Privacy Policy

4Pay Finance, trade name of B4U Soluções de Cobrança e Pagamentos Ltda, registered with CNPJ/MF under number 46.977.494/0001-60, hereinafter simply referred to as '4Pay Finance', recognizes the importance of privacy and the protection of its users' personal data, in accordance with the highest standards of ethics and transparency.

This document establishes the Privacy Policy of 4Pay Finance, drafted in strict compliance with the provisions of Law 13.709, of August 14, 2018 (Lei Geral de Proteção de Dados - LGPD), the Brazilian Civil Code (CC), and Law 12.965, of April 23, 2014 (Marco Civil da Internet), aiming to ensure the protection of the fundamental rights of freedom and privacy and the free development of the personality of the natural person.

The purpose of this Privacy Policy is to establish the conditions under which any personal information we may collect from you, or that you provide to us, will be processed and protected by 4Pay Finance. We understand that your privacy is of paramount importance, and we are committed to using it responsibly, keeping it secure, and respecting your choices and rights.

By defining this policy, 4Pay Finance also seeks to highlight its commitment to complying with the applicable laws, protecting not only the personal data processed through its features but also reinforcing its commitment to security, respect, and transparency towards its users.

This document applies to all users of 4Pay Finance, clearly and accessibly establishing the practices adopted, evidencing our commitment to Art. 1 and the Sole Paragraph of Law 13.709/2018, which highlights the objective of protecting the fundamental rights of freedom and privacy, and Art. 21 of the Brazilian Civil Code, which ensures the inviolability of the private life of the natural person, aiming at a relationship of trust with the user through the ethical and lawful processing of their personal data.

1. Purpose of the Privacy Policy

This Privacy Policy primarily aims to ensure 4Pay Finance's commitment to the security, privacy, and protection of users' personal data, clearly establishing the guidelines under which the personal information collected is processed.

In accordance with the principles of Law 13.709, of August 14, 2018 (Lei Geral de Proteção de Dados - LGPD), the Brazilian Civil Code, and the Marco Civil da Internet (Law 12.965, of April 23, 2014), 4Pay Finance undertakes to respect the privacy and confidentiality of users' data and information, guaranteeing the right to clear information about the collection, use, storage, processing, and protection of such data. This document has the following purposes:

The adoption of these guidelines reaffirms 4Pay Finance's commitment to strictly complying with all legal regulations applicable to the processing of personal data, in addition to reflecting the organization's values with respect to privacy, integrity, and trust, building a solid and transparent relationship with users.

2. Applicability of the Privacy Policy

This Privacy Policy applies to all users of 4Pay Finance for the intermediation of payments with crypto assets, hereinafter simply referred to as '4Pay Finance'. This scope includes, without limitation, users who engage with 4Pay Finance as end consumers, merchants, advertisers, and any other parties that interact with the services offered.

The Policy extends to all modes of access to and use of 4Pay Finance, including but not limited to access via websites, mobile applications, APIs, or any other form of access to the systems provided by 4Pay Finance, regardless of the device used (computers, mobile phones, tablets, etc.).

It is imperative that all users carefully read this Privacy Policy before starting to use 4Pay Finance, since by accessing, browsing, or otherwise using the services offered by 4Pay Finance, users agree to the terms presented herein. If the user does not agree with any of the terms established in this Policy, it is recommended that they do not use the services offered by 4Pay Finance.

The applicability of this Privacy Policy also holds regardless of the user's physical location or the geographical origin where personal data is collected, processed, or stored, as established by Art. 3, III, of Law 13.709, of August 14, 2018. In this way, this Privacy Policy and 4Pay Finance's data processing practices are aligned with the principles established in relevant national legislation, thereby ensuring the protection of privacy and the fundamental rights of freedom and privacy.

This Policy does not apply to third-party websites, services, or products, even if accessible through links or advertisements on 4Pay Finance. It is recommended to read the privacy policies of such third-party services before providing any personal information.

4Pay Finance reserves the right to update or modify this Privacy Policy at any time, with or without prior notice. It is up to users to review the Policy regularly to stay informed about any changes. Continued use of 4Pay Finance after such changes will constitute acceptance of them by the user.

3. User Acceptance

The use of 4Pay Finance for the intermediation of payments with crypto assets ('4Pay Finance') presupposes the user's unequivocal reading, understanding, and acceptance of this Privacy Policy. By proceeding with access to or use of the services offered by 4Pay Finance, the user expresses their free, express, and informed consent, agreeing to be bound by the terms set forth herein, including with respect to the collection, storage, processing, handling, and protection of their personal data, as established by the applicable regulations, in particular Law 13.709, of August 14, 2018.

The user's acceptance is deemed granted at the time they perform affirmative actions that indicate a clear acceptance of the terms of this Privacy Policy, such as ticking a selection box in a digital interface (when available), registering or creating an account on 4Pay Finance, the continued use of the services offered by 4Pay Finance after having been informed about updates to the Privacy Policy, among other actions that may reasonably be interpreted as express consent.

It is important to note that non-acceptance of this Privacy Policy prevents the use of the services provided by 4Pay Finance, since the processing of the personal data collected is essential for the operation of the features offered, ensuring the effectiveness and security of the transactions carried out.

The user has the right to withdraw their consent at any time and should, to this end, contact us through the communication channels made available by 4Pay Finance on its website. However, it is worth noting that the withdrawal of consent may imply the impossibility of using some or all of the services offered by 4Pay Finance, without this constituting any form of indemnification, since such withdrawal affects the legal basis for processing the personal data necessary for the provision of the services.

4Pay Finance undertakes to comply with all legislation relevant to the processing of personal data and to ensure the privacy and security of its users' information, adopting the best practices and appropriate technical and organizational measures to protect personal data.

4. Data Collected and Processing Purposes

4Pay Finance, in the intermediation of payments with crypto assets, collects and processes personal data necessary for the provision of its services, improvement of features, user security, and compliance with legal obligations. The personal data collected may vary according to the user's interaction with 4Pay Finance and the services used, and may include, but not be limited to:

  1. Identification Data: Full name, personal documents (CPF, RG, etc.), date of birth, nationality.
  2. Contact Data: Email address, phone number, mailing address.
  3. Financial and Transaction Data: Credit/debit card information, crypto asset transaction data, operation history.
  4. Technological Data: IP address, information about the browser and device used, cookie data, information about interaction with 4Pay Finance.
  5. Personal photo holding the official document (for identity verification – KYC) or selfie.

Processing Purposes:

The personal data collected are used specifically for the following purposes:

  1. Service Execution: Enable the intermediation of payments with crypto assets, including executing transactions, verifying the user's identity, and facilitating communication between the parties involved.
  2. Security: Fraud prevention, identity verification, ensuring the security of transactions, improvements to security mechanisms.
  3. Service Improvement: Development and enhancement of new features, analysis of the use of the services offered, adaptation of 4Pay Finance to users' needs.
  4. Communication and Marketing: Send personalized communications and offers based on the use of the services by 4Pay Finance, provided there is the user's express consent for this purpose.
  5. Legal Compliance: Compliance with regulatory and legal obligations, response to requests or orders from competent authorities.

It is important to emphasize that the collection and processing of personal data by 4Pay Finance are carried out in strict compliance with Law 13.709, of August 14, 2018 (Lei Geral de Proteção de Dados - LGPD), ensuring the protection of users' fundamental rights of freedom and privacy.

Personal data will be processed only for the period necessary to achieve the purposes for which they were collected, respecting the principles of purpose, adequacy, necessity, among others provided for by the applicable legislation on the protection of personal data. At the end of this period and if there is no legal need for their retention, the data will be duly deleted or anonymized.

5. How Personal Data Is Protected by 4Pay Finance

4Pay Finance, in the intermediation of payments with crypto assets, undertakes to adopt the best practices and standards of information security, aiming to protect the confidentiality, integrity, and availability of users' personal data. To this end, 4Pay Finance implements a series of technical and organizational measures designed to ensure the security of personal data, including:

  1. Access Controls: Restrict access to personal data only to authorized employees who need this information to perform their professional duties. All employees are subject to strict confidentiality obligations.
  2. Encryption: Use of advanced encryption technologies to protect personal data during the transmission and storage of sensitive information.
  3. Monitoring and Intrusion Detection: Implementation of security solutions to monitor, detect, and prevent unauthorized or abnormal access to 4Pay Finance's network.
  4. Security Audits: Regular performance of audits and penetration tests to identify and correct possible vulnerabilities in information systems.
  5. Employee Training: Ongoing training of our employees in information security practices, making them aware of the importance of protecting personal data.
  6. Security Policies: Adoption and maintenance of internal information security policies that establish expected standards of behavior for employees and third parties regarding the use and processing of personal data.
  7. Backup and Recovery: Implementation of backup routines and data recovery procedures to ensure the restoration of systems and data in case of security incidents or technical failures.
  8. Privacy by Design and by Default: Incorporation of privacy considerations into system development and maintenance processes, ensuring that the processing of personal data is carried out with the highest security from the outset and that only the data necessary for each specific purpose are collected.

These measures are constantly reviewed and updated in order to respond appropriately to technological changes and to new challenges and risks to data security. It is important to note that, despite adopting high security standards, no method of data transmission or storage is completely secure. Therefore, while we strive to the utmost to protect users' personal data, we cannot guarantee their absolute security. In the unlikely event of a security breach that may generate a high risk to users' rights and freedoms, we undertake to notify those affected and the competent authority in accordance with the applicable legislation, within a reasonable timeframe.

6. SMS Sending

  1. Authorization for SMS Sending: By accepting this Privacy Policy, the user expressly authorizes the sending of SMS messages by our application to the provided mobile number. These messages are used exclusively for operational purposes, such as two-factor authentication (2FA) and the sending of one-time passwords (OTP).
  2. Cancellation of SMS Sending: The user may, at any time, cancel the receipt of SMS messages by sending one of the following words: 'CANCEL', 'QUIT', 'END', 'UNSUBSCRIBE', 'STOP' or 'STOPALL' to the corresponding number. After cancellation, no SMS messages will be sent, except when necessary to restore account access, upon new authorization from the user.
  3. Prohibition of Marketing Campaigns and Spam: We do not use SMS messages for marketing, advertising, or any promotional campaigns. We are completely against the sending of spam and guarantee that SMS sending will be carried out only for the purposes described in this Privacy Policy.
  4. Purpose of Collecting the Mobile Number: The mobile number provided by the user is collected exclusively for the sending of SMS messages necessary for two-factor authentication (2FA) and the sending of one-time passwords (OTP). We do not use the mobile number for other purposes.
  5. Data Security and Protection: The mobile number and all information provided by the user are stored in encrypted form and with the best available security practices. In addition, we guarantee that no personal information of the user, including the mobile number, will be shared with third parties under any circumstances.
  6. Help and Information: If the user needs assistance or additional information about the SMS sending service, they may send the word 'HELP' or 'INFO' to the corresponding number. We will respond with instructions or detailed information to meet the request.

7. Cookies

4Pay Finance, in the intermediation of payments with crypto assets, uses cookies and similar technologies to improve the user experience when browsing our website, facilitate the use of 4Pay Finance's features, as well as to monitor and analyze the performance, operation, and effectiveness of 4Pay Finance. This clause aims to explain the use of cookies by 4Pay Finance, covering the following aspects:

Definition of Cookies

Cookies are small text files that are stored on the user's device (computer, phone, tablet, or any other internet-access device) by the browser, containing information about browsing. Such files allow 4Pay Finance to recognize the user's device on subsequent visits.

Types of Cookies Used

  1. Essential Cookies: These are strictly necessary for the operation of 4Pay Finance, enabling navigation and use of its features. Without these cookies, requested services such as transactions and secure payments cannot be provided.
  2. Performance and Analytics Cookies: They collect information about how users interact with 4Pay Finance, identifying the most visited areas, time spent, and any issues encountered, such as error messages. These cookies help improve website performance.
  3. Functionality Cookies: They allow 4Pay Finance to remember choices made by the user (such as username, language, or the region they are in) to provide a more personalized experience.
  4. Advertising and Social Media Cookies: Used to deliver ads that are more relevant to the user and aligned with their interests. They are also used to limit the number of times an ad is seen and help measure the effectiveness of advertising campaigns.

Cookie Management

The user is free to block or remove cookies through browser settings. However, it is worth noting that disabling cookies may limit the overall browsing experience and prevent the use of some features of 4Pay Finance.

Consent

By using 4Pay Finance, the user agrees to the use of cookies under the terms of this Policy, unless they choose to block them. Detailed information on how to manage cookie preferences can be found in the help settings of the respective browser.

This Cookies clause will be updated periodically to reflect changes in the cookies used or due to legal requirements. We recommend that users revisit this section frequently to stay informed about the use of cookies by 4Pay Finance.

8. Legal Bases for Data Processing

In line with the provisions of the Lei Geral de Proteção de Dados (Law No. 13.709/2018), 4Pay Finance, in the intermediation of payments with crypto assets, recognizes and emphasizes the importance of privacy and the protection of personal data. The processing of personal data conducted by 4Pay Finance is strictly based on the following legal bases, ensuring the legitimacy of its operations in processing such information:

In all personal data processing operations, 4Pay Finance ensures transparency with data subjects, providing clear information about the purpose, the nature of the data processed, and the rights available to data subjects, as provided in the applicable legislation.

4Pay Finance therefore undertakes to adopt all necessary measures to ensure compliance with the fundamental principles of data protection, including purpose limitation, necessity, transparency, security, prevention, and non-discrimination, aiming at the full protection of users' fundamental rights of freedom and privacy.

9. Data Transfers

4Pay Finance, in the intermediation of payments with crypto assets, safeguarding the privacy and security of its users' personal data, sets specific conditions for the transfer of such data, both domestically and internationally, ensuring the maintenance of the protection and the rights of the data subjects, as stipulated by the Lei Geral de Proteção de Dados (Law No. 13.709/2018) and other applicable legislation.

This clause reflects 4Pay Finance's commitment to ensuring that every transfer of personal data is aligned with the best practices and regulations for the protection of privacy and personal data, thereby guaranteeing the integrity and security of users' information in the process of intermediation of payments with crypto assets.

10. Users' Rights

4Pay Finance, in the intermediation of payments with crypto assets, ensures users, in full compliance with the Lei Geral de Proteção de Dados (Law No. 13.709/2018), the following rights regarding their personal data:

4Pay Finance undertakes to provide all necessary and appropriate means for data subjects to exercise their rights. Requests relating to users' rights will be handled at no additional cost, within the timeframes established by applicable legislation. Furthermore, 4Pay Finance strives to keep its users informed about any changes in the policy for processing personal data, ensuring full transparency and respect for the privacy of data subjects.

11. Retention and Deletion of Personal Data

Whenever necessary, even after the cancellation of your account with 4P Finance or other services and products, we may retain your personal data for an additional period. Such retention may occur to meet legal or regulatory requirements, for audit purposes, to ensure the regular exercise of rights by 4P Finance, or for as long as the applicable legal basis allows. For example, we may retain your data to comply with determinations from the Banco Central do Brasil (BCB), the Comissão de Valores Mobiliários (CVM), BSM Supervisão de Mercados, ANBIMA, SUSEP, and other regulatory bodies, as well as to safeguard our rights in any legal proceedings. Rest assured: your data will be kept in a secure and controlled environment and will be deleted or anonymized as soon as there is no further need or legal justification for its retention, as provided for in the LGPD.

12. Information Security Frameworks and Standards

4Pay Finance recognizes the critical importance of information security for the protection of users' personal data. In this regard, it adopts security practices aligned with the most recognized international frameworks and standards, incorporating the strategies of 'Privacy by Design' and 'Privacy by Default' into its activities and systems.

Privacy by Design: This principle ensures that privacy and the protection of personal data are considered from the outset and at all stages of the development, implementation, and delivery of 4Pay Finance's products, services, and processes. Privacy is an integrated premise, not an afterthought.

Privacy by Default: 4Pay Finance ensures that the default settings of systems and services are as privacy-protective as possible. This means that, without any specific user intervention, personal data will be processed with the highest degree of privacy.

To ensure the effectiveness of these principles, 4Pay Finance employs a combination of technical and organizational measures, including but not limited to:

4Pay Finance is committed to continuously assessing and updating its information security practices, aiming not only at compliance with applicable laws and regulations but also at the robust and effective protection of users' personal data.

This commitment to information security reflects 4Pay Finance's dedication to maintaining users' trust, ensuring a secure and private digital environment for conducting their transactions.

12. Auditing

4Pay Finance is committed to maintaining the highest standard of protection of its users' personal data. To ensure ongoing compliance with this commitment, as well as with the applicable legal requirements, 4Pay Finance implements a rigorous audit program for data protection procedures. This program is intended to:

The audit procedures will be carried out by specialized internal teams or, as necessary, with the assistance of independent and qualified third parties, to ensure an impartial and objective assessment of 4Pay Finance's data protection procedures.

All relevant findings will be recorded, and an action plan will be developed to effectively resolve any issues identified within an appropriate timeframe.

This audit program represents a fundamental component of 4Pay Finance's strategy to ensure the integrity, privacy, and protection of the personal data entrusted by its users.

13. General Provisions

This Privacy Policy, which establishes 4Pay Finance's commitment to the privacy and protection of its users' personal data, is governed by the principles of lawfulness, good faith, transparency, purpose, adequacy, necessity, free access, data quality, security, prevention, non-discrimination, accountability, and rendering of accounts, in accordance with Law 13.709 of August 14, 2018 (Lei Geral de Proteção de Dados - LGPD), and other legislation applicable to data protection and privacy.

This Policy may be updated at any time by 4Pay Finance, ensuring its effectiveness and alignment with the prevailing legal standards and market best practices. It is the user's responsibility to periodically review the document to be aware of any changes. Continued use of 4Pay Finance's services after such changes will constitute acknowledgment and acceptance of them.

Questions, comments, and requests related to this Privacy Policy are welcome and should be directed to 4Pay Finance's customer service channel, whose contact details will be made available on the official website or another communication channel associated with 4Pay Finance.

In case of disagreements over the interpretation or application of this Policy, the parties will seek an amicable solution. If this is not possible, the court of the district of 4Pay Finance's headquarters is elected to settle any disputes arising from this Policy, with express waiver of any other, however privileged it may be.

This Privacy Policy comes into force on the date of its publication on 4Pay Finance's official website or another official means of communication.

Adherence to and compliance with this Policy by all users and collaborators are essential to ensure the effective protection and privacy of the personal data processed by 4Pay Finance.

In accordance with the LGPD, 4P Finance is considered the 'Controller' of your personal data. If, after reading this Privacy Notice, you have any questions, need to address matters related to your personal data, or request the closure of your account, contact us through the channels below: Contact email: contato@4p.finance, or via WhatsApp: +55 11 5128-9991. We are always available to clarify your doubts, handle your requests, and ensure that you remain in control of your personal data.