Please make sure you have read and understood our “TERMS OF USE”, which consist of a contract signed between ACCESS.RUN S/A, a company duly registered under CPNJ: 28.761.657/0001-90 – and the user after the user has expressed “Acceptance”.

“ACCEPTANCE” is essential for any form of use of the ACCESS.RUN APPLICATION (AR platform). Registration as a User and/or use of the APPLICATION is not permitted for legally incompetent persons, as well as for those who do not fully agree with the Terms of Use and/or the Privacy Policy.
* Acceptance of the terms described below is absolutely essential for the use of the ACCESS.RUN platform;

By this instrument, on the one hand, you are the contracting party (“USER”), identified and qualified on the ACCESS.RUN System registration screen; and, on the other hand, as contractor, ACCESS.RUN S/A (AR), a private law legal entity, duly registered with the CNPJ/MF under number 28.761.657/0001-90, herein represented by its administrators in accordance with its Bylaws;

Whereas:

1. AR is a company operating in the technology market, providing solutions for access management and administration.

2. APP ACCESS.RUN is not responsible for information disclosed by PARTNERS/USERS and/or third parties. APP AR is only responsible for the technologies contained in the platform.

3. The USER, wishing to release access at the entrances, using the electronic tools of APP AR, has adhered to this instrument with the digital signature of the APP AR System Registration.

4. It is the user’s sole responsibility to verify all information before releasing access at accredited locations.

5. All features already described in these terms of use are subject to their availability in the app.

6. The responsibility for linking a guest or person to the units linked to the USER (access points) is exclusively the user’s own or the administrator of the superior unit with which that user lives.

1. Respect for the user

1.1. APP AR is obliged to keep confidential the information received from the USER, regarding access movements, invitations, personal data, device information or any other use of the APP AR Tools, for any person or company, and may not, under any pretext, use them for purposes other than the execution of this Agreement, disclose them, reveal them and/or reproduce them, without the express consent of the USER, being liable for moral and material damages resulting from such act.

1.2. The provision of access data to the managers of the higher units with which the USERS have relationships will not be classified as sending confidential information, e.g.: report of entry and exit movements to the person responsible for the security of a unit, condominium, company and others that this user may access.

2. Definitions of this agreement

2.1. Unless otherwise expressly provided or required by context, capitalized expressions in this Agreement, whether singular or plural, shall have the meanings specified below:

2.1.1. SHARED KEYS: keys of dependent users linked to the main user;

2.1.2. INVITATION: temporary permission for a user to access a specific location; a user to access a specific location;

2.1.3. USER: an individual, of legal age and capable, who has agreed to this Agreement by means of their digital acceptance in the APP AR System Registration;

2.1.4. UNITS: locations that users will be linked to access with shared keys or receive invitations.

2.1.5. SUPERIOR UNITS: group of units, e.g.: Condominium X, Tower W;

2.1.6. APP AR Tool: technologies available in APP AR, electronic applications or similar, owned by APP AR, used in the provision of services and made available to the USER for accessing locations that require control.

2.1.7. Registration on the APP AR platform: Form containing the USER’s data and through which the USER agrees, by digital signature, to the terms of this Agreement.

2.1.8. BANNER: personalized image when sending invitations. By electronically accepting this Agreement by clicking the “ok” button on the registration page, the USER will automatically be adhering to and agreeing to the terms and conditions of this Agreement
and any future amendments.

3. Related Services

3.1. APP AR may change, suspend or cancel, at its discretion, both in form and content, at any time, any of the APP AR Services or Tools, by notifying the USER by email or information on its APP AR website, electronic applications or similar, at least 10 (10) days in advance, allowing the USER to be fully aware of them.

3.2. The USER declares that he/she is aware that the Services are intended to facilitate the management of access and administrative information, as well as social tools, and are not to be confused with security services and that there is no possibility of carrying out such actions if necessary. The USER is not required to send the requested documents, however, if the USER does not send the required documents, APP AR reserves the right to cancel the registration at any time without prior notice.

4. Use of invitations

4.1. By joining the APP AR platform, the USER will have an account on the AR platform, under his/her ownership, however, he/she may only send invitations if authorized by the manager of his/her unit;

4.2. The USER declares that he/she is aware that he/she may only have a single digital identity under his/her ownership, and therefore, under no circumstances will APP AR accept the registration of new accounts linked to more than one cell phone number.

4.3. APP AR may request that the USER demonstrate and prove the user’s ownership;

5. Term

5.1. This Agreement is entered into for an indefinite period, coming into effect on the date the USER digitally signs the Registration on the APP AR platform.

5.2. This Agreement may be terminated, without any charge, by either Party, at any time, upon 10 (ten) days’ prior notice.

5.3. This Agreement shall be terminated immediately upon the declaration of bankruptcy or civil insolvency of either Party or the failure to comply with any of the obligations established in this Agreement.

5.4. If the termination of the Contract occurs due to the fault of the USER, it is hereby established that the USER will have access to the Services immediately blocked, and the AR APP may retain the information contained in the accounts linked to the USER.

5.5. This Agreement shall be terminated in the event of an unforeseeable event or force majeure that prevents the provision of the Services, in whole or in part, for more than 90 (ninety) consecutive days.

6. License to use the App AR tools

6.1. APP AR authorizes the USER to use the APP AR Tools, which are its property and ownership, during the term of this Agreement, under the terms and conditions set forth herein.

6.2. The USER is not permitted to (i) copy or transfer in any way, in whole or in part, under any modality, free of charge or for a fee, temporarily or permanently, the APP AR Tools, any of their functionalities or information contained therein; (ii) modify the characteristics of the APP AR Tools; (iii) create computer programs for use of the APP AR Tools; and (iv) copy in any way data extracted from the APP AR Tools, except for those related to the transactions of the USER’s Digital Wallet.

7. Intellectual property

7.1. The USER undertakes not to infringe any rights relating to trademarks, patents, industrial secrets or, even, property, representation and copyright rights, being responsible before APP AR and its partners for the obligations assumed herein, as well as not to use the name, trademark, logo or any type of distinctive sign thereof, without prior written consent, and any authorization received will be understood restrictively, exclusively for the purpose requested.

8. Confidentiality

8.1. The USER is fully aware that, by reason of the acceptance of this Agreement, APP AR will make available to the USER information and materials of a confidential nature, relating to the APP AR Tools or their use.

8.2. Confidential information is understood to be all information disclosed, directly or indirectly, by APP AR or its partners to the USER, regardless of whether or not it is expressly classified as “confidential”.

8.3. The USER undertakes to keep confidential information confidential and may not, under any circumstances, use it for any purpose other than the execution of this Agreement, disclose it, reveal it and/or reproduce it, without the express consent of APP AR, being liable for any moral and material damages arising from such act.

8.4. The USER declares to be aware of and authorizes APP AR to provide any information, even if related to his/her registration, made by the APP AR Tools, to public bodies, such as Police Stations and Public Security Departments, Civil, Military and Federal Police, Courts of Justice, Labor Courts and others.

8.5. The USER declares to be aware of and authorizes APP AR to use the information, even if confidential, to create a database, preserving the individuality and identification of each USER.

8.6. In order to improve the Services, APP AR may collect and use information about the performance of the Services, the computer and the use of the Services by the USER, preserving the individuality and identification of each USER.

8.7. The duty of confidentiality stipulated herein shall remain in force for an indefinite period, even after the termination of this Agreement, as long as the confidential information does not become public domain and maintains its harmful potential.

8.8. I hereby declare that I am aware that I may be available to receive/send invitations and access units, through all access technologies linked to the AR platform.

9. Responsibilities and declarations

9.1. The USER is responsible for the use of the APP AR Tools, under the terms of this Agreement, and undertakes to fully comply with applicable national legislation, the Rules and Policies of Use, Security and Privacy of APP AR and its commercial partners, available on the APP AR website, APP, electronic applications or similar made available by APP AR.

9.2. The USER undertakes to exempt APP AR and its partners from any litigation arising from the use of the APP AR Tools, with regard to the use of Digital Identity resources, as well as to indemnify them for any damages suffered as a result of such act.

9.3. APP AR will not be held responsible for failures, errors, interruptions, malfunctions, delays or other imperfections that may arise in the Services or APP AR Services, even if they are the responsibility of APP AR, its partners or the Establishment, not guaranteeing the provision of the Service uninterruptedly, without moments of unavailability or slowness, considering that such situations are foreseeable and possible to occur when dealing with technology services.

10. Modifications and revisions

10.1. This Agreement will be periodically reviewed by APP AR to adapt the provision of APP AR Services and the license to use APP AR Tools. APP AR may change this Agreement by deleting, modifying or inserting clauses or conditions, at its sole discretion.

10.2. Changes must be communicated to the USER by email or posted on the APP AR website, APP, electronic applications or similar made available by APP AR, at least 30 (thirty) days in advance, allowing the USER to have full knowledge and access to them.

10.3. Any advertising, marketing, awards, bonuses, incentives and the like may appear on the CUSTOMIZED BANNERS of each unit.

10.4. If the USER does not agree with the changes, he/she may terminate this Agreement without any burden or penalty, provided that he/she is not in debt to APP AR.

10.5. The USER’s continued use of the APP AR Tools will be interpreted as agreement and acceptance of the changes made, which will become fully applicable.

10.6. No amendment to this Agreement shall be considered valid unless made in the manner indicated in this clause or if expressly agreed upon by means of a written contractual amendment signed physically or electronically by the parties.

11. Access rules, self-access and reports

11.1. The access rules for sending invitations or accessing units are the sole responsibility of the administrators of the higher-level units.

11.2. The AR platform is not responsible for the information generated in its solutions, which is the sole responsibility of the users;

11.3. The AR platform may not modify the information contained in the access logs.

11.4. The AR platform undertakes to store access movements from the 12 hours prior to the time of the request; the rest are the responsibility of the higher-level units.

11.5. The AR platform does not guarantee self-access in cases where the cell phone and card recognition equipment is not connected to the internet and has a stable electrical supply of 110 or 220v;

11.6. The proper functioning of the AR platform is subject to the characteristics of each smartphone device, with BLE being a requirement for data transmission;

12. Final provisions

12.1. This Agreement does not create any exclusive right for the parties, nor any other right or obligation other than those expressly provided for herein, and any relationship, whether ostensible or remote, of partnership, joint venture or association between the parties is excluded, and neither of them is authorized to assume any obligations or commitments on behalf of the other.

12.2. The USER declares to be aware and agrees that, regardless of the location from which the Services are being used, the relationship between the parties will always be subject to Brazilian law.

12.3. Any tolerance by either party regarding any violation of the terms and conditions of this Agreement shall be considered mere liberality and shall not be construed as novation, invokable precedent, waiver of rights, tacit alteration of the terms and conditions of this Agreement, regardless of the location where the Services are being used, the relationship between the parties shall always be subject to Brazilian law.

12.3. Any tolerance by either party regarding any violation of the terms and conditions of this Agreement shall be considered mere liberality and shall not be construed as novation, invokable precedent, waiver of rights, tacit alteration of the contractual terms, acquired right or contractual alteration.

12.4. The nullity or invalidity of any of the provisions of this Agreement shall not imply the nullity or invalidity of the others, and the provisions considered null or invalid shall be rewritten in order to reflect the initial intention of the parties in accordance with the applicable law.

12.5. The court of the USER’s domicile is elected as competent to resolve any dispute arising from this Agreement.

Specific Conditions for the Protection of Personal Data (“Specific Conditions”)

1. Purpose
• The purpose of this Term of Commitment and Specific Conditions is to regulate the additional conditions related to compliance with Law 13,709/18 and legislation related to the protection of personal data and privacy (“LGPD”).

• If the User, when providing the services and/or supplying the products that are the subject of the Agreement, carries out Processing of Personal Data: (i) on behalf of the Contractor, as Operator, and/or (ii) through its own Processing decisions, linked to the guidelines set forth herein, as Controller, the User must follow the guidelines set forth in this Annex and in the LGPD.

• The Contractor will be the Controller of the Data provided and/or obtained by the Contractor and/or Data collected by the User on behalf of the Contractor. The User will be considered Controller with respect to its own Data and its Processing activities, being fully responsible for such Data and Processing, including with regard to any compensation due to the Contractor, the Holder and/or third parties.

• These Specific Conditions form part of the contract signed between the Contractor and the User (“Contract”) for all purposes, and the provisions contained herein shall prevail over any conflicting provisions on Data and Processing provided for in the Contract.

• Capitalized terms that have not been expressly defined in these Specific Conditions shall have the meanings attributed to them in the General Conditions or in the Formalization Term of this Contract.

2. Definitions
• For the purposes of these Specific Conditions, the terms below shall have the following definition:

• “Affiliate” means, in relation to any person, any other person that, directly or indirectly, Controls, is Controlled by it or is under common or shared Control with it. For the purposes of this definition only, “Control” means the power to permanently secure the majority of votes in the deliberations of the general meeting and to elect the majority of the directors of a company and the effective use of these
powers to direct the corporate activities and guide the functioning of the company’s bodies; • “Controller” has the meaning attributed to it in Law 13.709/18;

• “Data” means Personal Data, Sensitive Personal Data and information forwarded in any format by the Contracting Party or by third parties for the execution of the Agreement and/or Personal Data, Sensitive Personal Data and/or information that is used for the execution of the Agreement;

• “Personal Data” has the meaning attributed to it in Law 13.709/18;

• “Sensitive Personal Data” has the meaning attributed to it in Law 13,709/18;

• “Law” means any law, regulation, normative act, order, injunction, decree or subpoena of any court (including arbitration), of any instance, or authority applicable to the Parties and the Agreement;

• “Operator” has the meaning attributed to it in Law 13.709/18;• “Holder” has the meaning attributed to it in Law 13.709/18; and• “Processing” has the meaning attributed to it in Law 13.709/18.

3. Legal basis for the processing of your personal data
• We process your personal data on the grounds that such processing is necessary to promote legitimate interests (including: (1) providing effective and innovative Services to our users; and (2) detecting, preventing or addressing fraud or security issues in relation to the provision of our Services), except in the case where the fundamental rights and freedoms of the holder that require the protection of personal data prevail.

What personal data we process:
• Basic account data. You must submit your mobile phone number and your basic data (such as your name that will define the username) to create an AR account. If you do not provide this data, you will not be able to create an account to use our Services. Other information may be added to your account, such as a profile picture.

• Your Contacts. Use the contact upload feature to send us, if permitted by applicable laws, the phone numbers in your address book on a regular basis, both of USERS of our Services and of other contacts. If any of your contacts are not yet using our Services, we will manage this data in a way that ensures that your contacts cannot be identified by us.

• Upload photo. Use the photo upload feature to send us a personal image that will be used for access via a facial recognition device.

• Storage of facial recognition data. The image for facial recognition is stored in our database until the user requests its change or deletion. The image can be changed or deleted directly through the app in the “facial registration” menu. If the user requests the deletion of the account in the app, the facial recognition data linked to it will be deleted along with the account.

• Sharing of facial recognition data. This data will be used solely and exclusively for access to the linked units and will not be shared with third parties, following the guidelines specified in the general data protection law (LGPD).

4. Specific Obligations of the User
• Obligations related to all Data used under the Contract. With regard to the Processing and Data
used under the Contract, whether provided and/or obtained by the User or by the Contractor, the User
undertakes to:

• if the provision of services or supply of products involves the use of User Data, ensure that the Data
was and will be obtained and in any way processed lawfully, with an appropriate legal basis under the
terms of the LGPD, including for the purposes of sharing or processing within the scope and for the
purposes of this Contract;

• have sufficient mechanisms to ensure that the use of the Data will be carried out in accordance with
the LGPD, including observing, in cases of consent, the manifestation of revocability made by the
Holder;

• maintain the security and confidentiality of the Data, adopting security, technical and administrative
measures capable of protecting the Data from unauthorized access and from accidental or unlawful
situations of destruction, loss, alteration, communication or any form of inadequate or unlawful
processing;

• equip your environment with modern and efficient data protection and security technology, validated
with the Contractor;

• keep a record of Data Processing activities, logs and an audit trail and proof of the Processing
carried out, in accordance with the Contractor’s guidelines, if applicable;

• maintain a periodic evaluation of the Processing to ensure the security and quality of the object of
the Contract;

• provide, within the period requested by the Contractor, information, documents, certifications and
reports related to the Processing, in accordance with the Contractor’s guidelines; and

• assist the Contractor in preparing assessments and reports on the impact on Data protection and
other records, documents and requests required by Law or necessary for the Contractor.

• Obligations related to the Contractor’s Data. With regard to the Processing and Data provided and/or
obtained by the Contractor and/or Data collected by the User on behalf of the Contractor, the User
undertakes to:

• observe criteria, guidelines, deadlines, schedules, service levels, security measures, quality
standards and procedures set forth in this Agreement, in the Contractor’s policies or otherwise
requested by the Contractor;

• not use the Data, by any means or form, including in an individualized, aggregated and/or
anonymized form, for purposes other than those established in the Agreement and to the extent
necessary for the Processing;

• not share, transfer, commercialize or in any way allow access to the Data to Affiliates or third parties
not authorized by the Contractor within the scope of the Agreement;

• restrict access to the Data only to those who effectively need to access it in order to comply with this
Agreement and to the extent necessary for the Processing, also ensuring that those who, within the
limits and terms of this Agreement, have, or may have, access to the Data respect and maintain the
confidentiality and security of the Data, as well as observe the provisions of the Specific Conditions
and the Agreement;

• ensure unrestricted access to the Data by the Contractor and/or its Affiliates at any time;

• upon request and in accordance with the Contractor’s specific instructions, perform any action
related to the Processing of the Data, including its correction, deletion, anonymization and/or blocking
and send, within a maximum period of 3 days from the request or within a period to be defined by the
Contractor, confirmation of said action;

• notify the Contractor if there is a need for international transfer of the Data for the execution of the
Contract and/or the Processing provided for in the Contract, which may only occur with prior written
authorization from the Contractor and with the guarantee that all measures to protect the Data
Subjects’ data, including those provided for in these Specific Conditions, will be taken to carry out said
transfer; and

• when acting as an Operator, perform the Processing in accordance with the instructions provided by
the Contractor.

• After the end of the Processing and/or the Contract, or earlier if so requested by the Contractor, in
accordance with the deadlines and guidelines defined by the Contractor, the User must permanently
delete all Data and/or return the Data to the Contractor, including those sent to Subcontractors,
keeping their logs and other proof of deletion and/or return, which may be requested at any time by
the Contractor.

• Responding to requests from the Data Subject and requests arising from the Law. It is hereby stated
that the Contractor will be responsible for responding to requests from the Data Subjects and requests
arising from the Law with regard to the Data provided and/or obtained by the Contractor and/or Data
collected by the User on behalf of the Contractor. In such cases, the User is obliged to provide timely
information and documents and assist the Contractor, including through the adoption of appropriate
technical and organizational measures, so that the Contractor can comply with the rights of the Data
Subjects provided for in the LGPD and other applicable Laws.

• If the User, acting as an Operator, is required by Law or requested by the Data Subject to disclose,
alter, delete or perform any other Processing of the Data or to provide information or documents
relating to the Data, the Processing or this Agreement, the User must notify the Contractor
immediately, sending the documents and information necessary for the Contractor to be able to
defend itself or to respond in relation to said disclosure, alteration, deletion or other Processing, as
well as the provision of information or documents. The Contractor may request additional information
and measures from the User that it deems necessary, as well as carry out said disclosure, alteration,
deletion or other Processing on its own behalf. For the purposes of clarification, the obligations of this
clause will apply if there is no prohibition contained in Law. • With regard to the Data provided and/or
obtained by the User on its own behalf, the User itself shall be responsible for meeting the requests of
the Data Subjects and arising from Law.

• Subcontracting. The User undertakes not to subcontract individuals or legal entities to perform any
Service and/or other activities provided for in the Contract, except with prior written authorization from
the Contractor (“Prior Authorization”). To obtain Prior Authorization, the User shall provide the
Contractor with all information and provide all documents requested by the Contractor regarding the
subcontracting and the third party to be subcontracted (“Subcontractor”). Prior Authorization does not
exclude the User’s liability with regard to compliance with the Contract and the User shall be jointly
and severally liable for the obligations of its Subcontractors, including labor and social security
obligations, and for any damages and losses caused by them to the Contractor or third parties due to
the Services and/or other activities provided for in the Contract.

• The contractual relationship established with the Subcontractor must: (i) be formalized in writing
between the User and the Subcontractor, in the same manner as the Contract; (ii) meet all conditions
required by the Contracting Party for the provision of Services and execution of other activities
provided for in the Contract; (iii) impose on the Subcontractor responsibility for all obligations relating
to its employees and agents; (iv) impose on the Subcontractor the obligation to comply with all Laws
applicable to the activities performed within the scope of the provision of Services and execution of
other activities provided for in the Contract, including rules on the protection of personal data, privacy
and confidentiality; and (v) establish that the User will be fully responsible for the payment of any and
all amounts due to the Subcontractor, and that invoices will be issued in the name of the User.

5. Information Security
• In order to guarantee the confidentiality, integrity and availability of Data, upon becoming aware of
any and all information security incidents that occur in its own environment or in the environment of a
third party, under its responsibility, and that may compromise the Processing, the Data or its activities,
especially unauthorized access and accidental or unlawful situations of destruction, loss, alteration,
communication or any form of inadequate or unlawful processing, whether internal or for other clients
of the User (“Security Incident”), the User must:

• within a reasonable time, send written notification to the Contractor, respecting at least 48 hours in
advance of the deadline provided for by Law, if any, indicating in said notification, at least, (a) the
description and nature of the personal data affected; (b) information about the Data Subjects involved
or affected by the Security Incident; (c) an indication of the technical and security measures used to
protect personal data; (d) the risks related to the Security Incident; and (e) the measures that have
been or will be taken to reverse or mitigate the effects of the Security Incident (“Security Incident
Notification”);

• immediately adopt all necessary measures to identify and remedy the causes of the Security
Incident;

• comply with the guidelines that may be requested by the Contractor in relation to Security Incidents, including (a) obtaining evidence about the Security Incident and about the Data and/or Processing that may have been compromised, and evidence with data or information from other customers of the User must not be sent; and (b) implementing all risk mitigation strategies to reduce the impact of the Security Incident that occurred and/or the likelihood or impact of a similar incident; and

• preserve and protect the security of the Contractor’s service provision, Data and Processing.

• If the User has not sent the Security Incident Notification within the period provided for in this clause,
he/she must indicate the reasons why it was not possible to meet this deadline.

• The User acknowledges that the Contractor may share information regarding Security Incidents with
the Central Bank of Brazil, other regulatory entities and Holders, as well as other financial institutions,
as provided for by Law. Such actions shall not constitute a violation of any duty of confidentiality of the
Contractor.

• If the need for the Subcontractor to adapt to the Contractor’s information security requirements is
identified, the User shall facilitate with the Subcontractor the assessment of information security risks
by the Contractor and the adaptation of the Subcontractor’s environment.

6. Specific Penalties
• Without prejudice to losses and damages, if the User or any of its professionals or Subcontractors
breach any obligation of these Specific Conditions or the legislation on the protection of personal data,
privacy and confidentiality, the Contractor shall notify the User so that the latter may remedy the
breach within the period informed by the Contractor. If the User does not remedy said default within
the period granted, he/she may be subject to the payment of a fine, as provided for in this Specific
Penalties section.

• Without prejudice to losses and damages, the User may be subject to a daily fine (“Daily Fine”) of
the highest value between (i) R$3,000.00 (amount to be updated annually by the IGP-M from this
date); or (ii) the value corresponding to (a) 1% of the monthly average of the amounts paid under the
Contract to the User between the date of signing the Contract and the occurrence of the event, in the
event that the Contracting Party makes monthly payments to the User; or (b) 0.1% of the value
corresponding to the total amount paid under the Contract to the User divided by the number of
months of validity of the contract, in the event that the Contracting Party makes payments in any
format other than exclusively monthly. The Daily Fine is limited to the total value of the Contract and
will be applicable from the date of non-compliance with the obligation or, in the absence thereof, from
the date of the User’s default, until the 30th day of delay or the date of the default (as applicable).

• Without prejudice to losses and damages, if the default is not remediable, the User may be fined the
highest amount between (i) R$15,000.00 (amount to be updated annually by the IGP-M from this
date); or (ii) the amount corresponding to (a) 15% of the monthly average of the amounts paid under
the Contract to the User between the date of signing the Contract and the occurrence of the event, in
the event that the Contracting Party makes monthly payments to the User; or (b) 1.5% of the amount
corresponding to the total amount paid under the Contract to the User divided by the number of
months of validity of the Contract, in the event that the Contracting Party makes payments in any
other format other than exclusively monthly.

7. General Provisions and Additional Hypotheses for Termination of the Contract
• Supervening Law. In the event of a supervening Law to which the Contractor is subject, the Parties
agree to adapt these Specific Conditions so that they remain in compliance with the Laws. If it is not
possible to adapt the Contract within 30 days, the Contractor may terminate the Contract immediately,
without charge.

• Compliance with Obligations. The Contractor may request, at any time, proof of compliance with the
obligations set forth in these Specific Conditions, as well as conduct audits for this purpose, including
accessing the User’s premises with prior notice. The Contractor may also terminate the Contract at
any time, if the User or any of its professionals or Subcontractors fail to comply with any obligation of
these Specific Conditions.

• Compliance with LGPD. Without prejudice to the provisions of these Specific Conditions, the User
undertakes to observe and comply with the LGPD, as well as to observe and comply with standards
and procedures that may be published and/or required by regulatory entities, including the National
Data Protection Authority, within the scope of the Processing.

• Limitation of Liability. The User agrees that no limitation of liability will be applied to losses and
damages resulting from a breach of privacy, protection of Personal Data, non-compliance with the
LGPD or other applicable Laws on data protection and confidentiality and/or these Specific
Conditions.

• Compliance with Laws by the Contractor. The Contractor observes the Law in force, especially with
regard to the security and protection of Personal Data.

• Confidential Information. All Processing will be considered Confidential Information under the terms
of the Contract. Should any incident occur regarding the Data, the Processing and/or the User about
which the Contractor understands, at its sole discretion, that it is necessary to make a statement,
including publicly, such statement, including any mention of the User and/or the purpose and
existence of this Contract, is hereby permitted.

• Term. The provisions of these Specific Conditions will be binding on the Parties as of the entry into
force of Law 13.709/18.

8. Omissions and General Provisions
• The User must resolve any doubts that may exist regarding this Agreement by expressly consulting
the Contracting Party.

• This Agreement does not establish any permanent links between the User and the Contracting
Party, such as any form of society, association, partnership, representation, employment relationship
or joint or several liability, nor does it grant any powers or authority for the User to act on behalf of the
Contracting Party, except with the express authorization of the latter.

9. Dispute Resolution and Jurisdiction
• Issues arising from the execution of this Agreement, which cannot be settled administratively, will be
processed and judged in the same jurisdiction and district of the Contract.• We process your personal
data on the basis that such processing is necessary to promote legitimate interests (including: (1)
providing effective and innovative Services to our users; and (2) detecting, preventing or resolving
fraud or security issues in relation to the provision of our Services), except in the case where
fundamental rights and freedoms of the holder prevail that require the protection of personal data.