Data Protection Policy (GDPR/LGPD)

1. Introduction

Xora, committed to protecting personal data, presents this Data Protection Policy in compliance with the General Data Protection Law (GDPR/LGPD). This policy describes how we collect, use, store and protect your personal information.

2. Data Collected

We collect the following types of personal data:

• Identification data: name, email, phone
• Navigation data: IP address, cookies, browsing history
• Communication data: messages sent through contact form
• Technical data: information about devices and browsers used

3. Purpose of Processing

We use your personal data to: provide our services, respond to contact requests, improve our platform, comply with legal obligations and maintain the security of our systems.

4. Legal Basis

Personal data processing is carried out based on the following legal hypotheses:

• Data subject consent
• Contract execution or preliminary procedures
• Compliance with legal or regulatory obligation
• Regular exercise of rights in judicial, administrative or arbitration proceedings

5. Data Sharing

We do not share your personal data with third parties, except when necessary for service provision, compliance with legal obligations or with your express consent.

6. Your Rights

You have the following rights over your personal data: confirmation of processing existence, data access, correction of incomplete or inaccurate data, anonymization or elimination, portability, elimination, information about sharing and consent withdrawal.