When you access THETRYUM platform, you are trusting us your personal data and information. We are committed to maintaining that trust. In this sense, this Privacy Policy (“Policy”) explains in a clear and accessible way how your information and data will be collected, used, shared and stored through our systems. Acceptance of our Policy will be made when you access or use THETRYUM website, application or services. This will indicate that you are aware of and in full agreement with how we will use your information and data.

This Privacy Notice (the “Notice”) aims to protect the privacy and fundamental rights of Users when their personal data is processed by the Company, such as the fundamental rights of Visitors while browsing the Site.

DEFINITION

‘Consent’ means any freely given, specific and informed indication of your wishes, whereby a data subject signals that he or she consents to the processing of personal data relating to him or her.

By ‘data controller’ is meant the natural or legal person who, alone or together with others, determines the purposes and means of the Processing of Personal Data and who is responsible for this Processing.

‘Data Owner’ means the natural or legal persons whose data is processed, whether a User or a Visitor.

‘Disclosure’ means making personal data accessible, for example by allowing access, transmission or publication.

‘Personal Data’ means all information relating to an identified or identifiable person.

‘Personal Data Breach’ means a breach of security that leads to the accidental or unlawful destruction, loss or alteration of – or unauthorized disclosure of, or access to – personal data transmitted, stored or otherwise processed.

‘Processing’ means any operation or set of operations – by automated and other means – which is performed on personal data or sets of personal data, such as collecting, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclose, transmit, disseminate or otherwise make available, align or combine or delete.

‘Recipient’ means a third party, public authority, agency or other body – i.e. someone or something other than the Data subject or the Company – to which personal data is disclosed.

SCOPE

The Company provides this Notice to describe its procedures in relation to the Processing and Disclosure of Personal Data collected by the Company while using the Site.

This Notice applies to any use of the Site, whatever the method or means used. It details the conditions under which the Company may collect, maintain, use and save information concerning you, as well as the choices you have made regarding the collection, use and disclosure of your personal data.

ACCEPTANCE

By browsing the Site, Visitors acknowledge that the Company may collect and process a certain number of personal data relating to them and that they have read and understood this Notice and agree to be bound by it and to comply with all applicable laws and regulations.

Users acknowledge that the Company may collect and process a certain number of personal data relating to them and that they have read and understood this Notice and agree to be bound by it and to comply with all applicable laws and regulations.

Consent is given when users freely send to the company the personal data necessary to become a user. The latter understands and agrees that the Company is free to use such Personal Data within the limits provided by law and in this Notice.

If you do not agree with the terms of this Notice, do not become a User and refrain from using the Site.

PRINCIPLE FOR PROCESSING PERSONAL DATA

During the processing of personal data, the Company will respect the following general principle:

1.a) Justice and Legal rights

When processing personal data, all individual rights of data subjects must be protected. Personal data must be collected and processed lawfully, fairly, in good faith and proportionate to the purpose.

1.b) Restriction to a specific purpose

Personal data processed by the Company must be adequate and relevant for the purpose for which they are collected and processed. This requires, in particular, ensuring that the types of personal data collected are not excessive for the purposes for which they were collected. Subsequent changes to the objective are only possible to a certain extent and require proof.

 1.c) Transparency

Data owner must be informed about how their personal data is being treated. When personal data are collected, the data owner must be informed about:

the existence of this Notice;

the identity of the data controller;

the purpose of processing personal data;

third parties to whom the data may be transmitted.

 1.d) Consent from data owner

Personal data must be collected directly from the individual in question and consent from the data subject may be required prior to processing all personal data. Consent must be obtained in writing or electronically for documentation purposes. Consent is valid only if given voluntarily. If, for any reason, the Data owner’s Consent is not given prior to the Processing of Personal Data, this must be guaranteed in writing as soon as possible after the Processing has started.

All personal data may be processed without consent if necessary to enforce a legitimate interest of the Company. Legitimate interests are usually of a legal nature (eg, legal action, enforcement or defense against legal claims) or financial (eg, valuation of companies). Processing of personal data is also permitted if national legislation so requests, requires or permits.

 1.e) Accuracy

All personal data kept on file must be correct and, if necessary, kept up to date. Inaccurate or incomplete personal data should not be kept on file and must be deleted.

DATA COLLECTED

This Notice applies to all information received during your visit to or use of the Site, when you subscribe to our newsletter and/or become a User.

In particular, the Company will collect the following personal data:

Visitor’s data:

When browsing the Site, even if you do not subscribe to our newsletter, do not become a User and do not contact us, the Company will automatically:

collect your cookies;

use Google Analytics;

use Facebook pixels;

use Hotspot;

use Intercom;

use Hotjar;

use Twitter Connect.

DATA USE

 The following paragraphs describe the various purposes for which the Company uses your personal data.

 1.a) Users data:

All users understand and agree that their transactional information will be made public on the BSCScan Network, therefore, disclosed to everyone.

The Company will consider users’ personal data to provide them with a better service and, in particular, to:

communicate with them;

provide them with information about new available products, blog posts, promotions, special offers and other information;

customize promotional offers, in particular based on your activity and transaction history;

answer your questions and comments;

send them the THETRYUM newsletter, unless users unsubscribe;

prevent potentially prohibited or illegal activities;

conduct research and compile statistics on usage patterns;

process transactions;

manage the accounts;

enforce the Terms of Use;

comply with our legal requirements;

as otherwise described to users at the point of collection.

 1.b) Cookies

A Cookie is a piece of information that is automatically placed on your computer’s hard drive when you access certain websites. Cookies uniquely identifies your browser to the server. Cookies allow the Company to store information on the server (e.g. language preferences, technical information, click or path information, etc.) site. Most web browsers are set to accept cookies, although you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Please note, however, that some parts of the website may not function properly if you refuse cookies.

 1.c) Google Analytics:

Our website uses Google Analytics, an internet site analysis service provided by Google Inc. (” Google”). Google Analytics uses cookies, which are text files placed on your computer, to help analyze users’ use of the website. All data generated by cookies relating to the use of the website (including your IP address) will be forwarded and stored by Google on servers located outside Brazil. Google will use this information to evaluate your use of the website, compile reports on website activity for its publisher and provide other services relating to website activity and internet usage. Google may disclose this data to third parties if there is a legal obligation to do so or when third parties process this data on behalf of Google, including, in particular, the publisher of the Site. Google will not cross-reference your IP address with any other data held by Google.

You can disable the use of cookies by selecting the appropriate parameters in your browser. However, disabling this may prevent the use of certain functions of the website. By using the website, you specifically consent to the processing of your personal data by Google under the conditions and for the purposes described above.

 THIRD PARTY DISCLOSURE

The Company may share your personal data with any other relevant third parties, in particular if we are required to do so in order to comply with a court order or request from law enforcement authorities, or if we deem it necessary, as determined in the Company’s sole discretion, to investigate, prevent or take action regarding illegal activities, to defend our interests or as required or permitted by law.

In any case where the cross-border transfer is made, the Company ensures that adequate protection is guaranteed for the personal data to be transferred outside Brazil. In some specific cases, when this level of protection is not guaranteed, the Company will obtain your prior consent or establish with the Recipient of the Personal Data a contractual structure or sufficient safeguards that guarantee an adequate level of protection abroad. You may request access to a copy of these safeguards by contacting the Company.

Unless otherwise stated, third parties who receive data from the Company are prohibited from using that personal data beyond what is necessary to provide the product or service to you, either directly or by participating in the activities of the Company.

 STORAGE OF YOUR PERSONAL DATA

The storage as well as the processing of your personal data may require your personal data to be transferred/transmitted and/or stored at a destination outside your country of residence, especially in Brazil. Where permitted by law, by accepting the terms of this Notice, you consent to such transfer, transmission, storage and/or processing. You also agree that such activities may be carried out for or in countries that offer a lower level of protection than your country of residence.

 RETENTION OF YOUR PERSONAL DATA

In accordance with applicable laws, the Company will use your personal data for as long as necessary to satisfy the purposes for which your personal data was collected or to comply with applicable legal requirements.

 SAFETY OF YOUR PERSONAL DATA

The Company applies high industry standards and will always apply appropriate technical and organizational measures, in accordance with applicable laws, to ensure that your data is kept safe and secure.

In the event of a personal data breach, the Company shall, without undue delay, and whenever possible, no later than 72 hours after becoming aware of the breach, notify the breach to the competent supervisory authority, unless such breach is unlikely to result in a risk to their rights and freedoms. If the breach is likely to result in a high risk to your rights and freedoms, the Company must report that breach to you, if possible, without undue delay.

ACCESS TO YOUR DATA AND INFORMATION RIGHTS

You have the right to request access to or information about personal data relating to you that are processed by the Company.

Whenever required by law, you, your successors, representatives and/or attorneys may (i) request the deletion, correction or revision of your personal data; (ii) object against Data Processing; (iii) limit the use and disclosure of your personal data; and (iv) revoke consent to any of our data processing activities, if the company is relying on your consent and has no other legal basis to continue processing your data.

These rights can be exercised by contacting us through our contact form or by writing to: juridico@Thetryum.com, attaching a copy of your identity document. If the request is submitted by someone other than you, without providing evidence that the request was made legitimately on your behalf, the request will be rejected.

The request is free of charge, unless your request is unfounded or excessive (for example, if you have already requested this personal data several times in the last twelve months or if the request generates an extremely high workload). In such event, the Company may charge a reasonable application fee in accordance with applicable laws.

The Company may refuse, restrict or delay the provision of personal data when it has the right to do so, for example if fulfilling the request adversely affects the rights and freedoms of third parties.

PORTABILITY OF YOUR DATA

You also have the right to receive your personal data, which you have provided to the Company, in a structured, commonly used and machine-readable format and you have the right to transmit this data to another controller without impediment from the Company.

This right can be exercised by contacting us through our contact form or by writing to: juridico@Thetryum.com, attaching a copy of your identity. If the request is submitted by someone other than you, without providing evidence that the request was made legitimately on your behalf, the request will be rejected.

The request is free of charge, unless your request is unfounded or excessive (for example, if you have already requested this personal data several times in the last twelve months or if the request generates an extremely high workload). In such event, the Company may charge a reasonable application fee in accordance with applicable laws.

The Company may refuse, restrict or delay the provision of personal data when it has the right to do so, for example if fulfilling the request adversely affects the rights and freedoms of third parties.

 PRIVACY BY DESIGN AND STANDARD

The Company will, both at the time of determining the means of Processing and at the time of the Processing itself, implement appropriate technical and organizational measures, such as pseudo-animation, which are designed to implement data protection principles, such as data minimization, in effectively and to integrate the necessary safeguards for Processing in order to meet the requirements of the GDPR and protect your rights.

The Company has implemented appropriate technical and organizational measures to ensure that, by default, only personal data necessary for each specific purpose of the Processing is processed. This obligation applies to the amount of your personal data that we collect, the extent of its processing, the storage period and its accessibility. These measures will ensure that, by default, your personal data is not made available without your intervention to an indefinite number of third parties.

CHANGES TO THE PRIVACY NOTICE

The Company may modify this Notice from time to time and will post the most recent version on the Site. If a modification reduces your rights, a pop-up window will inform you immediately when you will browse our website and have to accept the changes.

CONTACT

If you have any questions or want to comment on this Notice or to lodge a complaint about our compliance with applicable privacy laws, please contact us at our email address: juridico@thetryum.guilhermedinizdg.com;

We will acknowledge and investigate any complaints lodged about this particular Notice.