PRIVACY POLICY, COOKIES, AND PERSONAL DATA PROTECTION

This Privacy Policy, Cookies, and Personal Data Protection (“Policy”) was created to reaffirm the commitment of TODOS US LLC, registered under the Employer Identification Number (EIN) with the number 92-3596202 (‘Todos’), to the protection of personal data of its customers and visitors when we assist you on our website www.todosusa.com.

This Policy describes how we collect, maintain, and use your Personal Data, as well as the rights you have under the applicable federal laws of the United States of America, and does not apply to content or sites operated by other companies that are linked to or from the Services, or to any products, mobile applications, or services provided by third parties.

In our constant pursuit of providing the best service and efficiency, please note that this Policy may be adjusted at any time, and it is your responsibility to review it whenever possible through this website.

Personal information we collect:

Some contact information for contracting or commercial proposal purposes may be collected, such as:

• Full Name
• Social Security Number
• E-mail
• Telephone Number
• Date of Birth
• Marital Status
• Gender (optional)
• ZIP Code and Address
• Number on Credit Card
• Name on Credit Card
• Expiration Date on Credit Card
• Verification Code on Credit Card
• Feedback or response information
• Content and files uploaded to the platform
• Geolocation information
• Chat transcripts

Purposes of use:

The personal data collected will be used for the following purposes:

(i) To identify you, so we can provide our products and services, as well as respond to the requests made through our customer service channels, including our contact forms on the website  www.todosusa.com .

(ii) To operate our business, such as creating and maintaining your membership, billing, and accounting.

(iii) For legal, security and safety reasons, such as to protect our rights and the rights of our customers and members, protect the security of our systems and networks, enforce our policies, communicate product recalls or safety notices, or address legal and regulatory compliance obligations.

(iv) For any other purpose described to you at the time information is collected.

Please note that you are solely responsible for the accuracy, truthfulness, or lack thereof regarding the data you provide or its updates. It is your responsibility to ensure their accuracy and keep them up to date.

We are not obliged to process or handle any Personal Data if there are reasons to believe that such processing or handling may impose any violation of any applicable law or if Our Environments are being used for any illegal, unlawful, or immoral purposes.

The database formed through the collection of Personal Data is under our responsibility, and its use, access, and sharing, when necessary, will be carried out within the limits and purposes of the business described in this Policy.

Disclosure of personal information:

We disclose personal information we collect to complete your transactions, provide the Services, or fulfill orders or inquiries you have requested or authorized . For example, when you provide payment information to make a purchase, we will disclose that information with banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, or other related financial services.

We also disclose personal information to Partner companies that supply products and services for TODOS members to complete your transactions, provide the Services, or fulfill orders or inquiries you have requested or authorized.

We also disclose personal information with Partner companies that conduct marketing and advertising services to promote our business. This includes directing online targeted advertising and other marketing offers, promotions, rewards, contests, upcoming events, and notices to you.

We also will access, transfer, disclose, and preserve personal information when we believe that doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; Protect our members, employees or the public; Prevent attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone.

How we use Cookies:

• Why do we use Cookies?

The use of Cookies by us aims to enhance your experience, both in terms of performance and usability, as the content provided will be tailored to your needs.

• How are they stored?

Cookies allow Our Environments to store information when you access the website, such as your preferred language, location, session recurrence, and other variables that we consider relevant to enrich your experience. Cookies may also be used to compile anonymous and aggregated statistics that help us understand how you use our website and improve its structure and content. We will not personally identify you through this data.

• How long do they remain for?

There are two types of Cookies that can be used on the website: “Session Cookies” and “Persistent Cookies”. Session Cookies are temporary Cookies that will remain on your device until you finish browsing or using our forms. Persistent Cookies are Cookies that remain on your device until they are deleted (the duration of the Cookie’s “lifetime” depends on the specific Cookie and browser settings used).

• How can I manage Cookies?

You can change your settings to block the use of Cookies or receive alerts when a Cookie is being sent to your device. Please refer to your browser’s instructions. If you use different devices to access Our Environments (e.g., computer, smartphone, tablet, etc.), you should ensure that the browser on each device is set to meet your Cookie preferences. You can also manage your Cookie preferences by visiting the Cookie Settings page.

How Cookies are categorized:

Cookies are categorized according to their needs and purposes:

1. Essential Cookies - These Cookies are essential for the operation of our platforms. They include, for example, cookies that allow you to log into secure areas of our websites, initiate or complete a contact, or make use of other online services we offer. They also include cookies that help us understand how users navigate our website to improve the overall experience without identifying or profiling you or any other individual user. If you disable these cookies, you may not be able to use our platforms fully or at all.

2. Functional Cookies - These cookies are used to recognize you whenever you return to our platforms. This allows us to personalize our content for you.

3. Analytical Cookies - These are cookies that allow the analysis and monitoring of user behavior and website performance. The information collected through this type of cookies is used to measure website activity and create navigation profiles of users, in order to introduce improvements based on the analysis of user-generated usage data.

4. Advertising Cookies- These cookies record your visit to our websites, the pages you have accessed, and the actions you have taken. We will use this data to make our advertising displayed on other platforms, by third-party advertising providers, more relevant to you. We may share this data with third parties for this purpose. For example, we may offer you relevant advertising based on your browsing history on our platforms. We also use third-party cookies to personalize our ads for you and to help us analyze the behavior of our customers. Our third-party advertising providers set anonymous cookies on other websites where we advertise. If you receive one of these cookies, we may use it to identify you as having visited that site if you later visit our platforms. We customize our ads for you based on this information.

Which Cookies we use, for what purpose, and how long they last:

MUID: This cookie is used by Microsoft to identify the user.

MR: Microsoft uses cookies to track visits from specific web browsers to Microsoft and other websites to target interest-based advertising.

GTMUtmMedium: This cookie is used by Google Analytics to identify a medium, such as email marketing, display (the name used for banner media type), or CPC (Cost per Click).

GTMUtmSource: This cookie is used by Google Analytics to identify a traffic source, which can be a partner website, search engine, or the name of the portal where the advertisement was published.

GTMUtmTimestamp: This cookie is used by Google to collect the real-time date and timestamp of each hit in the local time, including the time zone offset.

__hssc: Hubspot cookie used for tracking navigation.

_hssrc: Hubspot cookie used for tracking navigation.

_hstc: Hubspot cookie used for tracking navigation.

_fbp: Facebook cookie used to store and track visitors across websites.

_GA: Google Analytics cookie used to distinguish users, capturing the Client-ID.

GA: _: Google Analytics cookie used to store and count page views.

_GAT_UA*: Set by Google to distinguish users and their behavior.

_gcl_au: This cookie is used by Google Adsense to assess the efficiency of ads across websites.

_gid: Used to store information about how visitors use a website while anonymously generating an analytical performance report. Collected data includes the number of visitors, their source, and the pages they visit.

_hjAbsoluteSessionInProgress: Hotjar cookie used to store whether it is the first visit of a user.

_hjFirstSeen: Hotjar cookie used to identify the first session of a new user. It stores a true-false value indicating whether this was the first time the site saw that user. It is used by Recording filters to identify new user sessions.

hjSessionUser*: Hotjar cookie used to maintain the unique user ID for this site in the browser, ensuring that behavior on subsequent visits to the same site is attributed to the same user ID.

hjSession*: Hotjar cookie that contains session data. This ensures that subsequent requests within the session window are attributed to the same session.

_uetsid: Bing Ads cookie used to store and track visits to websites.

_uetvid: Bing Ads cookie used to store and track visits to websites.

hubspotutk: This cookie is used to store and track the identity of a visitor.

PHPSESSID: This cookie is used to provide functions across pages.

IDE: This cookie is used to store information on how the user uses the website to present them with relevant ads based on the user’s profile. It is stored on the doubleclick.net website.

c_user: Facebook cookie used to store a unique user ID.

fr: Facebook cookie used to deliver ads or retargeting.

xs: Facebook cookie used to store a unique session ID.

1P_JAR: Store access information and personalize ads.

AID: This cookie is used by Google to personalize ads on devices and track conversions. It uses the user’s Google account information to track linked devices.

NID: This is a cookie used to remember user preferences and other information, such as preferred language, how many search results to display per page (e.g., 10 or 20), and whether to enable Google’s SafeSearch filter.

CONSENT: Used to store cookie consent preferences.

__Secure-3PAPISID: This cookie is used by Google for customized media delivery to the user.

__Secure-3PSID: Build user interest profiles and display relevant and personalized Google ads.

__cf_bm: This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.

_GRECAPTCHA: Used to provide protection against SPAM.

(i) For more information on “Private Browsing” and managing Cookies in the Firefox browser, click here.

(ii) For more information on “Incognito Browsing” and managing Cookies in the Chrome browser, click here .

(iii) For more information on “Private Browsing” and managing Cookies in the Internet Explorer browser, click here .

(iv) For more information on “Private Browsing” and managing Cookies in the Safari browser, click here .

(v) For more information on “Private Browsing” and managing Cookies in the Opera browser, click here .

How we protect your data and how you can protect it too:

• Precautions you should take:

It is very important that you protect your data against unauthorized access to your computer, account, or password when you are in our online environments, and always make sure to click “log out” when ending your browsing session on a shared computer. It is also important to know that we will never send electronic or conventional mail requesting data confirmation or attachments that can be executed (extensions: .exe, .com, among others) or links for potential downloads.

• Access to personal data, proportionality, and relevance:

Internally, the collected personal data is only accessed by duly authorized professionals, respecting the principles of proportionality, necessity, and relevance to the objectives of our business, as well as the commitment to confidentiality and preservation of your privacy according to the terms of this Policy.

• External links:

When using our environments, you may be directed, via a link, to other portals or platforms that may collect your information, especially when using the WhatsApp link.

When accessing external links, you should always check for the existence of Privacy Policies and Terms of Use, carefully reading the provided conditions.

• Email communication: privacidade@cartaodetodos.com

To optimize and improve our communication, when we send you an email, we may receive a notification when they are opened, provided that this option is available. It is important for you to be aware that emails are only sent from domains ending in @cartaodetodos.com

How long do we store your data:

We keep your personal data for as long as necessary or as required by law. Otherwise, we will delete them from our databases or anonymize them so that it is no longer possible to identify you through their processing.

You can request the deletion of personal data at any time.

How we ensure the security of your data:

The security of your personal data is one of our main concerns. To protect it, we use technical and organizational information security measures aimed at ensuring the confidentiality and protection of all data collected or generated in our environments.

The collected data will be stored in our databases located on AWS servers abroad, as well as in cloud computing environments using resources or servers in the cloud.

How to contact us:

If you have any questions regarding this Policy or requests to fulfill your rights, you or your legal guardian can contact our Data Protection Officer directly via the email  privacidade@cartaodetodos.com .

Does any expression seem strange to you? Maybe this small glossary can help you!

We understand that some terms used in this Policy may not be familiar to you in your daily life. For this reason, we have prepared a small glossary containing their definitions. If another term has caused doubt, do not hesitate to ask us through the contact channels provided in the ‘Contact Us’ section.

This Policy shall be interpreted in accordance with the federal Law of the United States of America. If any provision is deemed illegal or illegitimate, the remaining valid conditions will continue to apply. The court of Orange County - Florida is elected to resolve any dispute or controversy involving this document.