PRIVACY POLICY

Last updated: 09/15/2023

01. GENERAL INFORMATION

This Privacy Policy contains information on the collection, use, storage, processing, and protection of personal data of users and visitors of the Teamish application, with the purpose of demonstrating absolute transparency on the subject and clarifying to all interested parties about the types of data that are collected, the reasons for collecting them, and how users can manage or delete their personal information.

This Privacy Policy applies to all users and visitors of the Teamish application and is part of the General Terms and Conditions of Use of the Teamish application, which is solely and exclusively owned by Teamish Ltda, duly registered with CNPJ under number 49.232.053/0001-27, located in Belo Horizonte – MG - Brazil, hereinafter referred to as Teamish.

This document was prepared in accordance with the General Data Protection Law (Law 13.709/18), the Internet Civil Framework (Law 12.965/14), (and the EU Regulation No. 2016/6790). Additionally, the document may be updated due to eventual normative updates, which is why the user is recommended to periodically check this section.

By joining the Teamish app, the user expressly confirms that they have read, understood, and agreed to all the provisions of this "Privacy Policy". The user may not use the application if they do not agree with any of the provisions listed in this document.

02. WHO WE ARE?

Teamish is a network gamification app that was born out of the need to motivate teams. We believe that daily life, whether at work, school, or with family, can become a more fun journey through an innovative gamified system. To achieve this, we offer a space with motivating missions, peer recognition, and the ability to deliver rewards for a job well done. Teamish is designed for groups and companies that want to promote their culture, create engaged teams, and retain their talents.

03. HOW DO WE COLLECT USER AND VISITOR PERSONAL DATA?

The personal data of the user and visitor are collected by the platform in the following way:

  • When a user or visitor accesses the pages of the Teamish.app website and signs up to receive more information about the platform, the basic contact information collected includes full name, company, email, and/or phone number. Users and visitors are aware that this data will not be accessible to other users of the platform. Information about interaction and access may also be collected to ensure a better experience for the user and visitor. This data may include keywords used in a search, comments, page views, profiles, the URL from which the user and visitor come from, the browser they use, and their access IPs, among others that may be stored and retained.
  • When a user creates an account/profile on the Teamish platform, the basic identification data collected includes email, full name, and phone number. Using this information, we can identify the user and visitor, as well as ensure greater security and well-being for their needs. Users and visitors are aware that their profile on the platform will only be accessible to other users on their team.
  • Through a third party: the Teamish platform receives data from team members through the team administrator, initially intended to provide access to future team members. This data includes basic identification data, such as email, full name, and phone number of users who will later confirm them when completing their registration on the Teamish platform. If the user does not wish to participate in the Teamish platform, they must request the removal of their data from their team administrator.

    • 04. WHAT PERSONAL DATA DO WE COLLECT ABOUT THE USER AND VISITOR?

    The personal data collected from the user and visitor are as follows:

  • Data for creating an account/profile on the Teamish platform: full name, email, date of birth, company/team to which the user is affiliated, and date of admission.
  • Data for optimizing navigation: record of page access, keywords used in search, recommendations, comments, posts, shares, interaction with other profiles and users, IP address, and mobile device ID.
  • Photos and videos used in posts made by the user: when you make a post, such as completing missions or recognizing a colleague, the images, videos, and text included can be viewed by all members of the team and shared again anywhere. Users, visitors, and others may find and view your publicly shared content, including your name (and your photo if you have provided one).
  • Emotional data: the app features an emotional thermometer where the user can report how they are feeling and describe it. This content is not shared publicly and only the app managers will have access to it.

    • 05. FOR WHAT PURPOSES DO WE USE USER AND VISITOR PERSONAL DATA?

    The personal data of the user and visitor collected and stored by the Teamish platform are intended for:

  • To improve the product and/or service offered, facilitate, streamline and fulfill the commitments established between the user and the company, improve user experience and provide specific functionalities depending on the basic characteristics of the user.
  • Platform improvements: understand how the user uses the platform's services to assist in business and technical development.
  • Advertisements: present personalized ads to the user based on the provided data.
  • Commercial: the data is used to personalize the content offered and generate subsidy to the platform for improving the quality of the service operation.
  • User profile prediction: automated processing of personal data to evaluate the use of the platform.
  • Registration data: to allow user access to certain platform content exclusive to registered users.
  • Contract data: provide legal security to the parties and facilitate the conclusion of the business.
  • Emotional thermometer: monitor the mood of employees, using this information as input for actions aimed at improving the health of each one of them.

    • The processing of personal data for purposes not provided for in this Privacy Policy will only occur upon prior communication to the user, so that the rights and obligations provided herein remain applicable.

    06. HOW LONG IS PERSONAL DATA STORED?

    The personal data of the user and visitor are stored by the platform for the period necessary for the provision of the service or the fulfillment of the purposes provided in this document, as provided in item I of article 15 of Law 13.709/18.

    The data may be removed or anonymized at the request of the user, except in cases where the law provides for another treatment.

    Furthermore, the personal data of users can only be kept after the end of their treatment in the following situations provided for in Article 16 of the mentioned law:

    I - compliance with a legal or regulatory obligation by the controller;

    II - study by research organization, ensuring, whenever possible, anonymization of personal data;

    III - transfer to a third party, provided that the data processing requirements provided for in this Law are respected;

    IV - exclusive use by the controller, prohibited access by third parties, and provided that the data is anonymized.

    07. SECURITY OF STORED PERSONAL DATA

    In order to preserve your privacy, Teamish will not share your personal data with any unauthorized third parties.

    Among the measures we have adopted, we highlight the following:

  • Only authorized personnel have access to your personal data.
  • Access to your personal data is granted only after signing a confidentiality agreement.
  • Your personal data is stored in a secure and reliable environment.
  • All communications between client and server are performed through an encrypted channel using "secure socket layer" (SSL) technology, which ensures the transmission of data in a secure and confidential manner.

    • Teamish is committed to adopting best practices to prevent security incidents. However, it is important to note that no virtual application is entirely secure and free from risks. It is possible that, despite all our security protocols, problems solely caused by third parties may occur, such as cyber attacks by hackers, or as a result of the negligence or recklessness of the user/client.

    In case of security incidents that may generate relevant risk or damage to you or any of our users/customers, we will communicate to the affected parties and the National Data Protection Authority about the incident, in accordance with the provisions of the General Data Protection Law.

    08. DATA SHARING

    The personal data of the user and visitor is stored by the platform for the period necessary for the provision of the service or the fulfillment of the purposes set forth in this document, in accordance with the provisions of item I of article 15 of Law 13.709/18.

    Your data may be shared with our commercial partners only to the extent necessary for the provision of the contracted services, such as hosting and storage, with our contracts guided by the data protection regulations of the Brazilian legal system.

    There are other scenarios in which your data may be shared, which include:

    I - Legal determination, request, requisition or court order, with competent judicial, administrative or governmental authorities.

    II - In case of corporate transactions, such as merger, acquisition, and incorporation, automatically.

    III - Protection of Teamish's rights in any type of conflict, including those of a judicial nature.

    09. INTERNATIONAL DATA TRANSFER

    Some of the third parties with whom we share your data may be located or have facilities located in foreign countries. In any case, your personal data will be subject to the General Data Protection Law and other Brazilian laws on data protection.

    In this sense, Teamish is committed to always adopting efficient cybersecurity and data protection standards, to the best of its efforts, to ensure compliance with legislative requirements.

    By agreeing to this Privacy Policy, you agree to such sharing, which will occur in accordance with the purposes described in this document.

    10. COOKIES OR NAVIGATION DATA

    Cookies refer to text files sent by the platform to the user and visitor's computer and stored there, with information related to browsing on the site. Such information is related to access data such as location and time of access and is stored by the user and visitor's browser so that the platform's server can read them later in order to personalize the platform's services.

    The user and visitor of the Teamish platform acknowledge and accept that a system for collecting navigation data through the use of cookies may be employed.

    The persistent cookie remains on the user and visitor's hard drive after the browser is closed and will be used by the browser on subsequent visits to the site. Persistent cookies can be removed by following your browser's instructions. On the other hand, the session cookie is temporary and disappears after the browser is closed. It is possible to reset your web browser to refuse all cookies, but some features of the platform may not function properly if the ability to accept cookies is disabled.

    11. CONSENT

    By using the services and providing personal information on the platform, the user is consenting to this Privacy Policy.

    By registering, the user acknowledges and may exercise their rights to cancel their registration, access and update their personal data, and guarantees the truthfulness of the information provided by them.

    The user has the right to withdraw their consent at any time, for which they must contact us via email dpo@teamish.app.

    12. USER AND VISITOR RIGHTS

    In compliance with Article 18 of Law No. 13,709/2018, Teamish ensures its Users and Visitors the exercise of the following rights:

  • Confirmation of the existence of processing;
  • Access to data;
  • Correction of incomplete, inaccurate or outdated data;
  • Anonymization, blocking or deletion of unnecessary, excessive or data processed in noncompliance with the provisions of this Law;
  • Data portability to another service or product provider, upon express request and subject to trade and industrial secrets, in accordance with the regulations of the controlling agency.
  • Deletion of personal data processed with the consent of the data subject, except in the cases provided for in Article 16 of the aforementioned Law.
  • Information about public and private entities with which the Controller has shared data.
  • Information about the possibility of not giving consent and the consequences of refusal.
  • Revocation of consent, as provided for in § 5 of Article 8 of the aforementioned legislation.

    • The exercise of any of these rights can be requested through email dpo@teamish.app at any time and upon simple request. We will endeavor to respond to all legitimate requests as quickly as possible.

    13. CHANGES TO THIS PRIVACY POLICY

    We reserve the right to modify this Privacy Policy at any time, so it is recommended that the user and visitor review it frequently.

    Changes and clarifications will take effect immediately upon their posting on the platform. When changes are made, users will be notified. By using the service or providing personal information after any modifications, the user and visitor demonstrate their agreement to the new rules.

    In the event of a merger or sale of the platform to another company, user data may be transferred to the new owners for the continuity of the services offered.

    14. JURISDICTION FOR CONFLICT RESOLUTION

    For the resolution of disputes arising from this instrument, Brazilian law will be fully applied.

    Any disputes shall be presented in the jurisdiction of the city of Belo Horizonte, in the state of Minas Gerais.