Privacy Policy

1 – INTRODUCTION

This Privacy Policy (“Policy”) is applicable to all services offered by FASTPAY PLATAFORMA DE PAGAMENTOS LTDA., a private law entity registered under CNPJ nº 50.288.619/0001-11, with headquarters located at Rua Manhumirim, 466 , Carlos Prates, CEP 30.720-070, Belo Horizonte – Mg.

In order to protect your privacy and guarantee the freedom and exercise of data subject rights, FASTPAY presents this Privacy Policy. This document aims to provide clear and objective information about the collection, processing and storage of personal data necessary to provide its services.

The holder of personal data declares to be aware of this Policy and provides explicit consent to the Processing of their Personal Information by FASTPAY. If you do not agree with the Processing of your Personal Information, as established in this Policy, you must refrain from using FASTPAY services.

If the user is a Legal Entity, some conditions established in this Policy may not be applicable, in accordance with Law 13,709/2018.

2 – CONCEPT

Without prejudice to other definitions contained in this Policy, the words and expressions indicated below, whenever used with the first letter capitalized, will have the following definitions:

LGPD: General Data Protection Law, Brazilian legislation no. 13,709/2018, which regulates the treatment, protection and privacy of Personal Data. This legislation establishes important and mandatory guidelines for the collection, processing and storage of personal data.

Holder of personal data: any natural person to whom the data that is subject to processing refers.

Personal Data: personal information that can be associated with an identified or identifiable natural person. Examples of personal data include full name, address, telephone number, email, bank details, date of birth, affiliation and number of official documents (for example, Identity Card – ID, passport, CPF/MF, among others) .

ANPD: National Data Protection Authority, federal public administration body responsible for ensuring, implementing and monitoring compliance with the LGPD.

Processing: any operation carried out with personal data, such as those relating to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication , transfer, diffusion or extraction.

Data controller: person appointed by the controller and operator to act as a communication channel between the controller, data holders and the National Data Protection Authority (ANPD).

3 – PERSONAL DATA PROCESSED BY FASTPAY AND ITS PURPOSES

FASTPAY attaches great importance to your trust and undertakes to treat personal data collected in full compliance with legal precepts, good faith and the strict principles of purpose, suitability, necessity, free access, data quality, transparency, security , prevention, non-discrimination, responsibility and accountability.

The collection of Personal Data may vary depending on the type of User interaction with the website. This personal data may be collected directly from the User or automatically. Personal data collection may occur through the following methods:

System accreditation data: include full name, company name or company name, CPF/MF number, telephone number, residence address or headquarters, affiliation, email address;

Execution of the service provided by FASTPAY: involves identifying the bank account held by the user, including the name and number of the banking institution, branch number and current account or savings account number;

Recruitment and selection of candidates: includes name, photo, email, contact details and career-related information;

Support service: includes the name, email, CPF and other information related to the question or demand addressed to Fastpay;

Digital marketing targeting: covers name, email and telephone;

Platform access record: encompasses information such as date and time of use of the Platform from a specific IP address, including access cookies;

In addition to the purposes mentioned above, FASTPAY may collect personal data to:

Develop and improve products and services;
Comply with legal and regulatory obligations;
Prevent fraud and ensure customer safety;
Provide products and services requested on the Site.

FASTPAY may also obtain Personal Information from private databases based on its legitimate interest and to comply with regulatory and contractual obligations. The organization’s website and internet services may use device information, technical usage data and user geographic location.

4 – SHARING OF PERSONAL DATA

The holder’s personal data may be shared for the following purposes:

Partners and suppliers: to ensure the provision of contracted services;
Competent authorities: when requested to investigate illicit conduct;
Protection of FASTPAY’s interests: in cases of conflicts, including legal actions;
Corporate operations: in situations involving FASTPAY, such as mergers, spin-offs, acquisitions or incorporations of companies.

In the sharing process, all appropriate technical and organizational measures will be adopted to guarantee the privacy, confidentiality and integrity of the information. Furthermore, those involved in this processing process will always be required to comply with the same security and Personal Data protection guidelines required by law.

5 – GUIDELINES FOR STORAGE AND DELETION OF PERSONAL DATA

The company may store the holder’s personal data and other information when there is a legitimate interest of FASTPAY and to comply with legal requirements or determinations of the competent authorities. In these cases, FASTPAY will contact the data subject directly.

Initially, personal data related to registration will be maintained as long as the user maintains an active registration and uses FASTPAY services. However, this data may also be retained even after the USER stops using FASTPAY services for the following reasons:

Maintaining records of operations carried out in the National Financial System;
Compliance with legal and regulatory obligations;
Production of evidence;
Meeting the deadlines determined by law, in accordance with the provisions of the Central Bank of Brazil.

This additional information and documents may be stored by FASTPAY for a period of 10 (ten) years after the end of the provision of services, as provided for in art. 3rd, sole paragraph of Resolution 179/2022 and in art. 61, I and II of Circular no. 3,978/2020, both from the Central Bank.

6 – THE RIGHTS AND RESPONSIBILITIES OF THE DATA SUBJECT

The LGPD seeks to empower and grant more autonomy to the holder of personal data, establishing, in its Article 18, a set of rights to be exercised by the data subject. These rights include:

Confirmation of the existence of personal data processing;
Access to personal data;
Correction of incomplete, inaccurate or outdated personal data;
Anonymization, blocking or deletion of unnecessary, excessive or processed data that does not comply with the LGPD;
Deletion of personal data processed with consent;
Knowledge of the companies with which FASTPAY shared and/or who received your personal data;
Request for information about third parties who shared and/or received your personal data;
Right to consent or not to certain data processing, with the exception that this may prevent the execution of certain processes of interest;
Revocation of consent;
Request for review of automated decisions;
Portability to other service providers and right to petition before the National Data Protection Authority (ANPD);
Right to contact and/or file a complaint with the National Data Protection Authority (ANPD) regarding FASTPAY’s data protection and privacy practices.

If you wish to exercise any of these rights, please contact us via email [email protected].

Furthermore, it is up to the holder of personal data:

Insert true information on the FASTPAY website;
Maintain the confidentiality of your account and password;
Comply with all determinations and procedures established in this Policy.

7 – SAFETY MEASURES

Personal Information collected by FASTPAY is stored on secure servers, using cryptographic mechanisms and implementing constantly updated information security measures. This information will be kept confidential, and all possible measures will be taken to protect it against loss, theft, misuse, alteration and unauthorized access.

FASTPAY employs advanced security standards, which include firewalls, antivirus and other software designed to protect against hacker intrusions and prevent leakage of stored personal information.

Despite FASTPAY’s efforts to protect the Platform, it is the holder’s responsibility to protect and maintain the privacy of their registration and personal information. FASTPAY is not responsible for personal data shared by the user with third parties or that third parties become aware of due to lack of care on the part of the holder.

In the event of a suspected or confirmed violation of the Platform or loss of the user’s personal data, FASTPAY will dedicate its best efforts to eliminate or reduce the risk of harm to the USER. Furthermore, FASTPAY will inform those potentially affected and the competent authorities about what happened, the possible risks and the measures necessary to avoid such damage.

8 – POLICY CHANGES

FASTPAY reserves the right to make corrections, modifications or additions to this Privacy Policy at any time. To ensure transparency, FASTPAY undertakes to make the most recent version of the Policy available on its website, accompanied by the date of preparation of the new document.

9 – CONTACT

To clarify any doubts related to this Privacy Policy or to make requests regarding USER rights, please contact the person in charge of FASTPAY data processing, via the following email: [email protected].

FASTPAY PLATAFORMA DE PAGAMENTOS LTDA.