Privacy Policy

At Nirooh, privacy and security are priorities, and we are committed to transparency in the processing of our users’/clients’ personal data. Therefore, this Privacy Policy establishes how the collection, use, and transfer of information from clients or other individuals who access or use our website are conducted.

By using our services, you understand that we will collect and use your personal information as described in this Policy, in accordance with the norms of the Federal Constitution of 1988 (Art. 5, LXXIX; and Art. 22, XXX – included by EC 115/2022), the General Data Protection Law (LGPD, Federal Law 13.709/2018), the provisions of the Consumer Protection Code (Federal Law 8078/1990), and other applicable Brazilian legal regulations.

Thus, Yellow Midia OOH Publicidade Ltda., hereinafter referred to simply as “Nirooh,” registered under CNPJ/MF No. 32.735.919/0001-10, in the role of Data Controller, undertakes to comply with the provisions of this Privacy Policy.

1. What data do we collect about you and for what purpose?

Our website collects and uses some of your personal data to enable the provision of services and improve the user experience.

1.1. Personal data provided by the data subject

• Name – To send personalized information when requested and register individuals interested in our services.
• Email – To send personalized information when requested and register individuals interested in our services.

1.2. Personal data collected automatically

• Online identifiers, including cookie identifiers;
• Internet protocol addresses and device identifiers;
• Client identifiers.

These are used for Google ads and analytics.

2. How do we collect your data?

In this context, your personal data is collected as follows:

• Through cookies and forms.

2.1. Consent

We process your personal data based on your consent. Consent is the free, informed, and unequivocal expression by which you authorize Nirooh to process your data.

In accordance with the General Data Protection Law, your data will only be collected, processed, and stored with your prior and express consent.

Your consent will be obtained specifically for each purpose described above, demonstrating Nirooh’s commitment to transparency and good faith with its users/clients, following the relevant legislative regulations.

By using Nirooh’s services and providing your personal data, you are aware and consenting to the provisions of this Privacy Policy, as well as understanding your rights and how to exercise them.

You may revoke your consent at any time and at no cost.

It is important to note that revoking consent for data processing may result in the inability to perform certain functionalities of the website that depend on the operation. Such consequences will be informed in advance.

3. What are your rights?

Nirooh ensures its users/clients the rights of data subjects provided for in Article 18 of the General Data Protection Law. Thus, you can, free of charge and at any time:

• Confirm the existence of data processing, in a simplified manner or in a clear and complete format.
• Access your data, requesting a readable copy in printed or electronic form, secure and suitable.
• Correct your data by requesting editing, correction, or updating.
• Limit your data when unnecessary, excessive, or processed in non-compliance with the legislation through anonymization, blocking, or deletion.
• Request the portability of your data through a report of registration data that Nirooh processes about you.
• Delete your data processed based on your consent, except in cases provided by law.
• Revoke your consent, disallowing the processing of your data.
• Be informed about the possibility of not providing your consent and the consequences of refusal.

4. How can you exercise your rights as a data subject?

To exercise your rights as a data subject, you should contact Nirooh through the following available means:

• Email: contato@nirooh.com.br

To ensure your correct identification as the holder of the personal data subject to the request, we may request documents or other evidence that can prove your identity. In this case, you will be informed in advance.

5. How and for how long will your data be stored?

Your personal data collected by Nirooh will be used and stored for the time necessary to provide the service or to achieve the purposes listed in this Privacy Policy, considering the rights of the data subjects and the controllers.

In general, your data will be kept as long as the contractual relationship between you and Nirooh persists. Once the period for storing personal data ends, they will be deleted from our databases or anonymized, except in cases legally provided for in Article 16 of the General Data Protection Law, namely:

I – Compliance with a legal or regulatory obligation by the controller;

II – Study by a research body, ensuring, whenever possible, the anonymization of personal data;

III – Transfer to a third party, provided that the data processing requirements set forth in this Law are respected; or

IV – Exclusive use by the controller, with access by third parties prohibited, and provided that the data is anonymized.

That is, personal information about you that is essential for compliance with legal, judicial, and administrative determinations and/or for the exercise of the right of defense in judicial and administrative proceedings will be maintained, despite the deletion of other data.

The storage of data collected by Nirooh reflects our commitment to the security and privacy of your data. We employ technical protection measures and solutions to ensure the confidentiality, integrity, and inviolability of your data. Additionally, we also have security measures appropriate to the risks and access control to the stored information.

6. What do we do to keep your data secure?

To keep your personal information secure, we use physical, electronic, and managerial tools aimed at protecting your privacy.

We apply these tools considering the nature of the personal data collected, the context and purpose of the processing, and the risks that potential violations would generate for the rights and freedoms of the data subject.

Among the measures we adopt, we highlight the following:

• Only authorized persons have access to your personal data;
• Access to your personal data is made only after the commitment to confidentiality;
• Your personal data is stored in a secure and suitable environment.

Nirooh is committed to adopting the best practices to avoid security incidents. However, it is necessary to highlight that no virtual page is entirely secure and free of risks. It is possible that, despite all our security protocols, problems of exclusive third-party fault occur, such as cyber-attacks by hackers, or also due to the negligence or imprudence of the user/client.

In case of security incidents that may generate significant risk or damage to you or any of our users/clients, we will inform the affected parties and the National Data Protection Authority about the occurrence, in accordance with the provisions of the General Data Protection Law.

7. With whom can your data be shared?

In view of preserving your privacy, Nirooh will not share your personal data with any unauthorized third party.

Your data may be shared with our business partners: (full name or business name of the business partner), registered under CPF/CNPJ No. (number of the partner’s CPF or CNPJ).

They receive your data only to the extent necessary for the provision of contracted services, and our contracts are guided by the data protection norms of the Brazilian legal system.

However, our partners have their own Privacy Policies, which may differ from this one. We recommend reading these documents, which you can access here:

• Privacy Policy of our partner: (link to the business partner’s privacy policy).

Additionally, there are other situations in which your data may be shared, which are:

I – Legal determination, requirement, request, or court order, with competent judicial, administrative, or governmental authorities.

II – In case of corporate movements, such as merger, acquisition, and incorporation, automatically.

III – Protection of Nirooh’s rights in any type of conflict, including judicial matters.

7.1. International data transfer

Some of the third parties with whom we share your data may be located or have facilities located in foreign countries. In these conditions, in any case, your personal data will be subject to the General Data Protection Law and other Brazilian data protection legislations.

In this sense, Nirooh undertakes to always adopt efficient standards of cybersecurity and data protection, in the best efforts to ensure and comply with legislative requirements.

By agreeing to this Privacy Policy, you agree to this sharing, which will occur according to the purposes described in this document.

8. Cookies or browsing data

Nirooh uses Cookies, which are text files sent by the platform to your computer and stored there, containing information related to website navigation. In summary, Cookies are used to enhance the user experience.

By accessing our website and consenting to the use of Cookies, you acknowledge and accept the use of a data collection system through Cookies on your device.

Nirooh uses the following Cookies: (description of the types of Cookies used by the website).

You can, at any time and at no cost, change the permissions, block, or refuse Cookies. However, revoking consent for certain Cookies may make some features of the platform function improperly.

To manage your browser’s cookies, do so directly in the browser settings, in the Cookies management area. You can access tutorials on the subject directly at the links below:

• If you use Internet Explorer.
• If you use Firefox.
• If you use Safari.
• If you use Google Chrome.
• If you use Microsoft Edge.
• If you use Opera.

You can find more information about the Cookies we use and how they work in our Cookie Policy, available at this link (link to the Cookie Policy).

9. Changes to this Privacy Policy

The current version of the Privacy Policy was formulated and last updated on: 03/15/2022

We reserve the right to modify this Privacy Policy at any time, especially to adapt it to any changes made to our website or in the legislative scope. We recommend that you review it frequently.

Any changes will take effect upon their publication on our website, and we will always notify you of the changes made.

By using our services and providing your personal data after such modifications, you consent to them.

10. Responsibility

Nirooh provides for the responsibility of the agents involved in the data processing processes, in accordance with Articles 42 to 45 of the General Data Protection Law.

We commit to keeping this Privacy Policy updated, observing its provisions, and ensuring its compliance.

Additionally, we also undertake to seek technical and organizational conditions securely capable of protecting the entire data processing process.

If the National Data Protection Authority requires the adoption of measures regarding the data processing carried out by Nirooh, we commit to following them.

10.1. Disclaimer

As mentioned in Topic 6, although we adopt high security standards to avoid incidents, no virtual page is entirely risk-free. In this regard, Nirooh is not responsible for:

I – Any consequences arising from the negligence, recklessness, or incompetence of users regarding their individual data. We guarantee and take responsibility only for the security of data processing procedures and for fulfilling the purposes described in this document.

We emphasize that the responsibility for the confidentiality of access credentials lies with the user.

II – Malicious actions by third parties, such as hacker attacks, except when proven to be the result of Nirooh’s willful misconduct or fault.

We highlight that in the event of security incidents that may pose a relevant risk or damage to you or any of our users/clients, we will notify those affected and the National Data Protection Authority and take the necessary actions.

III – Untruthfulness of the information entered by the user/client in the records necessary for using Nirooh’s services; any consequences resulting from false or maliciously entered information are the sole responsibility of the user/client.

11. Data Protection Officer

Nirooh provides the following means for you to contact us to exercise your rights as a data subject:

• Email: contato@nirooh.com.br