal information. 11. Data Retention We retain your personal data only for the time necessary to fulfill the purposes described in this privacy policy or as required by law. The retention period varies depending on the nature of the data and the purposes for which it was collected. Your personal data will be maintained while there is an active contractual and commercial relationship, or while necessary to provide requested services and fulfill our legal, tax, and accounting obligations. Once the contractual relationship ends, your data may be maintained in our files only for the period required by law, respecting applicable prescription periods. In some cases, if data is no longer necessary for the purposes for which it was collected, but cannot be completely deleted due to legal or regulatory requirements, it will be blocked. Blocked data is stored securely and isolated, no longer being actively used until it can be safely deleted. We guarantee that all data retention and deletion practices are in compliance with current legislation, protecting your privacy and rights. If you want more information about specific retention periods or about how we manage your data, contact us through our customer service channels. 12. Contact If you have any questions, concerns, or requests related to our Privacy Policy or the processing of your personal data, feel free to contact our Data Protection Officer (DPO). We are here to help! DPO Name: Laura Freitas dos Santos Email: laura.santos@1app.com.br Phone: 51 99617-4120 Your privacy is important to us, and we are committed to protecting your information and responding to all your questions as quickly as possible. To ensure security and efficiency in handling your requests, we have a standard information request procedure that must be followed. This procedure is provided as an attachment. Follow the attachment instructions to send your request correctly and completely. Our team will analyze your request and respond within the established legal timeframes, ensuring that all your rights are respected.