Attachment to the Terms of Use of Crédito Social
01 – Application of the Privacy Policy
1.1 – In compliance with applicable laws and regulations, this Privacy Policy covers the Crédito Social Mobile App and Website, with the objective of presenting and explaining practices related to the collection, use, treatment, storage, protection, and security of data by Crédito Social.
02 – Data collect
2.1 – In addition to Personal Data and Financial Data, defined in Item 03 – Glossary of Terms of Service, Crédito Social will collect User Access Data.
2.2 – Access Data comprises:
Information collected from Users when using the Website: includes, among others, characteristics of the access device and the User’s access browser; origin and address of the Internet Protocol (IP); date and time of access; the User’s location; and the actions of the User on the Website
Information collected from Users when using the Application: includes, among others, the model of the mobile device and the operating system used for access, including the Device ID; Internet protocol (IP) address; date and time of access; Mobile App version; User connection provider; User location; and the User’s actions on the website.
Communication between the User and Crédito Social: includes any communications between Crédito Social and User by email, phone, chatbot, social networks and / or messenger (WhatsApp, Telegram, among others).
Cookies: as provided in item 7 of this Privacy Policy.
03 – Use of collected data
3.1 – Social Credit uses the data collected for the following purposes:
| Operation of Crédito Social | All data collected is used to maintain and improve the operation of the Mobile App / Website, as well as its activities, initiatives, products, services, and features, seeking to offer the best user experience, for example, to (i) automatically synchronize the accounts connected by the User keeping their Financial Data updated; (ii) develop new features; (iii) perform generic or anonymous statistics to monitor the use of Social Credit; (iv) verify the protection of Crédito Social against errors, fraud, or any other electronic crime; (v) offering products and services that fit the User’s profile.Crédito Social Credit may access the Financial Data of the User to provide assistance when the User needs it, for example, to understand the reason for any problem of importing bank account data to the Software. |
| Communication with Users | Crédito Social may call Users and / or send messages, emails, or notifications with alerts and communications in order to help them explore all Crédito Social features, including, but not limited to, carrying out financial planning, inclusion of features, reminders of use of the Website / Mobile App, recommendation of products and services from Partners, among others. |
| Financial Analysis | Crédito Social may process its Financial Data of the User in a coded and automated way, using Software, in order to generate general non-individualized financial information and statistics (“General Data”), as well as to make the financial analysis of the User and prepare its Credit Score. This analysis may depend on obtaining the Financial Data of the User, as well as other information available in databases, such as the Central Bank’s Credit Information System (SCR) and credit bureaus (such as Boa Vista and Serasa). |
| Research and recommendation of products / services | Crédito Social may process the data collected for research purposes, as well as to identify Users’ needs, and develop features and / or recommend products and services that fit their profile, whether provided by Crédito Social or by Partners. . |
04 – How Crédito Social Social Credit uses data to recommend products
4.1 – Crédito Social may, in an automated and coded way, process the Personal and Financial Data collected to recommend products and / or services from Partners that fit the User’s profile.
4.2 – In order for Crédito Social to be able to analyze the User profile in an automated way and, consequently, recommend products that help it in its financial management, it is important that the processed data are up to date, with Crédito Social being able to consult information kept in public databases or outsourced and carry out periodic automatic updates of the Financial Data of Users inserted in the Mobile App and / or Website.
4.3 – Crédito Social will not transmit your data to Partners without your authorization (see item 6 of this Privacy Policy), but remember that if the User clicks on an advertising link / banner or in any way accepts to be directed to the Website / Mobile App of a third party, the User will no longer be subject to the Terms of Use or the Crédito Social Privacy
Policy.
4.4 – Our Partners may also use cookies (among other similar technologies) in order to offer, parameterize, and improve their marketing strategy. To better understand how this can happen, read item 7 of this Privacy Policy.
05 – How we store the collected information
5.1 – We consider the security of all data related to our Users to be our priority. Although any protection system is subject to defects and possible violations that can lead to data leakage, we always try to prevent this from occurring by adopting a high level of protection, certified by companies specializing in security..
5.2 – All identifiable data is stored in an encrypted form. The information is protected with SSL (Secure Socket Layer) technology so that the User’s data remains confidential. In addition, this technology aims to prevent information from being transmitted or accessed by third parties.
5.3 – For as long as the User maintains his Social Credit Account, all information collected will be synchronized, processed and stored on servers with high security standards, including servers located outside Brazil..
06 – Data sharing
6.1 – The data collected from the User may be shared with:
| User Authorization | Crédito Social will be able to share, as well as receive, your data with your consent or under your guidance. Such exchange of information may occur, for example, through a connection with a third party platform. |
| Related Companies | The data collected may be shared with companies that are part of the same economic group as Crédito Social, provided that such sharing is necessary for the purpose of maintaining and / or improving the provision of services offered to Users. In this context, any company that will have access to the data must adopt at least the same security levels used and guaranteed by Crédito Social to its Users. |
| Partners | In order to recommend to the User, in a personalized way, products and services offered by Partners, Crédito Social may share Personal Data with a Partner when such sharing is necessary for the offer or contracting of the product / service. Remember that Crédito Social Credit only recommends these products and services, therefore, sending user data to a Partner in some cases is necessary so that it can (i) check if the User is eligible for a service or product to be recommended by Crédito Social as, for example, a specific type of loan or credit card, and (ii) conclude the contract upon User request. Likewise, Crédito Social may receive from the Partner information about whether or not the product / service was contracted by the User, as well as other data related to the performance of the partnership, such as default and fraud cases. |
| Potential Partners | In order to establish new partnerships, Crédito Social will be able to share with potential Partners some information that is necessary for the realization of such partnership. The potential Partner will only be able to receive the information after signing a Confidentiality Agreement stating that the shared data will be used solely and exclusively for the purposes of establishing the partnership and will be destroyed if it does not happen. |
| Companies that provide services for Crédito Social | Social Credit may share data collected with third-party service providers to the extent that such information is necessary for the provision of the service, which is done under guidance and on behalf of Social Credit. These third-party service providers may have been hired to, for example, provide customer service, assist in resolving technical problems, perform information checking and fraud prevention, assess and manage risks, among others. |
| With third parties as permitted or required by law | Crédito Social may share data with third parties when permitted or required by law, for example, to comply with legal or regulatory obligations; for audit purposes; to investigate violations or comply with a provision of a contract entered into with the User; for credit protection; to comply with a court order, among others. |
6.2 – Crédito Social may disclose anonymized data, as well as analyzes prepared based on such information.
07 – Cookies
7.1 – Crédito Social uses cookies and similar technologies, such as pixels and tags, to certify that the services provided by Crédito Social are in accordance with the best standard expected by the User.
7.2 – The cookies collected by Crédito Social provide statistics only and will not be used for purposes other than those expressly provided for in this Privacy Policy and the Terms of Use.
7.3 – The following table explains what cookies are and how they are used:
| What is a cookie? | Cookie is a small file added to your device or computer to provide a personalized experience of accessing Crédito Social. |
| How does Crédito Social collect cookies? | Crédito Social uses companies specialized in advertising, inside and outside Crédito Social, such as Google and Facebook. By accepting this Privacy Policy, the User agrees with the collection of cookies by companies contracted by Crédito Social for this purpose. |
| What types of cookies does Crédito Social Credit? | Social Credit allows the collection of two types of cookies: saved and temporary.(i) A saved cookie is one that is inserted into the User’s access terminal (eg, computer, tablet, etc.) when the User enters his or her Crédito Social Account. This cookie is used to store information, such as name and password, so that the User does not have to log in whenever accessing Crédito Social.(ii) A temporary cookie is one that is used to identify a specific visit to the Crédito Social Site. These cookies are removed from the User’s access terminal (eg, computer, tablet, etc.) as soon as the user finishes using the browser and are used to store temporary information. |
| What are cookies used for? | Crédito Social uses cookies for several purposes, including:(i) marketing actions for remarketing. This feature allows us to reach Users or Website visitors to remind them to register with Social Credit or to easily access the platform again; and(ii) understand the usage behavior of the Website and Mobile App for better product development. |
| Is it possible to limit the collection of cookies? | Browsers in general allow the collection of cookies to be disabled. Thus, if the User does not change the cookie collection patterns of his browser, Social Credit will consider that the User agrees with the collection of cookies. Unfortunately, Crédito Social Website and Mobile App may not work as desired if cookie collection is disabled. |
08 – Publication of images and other information of the User in the Crédito Social Mobile App / Website
8.1 – With the prior and express authorization of the User, Crédito Social Credit may publish images and information made available by the User in the Mobile App / Site in order to publicize the experience and results achieved through the use of the Mobile App or other services offered by Crédito Social.
