Privacy Policy

I. Objective

This Privacy and Data Protection Policy ("Policy") aims to provide guidelines regarding the privacy and protection of personal data of clients, employees, third parties, service providers, suppliers, and partners accessed by Air Limo services in the course of its activities, establishing rules on the collection, use, storage, sharing, and disposal of personal data, in accordance with laws, regulations, and best practices adopted in the market.

 

II. Scope

All members of the Board of Directors, Advisory Committees, and Executive Board ("Administrators"); members of the Fiscal Council; employees, including outsourced workers, interns, and apprentices ("employees") of Air Limo services companies, hereinafter collectively referred to as the "Company". All members of the Board of Directors, Advisory Committees, and Executive Board ("Administrators"), members of the Fiscal Council and employees, regardless of the position or function performed, of Air Limo services companies, hereinafter referred to as the Company, as well as third parties, service providers, and/or suppliers who have access to personal data from these companies. All Controlled Companies of the Company must define their guidelines based on the guidelines set forth in this Policy, considering their specific needs and the legal and regulatory aspects to which they are subject.

With regard to Affiliate Companies, the representatives of the Company who act in the administration of the Affiliate Companies must make efforts for them to define their guidelines based on the guidelines set forth in this Policy, considering their specific needs and the legal and regulatory aspects to which they are subject.

 

III. Guidelines

1. Initial Provisions

1.1. This Policy aims to demonstrate the Company's commitment to:

1.1.1. Safeguard the privacy and protection of personal data collected from clients, employees, third parties, service providers, suppliers, and partners, in the performance of its activities.

1.1.2. Adopt guidelines that ensure comprehensive compliance with laws, regulations, and best practices related to the protection of personal data.

1.1.3. Promote transparency to data subjects and other stakeholders about how the Company processes personal data.

1.1.4. Adopt effective and preventive measures to protect personal data from the risk of security incidents involving such data.

​

1. Information Subject to the Policy

2.1. This Policy applies to:

2.1.1. All personal data provided or collected in the context of the services provided by the Company to its clients for the acceptance of electronic payment methods, including the capture, transmission, processing of information, and settlement of transactions, as well as the offering of other related services and products.

​

2.1.2. All personal data of employees, third parties, service providers, suppliers, and partners provided or collected in the context of contractual, legal, or regulatory obligations or any other personal data.

​

1. Collected Personal Data

3.1. The collected personal data may vary depending on the relationship with the Company and are classified into the following groups:

​

3.1.1. Personal Data provided by the data subject: These are data entered or forwarded by the data subject or their legal representative, resulting from contact, registration, or contract with the Company, and may include, but are not limited to, the following data: full name, CPF (individual taxpayer identification number), date of birth, marital status, nationality, place of birth, filiation, beneficiaries, profession, data of the company of which the data subject is a partner, owner, legal representative, or agent, complete address, banking data, email address, telephone number, and biometric data.

​

3.1.2. Personal Data collected from the use of services: These are related to the use of electronic payment methods, captured by the Company and transmitted and/or shared with third parties in the context and to the extent necessary for the processing and settlement of electronic payment transactions or for the transmission of non-financial information, the subject of services provided by the Company.

​

3.1.3. Personal Data collected from the use of websites and applications: These are related to access and navigation on the Company's website, pages, and applications, containing information about device identification (Date, Time, and IP). The data subject's geolocation may also be collected for fraud prevention, security, and credit protection purposes.

​

3.1.4. Personal Data collected on media and social networks: These are collected from interactions performed by data subjects through the Company's media and/or social networks.

​

3.1.5. Financial Personal Data: These refer to the financial or credit situation of the data subject, such as income, assets, negative records, positive records, and data from the Credit Information System of the Central Bank, in accordance with the applicable and current legislation.

3.1.6. Personal Data of individuals under 18 years of age: The Company will only collect and process personal data of individuals under 18 years of age in accordance with article 14 of Law 13.709/2018 and relevant legislation.

​

1. Collection Method and Purpose

4.1. Personal data will be collected by ethical and legal means and stored in a secure and controlled environment, for the period required by law or regulation. The Company undertakes to take all appropriate measures to maintain absolute confidentiality and strict confidentiality of all personal data to which it has access or which it may become aware of in transactions, cardholders, payment data, its customers, as well as individuals directly related to customers, which it may have access to due to the provision of services, employment relationship, contract, or partnership, being prohibited from transferring and/or allowing third-party access to such information, except in the cases described in this Policy or provided for by law.