Introduction
This Privacy and Personal Data Protection Policy was developed in accordance with the provisions of Federal Law No. 13,709/2018 - General Data Protection Law ("LGPD") in order to define the rules and clarify the rights related to the privacy and protection of personal data of users of the website https://www.zaia.com.br/ and the Zaia platform, processed during your access, experience, or relationship with AI GATEWAY ERA LTDA., a limited liability company, registered with the CNPJ under No. 49.587.881/0001-88, headquartered in the City of São José dos Campos, State of São Paulo, at Av. Alfredo Ignácio Nogueira Penido, 335, room 706, Parque Residencial Aquarius, ZIP Code 12246-000 ("Zaia" or "We").

In order to reinforce Zaia's commitment to the culture of privacy and information security, this policy fulfills its formal and legal role.

2. Application
   It applies to Zaia, in compliance with the LGPD, as the recipient of personal data potentially provided by users of the website https://www.zaia.com.br/ and the Zaia platform, as well as to all holders whose personal data may eventually be processed by Zaia, for which Zaia becomes responsible - from the respective collection - for the use, storage, and protection as the controller of the provided information according to the legal definition.

   
   

3. Collected Personal Data
   When contracting one of our services, we may collect the following personal data:
   Name
   Email
   Mobile
   Country
   Credit card data

Please note that from the moment you engage in a conversation with Zaia, we may store all information and message exchanges. Therefore, we recommend that you do not include personal or confidential information while using the service. From the moment you enter personal information in the Zaia conversation, you consent to the processing of the personal data entered by Us, being subject to the terms and conditions of this Privacy Policy.

4. Purposes of Personal Data Processing
   We use the collected personal data exclusively for:
   • Receiving user contact and addressing requests;
   • User registration;
   • Processing the user's subscription payment;
   • Providing access to Zaia's services and platform;
   • Delivering contracted services;
   • Statistical purposes;
   • Sending marketing and promotional messages from Zaia;
   • Improving the platform and fixing bugs;
   • Compliance with legal and regulatory obligations;
   • Exercising other essential activities for the regular operation of Zaia, within its corporate purpose.

   
   

5. Children's Privacy
   Zaia's services are not directed to anyone under 13 years old. We do not intentionally collect personally identifiable information from children under 13 years old. If we discover that a child under 13 has provided us with personal information, we will immediately delete it from our servers. If you are a parent or guardian and know that your child has provided us with personal information, please contact us so that we can take the necessary measures.

   
   

6. Sharing of Personal Data
   All data, information, and communications collected are considered confidential by us, and will not be provided to third parties, except as provided in this Policy.

   
   

To develop and improve the services provided by Zaia, we may hire third-party service providers to perform certain business operations on behalf of Zaia. In doing so, we may need to share your personal information with them. We provide our service providers only the personal information they need to perform the services we request, and we require that they protect this information and not use it for any other purpose.

Zaia may also disclose your personal data to business partners with whom we have contracts for the purpose of promoting Zaia's services, as well as presenting our partners' products and services to users. In this case, our partner will commit to following the terms and conditions of this Privacy Policy in processing your personal data.

Additionally, we may disclose your data in the event of: court order, order from a competent authority, or need to defend our rights in legal or administrative claims.

Furthermore, it is possible that some of the transfers mentioned above may occur to recipients located outside the national territory. In this circumstance, the parties commit to doing so only to countries that provide a degree of protection for personal data in accordance with best practices, always observing the current legislation, thus providing users with guarantees to safeguard their data, with specific contractual clauses, without prejudice to the prior collection of their respective specific consent when applicable.

7. Secure Personal Data
   Zaia adopts various precautions in accordance with guidelines on norms, guidelines, standards, and security practices established in applicable legislation, including the LGPD. Access to the collected information is restricted to employees and authorized persons; those who improperly use this information, in violation of the provisions contained in this document, will be subject to applicable disciplinary and legal sanctions. In the event of such an incident, Zaia emphasizes that it will make every effort to remedy and/or minimize the consequences of the occurrence, always adhering to the best practices of Information Security, aiming to provide a safe and optimized experience for its users.

   
   

8. Zaia as Personal Data Controller
   Zaia is directly responsible for personal data, but there may be situations in which Zaia is not directly responsible, but only a processor of personal data for third parties, qualified as an operator. When Zaia processes personal data as a data processor, it is instructed by a third party, and Zaia is then bound by the instructions given by the controller. In these situations, Zaia cannot guarantee that such processing occurs in accordance with this Privacy Policy, but Zaia will always ensure that processing is in accordance with applicable law and, as far as possible, in accordance with this Privacy Policy.

   
   

9. Retention and Deletion of Personal Data
   If you choose at any time to delete your personal data from the storage database, Zaia may retain some personal data for an additional period for compliance with legal or regulatory obligations, as well as for the eventual regular exercise of Zaia's rights, as well as for auditing purposes and compliance with compliance standards. The retention of personal data will be made for the period necessary to comply with the aforementioned obligations, always respecting the deadlines established in applicable legislation.

   
   

10. Rights as Personal Data Subject
    Zaia reserves to users the possibility of exercising the rights provided for in art. 18 of the LGPD, being able to submit requests related to their personal data, such as:
    Confirmation of the existence of processing;
    Access to personal data;
    Correction of incomplete, inaccurate, or outdated data;
    Anonymization, blocking, or elimination of unnecessary, excessive, or supposedly processed data in non-compliance with the LGPD, except as provided in law;
    Portability of the data to another service or product provider, upon express request by the user;
    Deletion of data processed with the user's consent, except as provided by law;
    Obtaining information about the entities with which their data has been shared;
    Information on the possibility of the user not providing consent, as well as being informed of the consequences in case of refusal;
    Information related to the processing, storage, and destination of personal data, within the scope of the LGPD;
    Revocation of consent.

To exercise the rights indicated above, please contact us via email dpo@bonuz.it.

11. Use of Cookies
    Zaia uses cookies to optimize and speed up your activities and future experiences with the services offered by Zaia through its website.

    
    

Through cookies, the site stores information about browser activities, including the IP address and accessed page. These activity logs will be used for statistical purposes and for qualitative and quantitative metrics of the services provided, and may also be used for investigations of fraud or unauthorized changes in its systems and registrations, not intended to provide data to third parties without the user's express consent, all in compliance with current legislation.

Logs may include data such as: the user's IP address, actions taken on the site, pages accessed, dates and times of each action and access to each page of the site, information about the device used, operating system version, browser, among other installed applications.

The main web browsers allow users to manage the use of cookies on their devices, allowing them to disable the storage of these data packets.

However, in order for you to use all the personalized browsing features of the Zaia site, we recommend keeping cookie saving enabled. If you are not interested in the function, simply disable it.

To remove Cookies or Cache, follow the procedures indicated by the manufacturers for each browser:
Google Chrome: (https://support.google.com/chrome/answer/95647?hl=pt-BR)
Firefox: (http://windows.microsoft.com/pt-br/internet-explorer/delete-manage-cookies#ie=ie-11)
Firefox: (https://support.mozilla.org/pt-BR/kb/como-limpar-cache-firefox)
Safari: (http://safari.helpmax.net/ps/privacidade-e-seguranca/como-remover-cookies/)
Opera: (https://www.tutoriaisprojetoweb.com.br/como-limpar-cache-e-cookies-do-navegador-opera)

12. Changes to the Privacy Policy
    Zaia reinforces its commitment to the privacy of the information provided through continuous improvement and enhancement of the experience and security of its users. In this regard, the practices for processing personal data may undergo future changes in order to reflect any changes, always moving towards best practices in the segment. Updates will be made available at Zaia's electronic address, and such changes will be valid, effective, and binding on the website. Communications will be made through one of the channels made available to users during registration, when applicable.

    
    

13. Contact
    If you have any questions or require further clarification regarding privacy or the processing of personal data used by Zaia, users can contact us via email dpo@bonuz.it.