Privacy Policy

Last Updated: March 26, 2024.

Herein we present the Terms of Use (“Terms”) of SASI COMMUNICATION AGILE LTD., trade name SASI, a private legal entity, with its HEAD OFFICE registered under the CNPJ number 35.379.670/0001-45, located at Brigadeiro Faria Lima Avenue, No. 1306, 7th Floor, Suite 71, room B, Jardim Paulistano District, ZIP Code 01451-914, São Paulo/SP, and its BRANCHES registered under the CNPJ/MF number 35.379.670/0002-26 and address at Ephigênio Salles Avenue, No. 126, Room “E”, Parque 10 de Novembro District, ZIP Code 69055-736, Manaus/AM and SASI COMTECH DMCC, a private legal entity, free zone company, license number: 911256, with its address at Platinum Tower, 1406, Jumeirah Lakes Towers, Dubai, UAE, email: compliance@sasi.io; phone: (11) 4210-2846, call center phone: 0800-580-2912, owner of the SASI platforms, applications, and websites, hereinafter referred to as “SASI”, committed to the privacy and protection of personal data collected from its USERS, establishing the rules on the treatment of data within the scope of the SASI services and functionalities, in accordance with the laws in force, with transparency and clarity to the USER and to the market in general.

As a condition for access and use of SASI’s exclusive functionalities, the USER declares that they have fully and attentively read the present Privacy Policy, being fully aware, thus giving their free and express agreement to the terms stipulated here, authorizing the collection of the data mentioned herein, as well as their use for the purposes specified below. Should you disagree with these directives, the USER should discontinue their access.

At SASI, we aim to provide the best possible experience to ensure you enjoy our service to the fullest. To achieve this, we need to know you better, allowing us to offer an exceptional and personalized service according to your preferences. Your privacy and the security of your personal data are, and will always be, of utmost importance to us. Thus, we wish to demonstrate transparently how and why we collect, store, share, and use your personal data – as well as define the controls and choices you can exercise regarding the sharing of your personal data.

This is our goal, and in the attached Privacy Policy (the “Policy”), all necessary clarifications and details will be provided.

The purpose of this policy is to:

  1. Ensure that the platform’s users understand why SASI collects their personal data, and how it

is shared and stored;

  1. Explain how we use your personal data to provide a valuable experience using SASI’s

Services;

  • Clarify your rights and choice options regarding your personal data that are collected and

processed, and how we preserve your privacy.

  1. State that the services and content available on the SASI Platform are entirely the client’s responsibility, who is, in fact, the application developer. SASI is not responsible for the profiles, channels, fields, content, and related elements generated and stored on the Platform.
  2. GLOSSARY
    • For the purposes of this document, the following definitions and descriptions should be considered for better understanding:

COOKIES: Small computer files or data packets sent by an Internet website to the user’s browser when the USER visits the site.

IP: Abbreviation for Internet Protocol. It is an alphanumeric set that identifies the USERS’ devices on the Internet.

USER: Any natural person who accesses and/or uses the functionalities and/or services of SASI.

  1. DATA COLLECTION AND USE AND ACTIVITY RECORDING
    • The data collected from voluntary submission by the USER or automatically comply with the principle of necessity and may include:
    • These are the personal data provided by you or collected by SASI to enable you to subscribe to and use SASI’s services. Depending on the type of plan on the SASI platform, said personal data may include the user’s name, email, telephone, date of birth, gender, geographic location, residence, and country, and will be allocated in the tables below.
    • As will be observed, some data is necessary to create an account on the platform, and others to make the account even more personalized.

DISTRIBUTOR

CATEGORY

DATA

PURPOSE

MANDATORY REGISTRATION DATA

Email, First Name, Last

Name, Password, Phone Number.

User identification and authentication on the platform,

Receiving communication from the platform,

Access to SASI platform for

development.

OPTIONAL REGISTRATION DATA

Zip Code, Address, City, State, Mobile, State.

ELECTRONIC RECORDS

IP, Cookies,

Access record for compliance with legal obligations,

Analytics on SASI site

PAYMENT

Credit card details

(optional)

Payment for monthly, annual, or semi-annual

plans

STATISTICAL DATA

(ANONYMIZED)

Platform usage data

(considered non-personal

data)

Platform usage analytics

FINAL USER

CATEGORY

DATA

PURPOSE

MANDATORY REGISTRATION DATA

Email, First Name, Last

Name, Password, Phone Number.

User identification and authentication on the platform.

OPTIONAL REGISTRATION DATA

Social Security Number,

Profession, Gender, Email,

Address, Zip Code,

Complementary Address,

Neighborhood, Mobile

Phone, Landline Phone.

ELECTRONIC RECORDS

IP, Cookies,

Access record for compliance with legal obligations,

Analytics on SASI site

DATA REQUESTED BY

THE DISTRIBUTOR

At the discretion of the

client

Execution of service on the

platform

STATISTICAL DATA

(ANONYMIZED)

Platform usage data

(considered non-personal

data)

Platform usage analytics

2.2. All personal data may be used as evidence in cases of illicit acts or those contrary to this Privacy Policy or any other legal document provided by SASI, as well as to comply with judicial orders or administrative requests.

  • It is the USER’s responsibility to configure their mobile device if they wish to block the collection of cookies or other data. In this case, some functionalities of SASI may be limited.
  • SASI is not responsible for the accuracy, truthfulness, or lack thereof in the information provided by the USER or for its being outdated; it is the USER’s responsibility to provide them accurately and update them whenever necessary.
  • The database formed through the collection of data on SASI is owned and the responsibility of SASI, and its use, access, and sharing, when necessary, will be carried out within the limits and purposes of SASI’s business and described in this Privacy Policy and Terms of Use.
    • The USER is co-responsible for the secrecy of their personal data. Sharing passwords and access data violates this Privacy Policy and the Terms of Use of SASI.
    • The processing of children’s data should only be carried out with specific and highlighted consent given by at least one of the parents or the child’s legal guardian, which must be sent to SASI’s data protection officer at the contact: compliance@sasi.io;

2.5. Internally, the USER’s data will only be accessed by professionals duly authorized by SASI, respecting the principles of proportionality, necessity, and relevance to the objectives of SASI, in addition to the commitment to confidentiality and the preservation of privacy under the terms of this Privacy Policy.

  1. STORAGE, INTERNATIONAL TRANSFER, RETENTION, AND DELETION OF DATA
    • The data collected are stored in cloud computing provided by Amazon Web Services with servers located in Brazil as well as SASI’s own servers.
      • International transfer will only be carried out if necessary and for those agents and purposes described in this Privacy Policy, which adhere to international best practices for personal data protection and guarantee to provide an adequate level of personal data protection as prescribed by law.
    • All collected data are stored in a secure environment. However, considering that no security system is infallible, SASI disclaims any responsibility for any damages and/or losses resulting from failures, viruses, or intrusions into SASI’s database, except in cases of malice or fault.
    • For audit, security, fraud control, rights preservation, and legal obligation compliance purposes, SASI may retain the history of USER access records for a minimum period of 6 (six) months.
      • If there is a request for data deletion by the USER, such deletion may only occur if there is no longer any purpose for use nor legal, regulatory, or judicial obligation justifying its retention.
      • Data must be retained as long as their purpose for use or legal, regulatory, or judicial obligation justifying their retention lasts. At the end of the purpose of use and mandatory retention period, data may be deleted using secure disposal methods or used anonymously for statistical purposes.

  1. SHARING
    • The collected data and recorded activities may be shared:
  2. With competent judicial, administrative, arbitral, or governmental authorities whenever there

is a legal request from the authorities or a court order;

  1. Automatically in         case     of         corporate         movements,     such     as         merger,            acquisition,     split,    or

incorporation, and

  • Automatically with the service providers contracted by SASI to enable the SASI site and

platform along with all its functionalities and services provided.

  1. It is emphasized that clinical data will not be shared, except in the case of item ‘i’.

4.2. All third parties contracted for the purpose of item “iii” above are obliged to treat the data confidentially and only for the contracted purpose, ensuring legal compliance in terms of privacy and data protection and using, at all times, the best information security practices.

  1. LEGAL BASIS
    • When the USER uses or interacts with SASI’s service, we use various technologies to process the personal data we collect for several reasons.

Description of the reasons why SASI processes your data

Legal     Basis   for   the      Purpose

Processing

of

Category of Personal Data Used by

SASI for the Purpose of Processing

To Use the SASI Development Platform

● ● ●

Execution of a contract;

Legitimate Interest;

Consent

●      User data;

●      usage data;

●      payment data;

To Understand, Diagnose, Troubleshoot, and Fix

Issues with the SASI Platform

Execution of a contract;

Legitimate Interest

●      User data;

●      usage data

To Assess and Develop Features, Technologies, and Improvements for the SASI Platform

Legitimate Interest;

Consent

●      User data;

●      usage data

For    Marketing,   Promotion,      and Advertising

Purposes

Legitimate Interest;

Consent

●      User data;

●      usage data

To Comply with Legal Obligations and Law

Enforcement Requests

Legitimate Interest;

Compliance     with

Obligations

Legal

●      User data;

●      usage data;

●      payment and purchase data;

To      Initiate,    Conduct    or    Defend     Legal

Proceedings

Legitimate Interest

●      User data;

●      usage data;

●      payment and purchase data.

To Process Payments

Legitimate Interest

●      User data;

●      payment data.

To      Detect    Frauds,    Including     Fraudulent

Payments and Fraudulent and Illegal Use of the

SASI Platform

● ●

Legitimate Interest;

Compliance     with

Obligations;

Execution of a Contract.

Legal

●      User data;

●      usage data;

●      payment and purchase data;

           
  • The USER may change their consent grants, grant new permissions, or withdraw their current consent through the SASI support channels available on the website and platform, being advised of the consequences that the withdrawal of consent may cause.

  1. DISPLAY, RECTIFICATION, PORTABILITY, LIMITATION, OPPOSITION, AND DELETION OF DATA
    • The USER may access their data (display) and perform the rectification of their personal data through the logged-in environment on the SASI platform or through the support channels provided by SASI.
    • Through the SASI support channel, the USER may also request: (i) the portability of their data, when the USER is a client of the product developed on the SASI platform, (ii) the limitation of the use of their personal data; (iii) express their opposition to the use of their personal data or (iv) request the deletion of their personal data collected by SASI, provided that the contractual relationship between the USER and SASI has ended, there is no legitimate purpose for processing that justifies the treatment, and the legal minimum period related to data retention has elapsed, as mentioned in section

3.3 of this Privacy Policy.

  1. SECURITY
    • SASI processes personal data in accordance with the best information security practices and, in         particular, stores   them    in         the       Amazon          Web     Services          cloud,  which  many   high-standard companies use, applying the most advanced information security techniques available on the market, as well as automated server backup every 24 hours and digital certificate, through shared responsibility models between AWS and the client. The latter is certified and recertified in meeting all security requirements set by ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, PCI DSS Level 1, and SOC 1, 2, and 3, the international best practices code for personal data protection in the cloud (information and certificate    available          at: https://aws.amazon.com/pt/compliance/brazil-data-privacy/, https://aws.amazon.com/pt/compliance/gdpr-center/, https://aws.amazon.com/pt/compliance/shared-responsibility-model/, accessed on 14.02.2024).
    • SASI itself also applies technical and administrative measures capable of protecting personal data from unauthorized access and accidental or unlawful situations of destruction, loss, alteration, communication, or dissemination, considering the structure, scale, and volume of its operations, as well as the sensitivity of the data processed and the probability and severity of harm to the data subjects.

  2. DATA SUBJECT RIGHTS

SASI bases its operations on respect and the proper application of the principle of privacy by design. Therefore, SASI ensures the exercise of data subject rights through its website and App, where we provide privacy controls for users. Below is a simplified list of rights applicable to our business.

  • Right of access to information: The information required by data protection laws is contained in this privacy policy. Additional information can be requested via email at compliance@sasi.io, as described in clause 9.3.
  • Right to confirmation of personal data processing: To find out if SASI processes your data, you can get confirmation by sending a request to email compliance@sasi.io.
  • Right of Access to Data: This right will be exercisable through the app soon. Currently, you can contact via email compliance@sasi.io to request confirmation of the processing of your personal data.
  • Right to rectification of incomplete, inaccurate, or outdated data: Although it is the User’s responsibility to enter their data for the use of the SASI product, if you no longer have access to the platform, it is still possible to rectify data through email compliance@sasi.io.
  • Right to erasure: the right to request the removal of your personal data.
  • Right to data portability: the right to request a copy of your personal data in an electronic format and the right to transmit those personal data for use in a third-party service.
  • Right to object: the right, at any time, to object to the processing of your personal data on grounds relating to your particular situation; the right to object to the processing of your personal data for direct marketing purposes.

  1. GENERAL PROVISIONS
    • SASI does not use any form of automated decision-making that impacts the USER.
    • SASI reserves the right to change the content of this Privacy Policy at any time, according to the purpose or necessity, such as for legal compliance or adjustment to a law or regulation with equivalent legal force, with the USER being responsible for checking it whenever accessing SASI.

9.2.1. Should there be updates to this document that necessitate a new collection of consent, SASI will notify the USER through the contact means provided by them.

  • In case of any questions regarding the provisions of this Privacy Policy or the need to contact the Data Protection Officer (DPO) of SASI, the USER may contact via email at compliance@sasi.io, with responses to contacts being sent between Monday and Friday, during business hours, except on holidays.
  • If third-party companies process any data collected by SASI, they must respect the conditions stipulated here and the best practices in information security, mandatorily.
  • If any provision of this Privacy Policy is considered illegal or illegitimate by the authority of the locality where the USER resides, the other conditions will remain in full force and effect.
  • The USER acknowledges that all communication made by email, SMS, instant messaging applications, or any other electronic means are also valid as documentary evidence, being effective and sufficient for the disclosure of any matter that refers to the services provided by SASI, as well as the conditions of their provision or any other subject addressed therein, except for provisions expressly different provided in this Privacy Policy.

  1. APPLICABLE LAW AND JURISDICTION
    • This document will be governed and interpreted according to Brazilian law, in the Portuguese language, with the court of the USER’s domicile being elected to settle any dispute or controversy involving this document, except for specific reservation of personal, territorial, or functional competence by applicable legislation.

Thank you for your attention, and welcome to SASI!

Choose a language

Login