Privacy Policy

In this privacy policy, we, LMX Digital Solutions LTDA CNPJ 54671352000106 headquartered at Av. Paraguassu 1865 Sala 813, Centro - Capão da Canoa / RS - 95555-000 (“LMX-Digital“), explain how we process your personal data when you visit our website and use our services.

We will ask for your consent to the use of cookies in accordance with the terms of this notice when you first visit our website.

Our website incorporates privacy controls that allow you to decide how we process your personal data. With these controls, you can specify whether you wish to receive direct marketing communications.

In this notice, you will find answers to the following questions:

1. How do we use your data?
2. When do we disclose your data to third parties?
3. How long do we keep your data?
4. What is our marketing policy?
5. What are your rights regarding personal data?
6. How do we use cookies?
7. Other matters you should be aware of?

If you have any questions or wish to exercise any of your rights under this notice, you can send your requests and questions through the means provided in the Talk to us section.

You can contact us about all privacy-related matters by email: [email protected]

All terms used in the LMX-Digital Terms and Conditions have the same meaning in this Privacy Policy.

In the event this Privacy Policy is translated into other languages and discrepancies exist between the English version and such translation, the English version shall prevail unless otherwise stated.

1. How do we use your personal data?
   1. This section provides the following information:
      1. categories of personal data we process;
      2. if personal data was not obtained directly from you, the source and specific categories of such data;
      3. the purposes for which we may process your personal data; and
      4. the legal bases for processing.
   2. We process data about your use of our website and services ("usage data"). Usage data may include your IP address, geographic location, browser type and version, operating system, referral source, duration of visit, page visits and website navigation paths, as well as information about the time, frequency and pattern of service use. We obtain this data through the use of cookies and similar technologies. We process this data to better understand how you use our website and services. The legal basis for this processing is our legitimate interest, namely to monitor and improve our website and services and tailor the services to the individual interests of each user.
   3. We process your account data ("account data"). Account data may include your name, email address, phone number and other data you provide when registering, as well as your purchase history. We obtain this data directly from you. We process account data to operate our website, provide our services, ensure the security of our website and services, and communicate with you. The legal basis for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract, as well as our legitimate interest, namely to monitor and improve our website and services.
   4. We process information related to the provision of services we offer you on our website ("transaction data"). Transaction data may include your contact details, bank account details and transaction details. Transaction data is processed to provide the purchased products and services and to maintain proper records of these transactions. The legal basis for such processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract and our legitimate interests, namely the proper administration of our website and business.
   5. We process information related to anti-money laundering measures ("AML data"). AML data may include address or residence, identification documents including your photo, documents about your source of wealth, utility bills and others. We are legally required to request this information to comply with "know your customer" obligations.
   6. We may process information you provide in order to subscribe to our email messages and newsletters ("message data"). Message data is processed to send messages and newsletters relevant to you. The legal basis for this processing is your consent. Additionally, if we have already sold you products or provided services on our website and you do not object, we may also process message data on the basis of our legitimate interest, namely to maintain and improve customer relationships.
   7. We may process information in relation to any communication you send us ("correspondence data"). Correspondence data may include the content of the communication and associated metadata. In the case of communication through our website, the website will generate metadata associated with communications made via the website’s contact forms. Correspondence data is processed in order to communicate with you and keep records. The legal basis for this processing is our legitimate interest, namely the proper administration of our website and business, ensuring a uniform and high-quality enquiry practice and investigating disputes between you and our employees.
   8. We may process any of your personal data identified in this notice when necessary for the formulation, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
   9. We may process any of your personal data identified in this notice when necessary to obtain or maintain insurance coverage, manage risk or obtain professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
   10. In addition to the specific purposes for which we may process your personal data set out in this section, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject or to protect your vital interests or the vital interests of another natural person.
2. When do we disclose your data to third parties?
   1. We may disclose your personal data to any member of our group of companies (including our subsidiaries, our ultimate holding company and all its subsidiaries) to the extent reasonably necessary for the purposes set out in this notice. This may include internal administrative purposes as well as the provisioning/sharing of IT or data centre services within the group.
   2. We may disclose your personal data to our insurers and/or professional advisers to the extent reasonably necessary to obtain or maintain insurance coverage, manage risk, obtain professional advice or to establish, exercise or defend legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
   3. We may disclose your personal data to our fraud prevention, risk and compliance providers to the extent reasonably necessary to protect your personal data and comply with our legal obligations.
   4. We may disclose your personal data to our payment service providers. We will share transaction data with our payment service providers only to the extent necessary to process your payments, transfer funds and manage complaints and queries related to such payments and transfers.
   5. We may disclose your personal data to other service providers to the extent reasonably necessary to provide specific services (including server and maintenance providers, email service providers). We take all necessary steps to ensure that such subcontractors implement appropriate organisational and technical measures to ensure the security and privacy of your personal data.
   6. We may share encrypted data with Google to enable measurement and reporting of online conversions generated by interactions with Google ads. Google will maintain the confidentiality and security of your data using the same industry-leading standards it uses to protect the data of its own users. For more information about Google’s enhanced conversion data, you can visit their advertising policy here.
   7. In addition to the specific personal data disclosures set out in this section, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject or to protect your vital interests or the vital interests of another natural person.
   8. The persons listed in this section may be located outside the United Kingdom, the European Union and the European Economic Area. If we transfer your personal data to such persons, we will take all necessary measures indicated in legal acts to ensure that your privacy remains adequately protected, including, where applicable, the signing of standard contractual clauses for data transfer. For more information about appropriate security measures, you can contact us by email: [email protected]
3. How long do we keep your data?
   1. Personal data we process for any purpose or purposes will not be kept for longer than is necessary for that purpose or those purposes. In any case, they will be kept for a maximum of:
      1. Account data will be kept for a maximum of 5 (five) years after your last account update;
      2. Transaction data will be kept for a maximum of 10 (ten) years after the completion of the provision of services;
      3. AML data will be kept for as long as necessary to comply with related legal requirements;
      4. Message data will be kept while your account is active, unless you withdraw your consent beforehand;
      5. Correspondence data will be kept for a maximum of six (6) months after the end of such communication.
   2. In some cases, it is not possible to specify in advance the periods during which your personal data will be kept. That is, usage data will be kept for as long as necessary for the relevant processing purposes.
   3. Without prejudice to the other provisions of this section, we may keep your personal data where such retention is necessary for compliance with a legal obligation to which we are subject or to protect your vital interests or the vital interests of another natural person.
4. Marketing messages
   1. If you give your consent, we will send you marketing messages by email and/or leave a notification in an account to inform you about our news.
   2. Additionally, if we have already provided you with services and you do not object, we will inform you about other products that may interest you, including other related information.
   3. You can opt out of receiving marketing messages at any time.
   4. You can do the following:
      1. choose the relevant link in any of our marketing messages;
      2. contact us by the means provided in the Talk to us section.
   5. Once you have taken any of the provided actions, we will update your profile to ensure you do not receive our marketing messages in the future.
   6. Please note that since our business activities consist of a network of closely related services, it may take a few days before all systems are updated, so you may continue to receive marketing messages while we are still processing your request.
   7. Voluntary opt-out from marketing messages will not prevent you from receiving messages directly related to the provision of services.
5. Your rights
   1. In this section, we have summarised the rights you have under data protection laws. Some of the rights are complex, so we only provide the main aspects of such rights. Therefore, you should read the relevant laws and regulatory authority guidelines for a full explanation of these rights.
   2. Your other main rights under data protection law are as follows:
      1. the right of access to data;
      2. the right of rectification (please note you can exercise most of this right by logging into your account here;
      3. the right to erasure of your personal data;
      4. the right to restrict the processing of your personal data;
      5. the right to object to the processing of your personal data;
      6. the right to data portability;
      7. the right to lodge a complaint with a supervisory authority; and
      8. the right to withdraw consent.
   3. The right of access to data. You have the right to confirm whether we process your personal data and, if we do, to access the personal data, along with certain additional information. This additional information includes details about the purposes of processing, the categories of personal data involved and the recipients of the personal data. Provided that the rights and freedoms of others are not affected, we will provide you with a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.
   4. The right of rectification. You have the right to correct any inaccurate personal data about you and, taking into account the purposes of processing, to complete any incomplete personal data about you.
   5. In some circumstances, you have the right to have your personal data erased. These circumstances include when: (i) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (ii) you withdraw consent to processing based on consent and there is no other legal basis for processing the data; (iii) you object to processing in accordance with certain rules of applicable data protection laws; (iv) the processing is for direct marketing purposes; or (v) the personal data has been processed unlawfully. However, there are exclusions to the right of erasure. Such exclusions include when processing is necessary: (i) for the exercise of the right to freedom of expression and information; (ii) to comply with our legal obligation; or (iii) for the establishment, exercise or defence of legal claims.
   6. In some circumstances, you have the right to restrict the processing of your personal data. These circumstances are those in which: (i) you contest the accuracy of the personal data; (ii) the processing is unlawful, but you oppose erasure; (iii) we no longer need the personal data for our processing purposes, but you need the personal data for the formulation, exercise or defence of legal claims; and (iv) you have objected to processing, pending verification of this objection. In cases where processing has been restricted for this reason, we may continue to store your personal data, but will only process such data otherwise: (i) with your consent; (ii) for the establishment, exercise or defence of legal claims; (iii) for the protection of the rights of another person; or (iv) for reasons of important public interest.
   7. You have the right to object to the processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for processing is that processing is necessary for: the performance of a task carried out in the public interest or for the purposes of the legitimate interests pursued by us or a third party. If you object, we will stop processing the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the formulation, exercise or defence of legal claims.
   8. You have the right to object to the processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you object, we will stop processing your personal data for this purpose.
   9. You have the right to object to the processing of your personal data for scientific or historical research or statistical purposes based on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
   10. Right to data portability. To the extent that the legal basis for our processing of your personal data is:
       1. consent; or
       2. performance of a contract or steps taken at your request prior to entering into a contract, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it adversely affects the rights and freedoms of others.
   11. If you believe that our processing of your personal data infringes data protection laws, you have the legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
   12. To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before withdrawal.
   13. In addition to the specific measures set out in this section or on the Website, you may also exercise any of the rights set out here by contacting us through the Talk to us. section.
6. About cookies
   1. Cookies are small text files containing an identifier that is sent by a web server to your browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
   2. Cookies typically do not contain any information that personally identifies a user, but the personal information we store about you may be linked to the information stored and obtained from cookies.
7. Cookies we use
   On our website, we use four main types of cookies, for the following purposes:
   1. Necessary cookies: these cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the website will not then work.
   2. Analytical cookies: these cookies allow us to count visits and traffic sources so we can measure and improve the performance of our website. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our website.
   3. Preference cookies: these cookies enable a website to remember information that changes the way the website behaves or looks, such as your preferred region.
   4. Marketing cookies: these cookies may be set through our website by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other websites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
8. Cookies used by our service providers
   
   1. Our service providers use cookies and these cookies may be stored on your computer when you visit our website.
   2. We have agreements with other parties who place cookies through our platform. However, we cannot fully control what they do with your cookies, so please see below a list of third-party cookies we use and their privacy statements.
   3. This list is subject to change.
      1. Google Analytics, AdWords and DoubleClick https://www.google.com/policies/privacy/
      2. Facebook https://www.facebook.com/policies/cookies/
      3. Retail Rocket – Real-time website adjustment to user needs
      4. Hotjar: user research, funnel analysis, screen recordings, https://www.hotjar.com/legal/policies/privacy
      5. Chat - Fresh Desk https://www.freshworks.com/privacy/
      6. Visual Website Optimizer (VMO) https://vwo.com/privacy-policy/
9. Enabling, disabling and deleting cookiesYou can find more information on how to enable, disable and delete cookies in the instructions and/or by using the help function of your browser.

   You can disable the use of cookies, but some parts of our platform may not function properly afterwards.

10. Google Analytics, AdWords and DoubleClick
    Through our platform, cookies are placed by the US company Google, as part of the "Analytics", "AdWords" and "Double Click" services. We use these services to track and report on how visitors use the platform and how they interact with the ads shown. Google may also transfer this information to third parties if required by law or if third parties process the information on behalf of Google. We have no influence over the use of data by Google and/or third parties. We allow Google to use analytical information from the data with other Google services. Please read Google's privacy policy (which may change frequently) to see what they do with your (personal) data processed through these cookies. The information Google collects is anonymous as far as possible. The information is transmitted and stored by Google on servers in the United States. Google states it adheres to the Safe Harbor principles and is affiliated with the US Department of Commerce Safe Harbor programme. This means there is an adequate level of protection for the processing of any personal data.
11. Facebook, Twitter and Google+
    Our platform includes buttons to promote web pages ("like") or parts ("tweet") on social networks such as Facebook, Twitter and Google+. These buttons operate through snippets of code from Facebook, Twitter and Google+. Through this code, cookies are placed. Please read the privacy statements of these companies (which may change regularly) to see what they do with your (personal) data processed through these cookies. The information they collect through these cookies is anonymous as far as possible. The information is transmitted through Twitter, Facebook and Google+ and stored on servers in the United States. Twitter, Facebook and Google+ state they comply with the Safe Harbor principles and are affiliated with the US Department of Commerce Safe Harbor programme. This means there is an adequate level of protection for the processing of any personal data.
12. How can cookies be managed?
    1. Most browsers allow you to refuse to accept cookies and to delete them. The methods to do so vary from browser to browser and from version to version. However, you can obtain up-to-date information on blocking and deleting cookies through the information provided on the relevant browser's website, for example, Chrome; Firefox; Internet Explorer; Safari.
    2. Blocking all cookies will negatively impact the usability of many websites.
    3. If you block cookies, you will not be able to use all the features of our website.
    4. You can adjust your cookie preferences by clicking on the Cookie Preferences link at the bottom of the page.
13. Third-party websites
    1. The LMX-Digital privacy policy does not apply to third-party websites linked to this platform. We cannot guarantee that these third parties use your personal data reliably and securely. We recommend that you read the privacy statements of these websites before using them.
    2. This list is subject to change.
       1. Facebook https://www.facebook.com/privacy/explanation
       2. Google https://www.google.com/policies/privacy/
       3. Mailgun https://www.mailgun.com/privacy-policy
       4. Cloudflare https://www.cloudflare.com/security-policy/
       5. Mailcamp https://www.mailcamp.nl/privacy-policy/
       6. Trustpilot https://legal.trustpilot.com/end-user-privacy-terms
       7. Cash Shield http://www.cashshield.com/privacy/
       8. Freshworks https://www.freshworks.com/privacy/
       9. Retail Rocket https://retailrocket.net/privacy/
       10. Visual Website Optimizer (VMO) https://vwo.com/privacy-policy/
       11. PayPal https://www.paypal.com/us/webapps/mpp/ua/privacy-full
       12. Trustly
       13. Paytrail tracking https://www.paytrail.com/en/data-privacy-notice
       14. BitPay https://bitpay.com/about/privacy
14. Personal data of children
    1. Our website and services are aimed at persons over 16 years of age or any other age permitted by the respective country's law that allows them to assume responsibility for obligations arising from contractual relationships and have full capacity to undertake legal actions.
    2. If we have reason to believe that we have personal data of a person under the permitted age in our databases without parental consent, we will delete such personal data.
15. Data update
    Please let us know if the personal information we have about you needs to be corrected or updated.
16. Changes to the notice
    Any changes to this notice will be posted on the website and, in case of significant changes, we may inform you by email.

Contact details

Data Protection Officer's email:

[email protected]