Privacy Policy

Privacy Policy Loria Advogados

Loria Advogados, aware of the importance and duty of protecting the privacy of information and personal documents provided by its external and internal users (hereinafter, the “Data Subjects”) in the firm’s various databases—including its internet portals and physical documents under its custody—acting as the Controller of the processing of such personal data, hereby establishes this Privacy Policy.

APPLICABILITY

This Privacy Policy applies solely and exclusively to clients and personal data subjects of Loria Advogados.

APPLICABLE LAW

This Privacy Policy is governed by Brazilian law, in particular Law No. 13,709/18 (General Data Protection Law – LGPD) and Law No. 12,965/14 (Internet Civil Framework).

DEFINITIONS

For purposes of this Privacy Policy, the following definitions apply:

Data Subject: the natural person (clients, employees, partners, suppliers, and service providers) to whom personal data subject to processing refers;

Personal Data: information related to an identified or identifiable natural person. This may include, for example: name, address, email, phone number, debit/credit card number, IP address, and geolocation data;

Sensitive Personal Data: a special category of personal data relating to racial or ethnic origin, religious beliefs, political opinions, trade union or religious/philosophical/political organization membership, health or sexual life, genetic or biometric data;

Anonymized Data: information that, alone or combined with other anonymized data, does not allow the identification of a person, considering reasonable technical means and available tools at the time of processing. May include gender, age, generalized location (such as city), and statistical data;

Database: a structured set of personal data established in one or several locations, in electronic or physical format;

Processing of Personal Data: any operation carried out with personal data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, disposal, evaluation or control of information, modification, communication, transfer, dissemination, or extraction;

Controller: the natural or legal person, public or private, responsible for decisions regarding personal data processing;

Operator: the natural or legal person, public or private, that processes personal data on behalf of the Controller;

Data Protection Officer (DPO): person appointed by the Controller and Operator to act as a communication channel between the Controller, the Data Subjects, and the National Data Protection Authority (ANPD);

User: individuals who access or interact with activities offered on Loria Advogados’ internet portals and other websites of its corporate group.

PURPOSE OF THIS PRIVACY POLICY

The purpose of this Privacy Policy is to inform Data Subjects about the guidelines for collecting, processing, storing, and protecting physical and digital information and documents (“Personal Data”) collected by Loria Advogados or on its behalf, or inserted directly by the Data Subjects (external or internal) into the firm’s digital and physical platforms. It also explains how such Personal Data will be processed, as well as the rights of Data Subjects and how they may exercise them.

PROCESSING OF PERSONAL DATA

Personal Data collected by Loria Advogados may be processed in accordance with the principles established by the General Data Protection Law, always in good faith, and will be incorporated into the corresponding physical and electronic records (the “Records”) or Databases for which Loria Advogados will act as Controller.

Loria Advogados clarifies that any Personal Data collected will be processed only when there is a legitimate purpose, with the Data Subject’s consent or under legal authorization, including when necessary to serve Loria Advogados’ legitimate interests, provided such interests do not override the Data Subject’s fundamental rights and freedoms requiring the protection of personal data.

Personal Data that has undergone an anonymization process (“Anonymized Data”) will no longer be considered Personal Data for purposes of this Privacy Policy, as they can no longer be associated, directly or indirectly, with an individual under applicable law.

PURPOSE OF PERSONAL DATA PROCESSING

The processing of Personal Data by Loria Advogados aims to comply with legal or regulatory obligations for legitimate, specific, and explicit purposes under the applicable law, as well as for the execution of contracts to which the Data Subject is a party.

TYPES OF PERSONAL DATA THAT MAY BE COLLECTED AND PROCESSED

Registration and/or contact information;

Professional and/or legal information;

Identification data issued by official authorities;

Financial / payment information;

Data Subject’s preference data (e.g., internet browsing data on owned or related websites).

METHODS OF COLLECTION OF PERSONAL DATA

Provided directly by the Data Subject or their legal representatives: data entered, physically delivered, or submitted when accessing our channels (websites or applications) or when consulting, applying for, and/or contracting products or services offered by Loria Advogados;

Collected directly by Loria Advogados with the Data Subject’s consent: data collected during commercial processes, marketing campaigns, or through authorized third parties;

Provided by contracted third parties: Personal Data received from third parties working in partnership with Loria Advogados to enrich data, when expressly authorized by the Data Subject;

Collected from public sources: data made available by authorities (such as the Federal Revenue Service), credit institutions, or Personal Data made publicly available by the Data Subject (e.g., websites or social networks), respecting applicable rights and freedoms;

Collected automatically: information gathered automatically using technological tools such as Cookies, as informed to the Data Subject.

RIGHTS OF THE DATA SUBJECT

Data Subjects are guaranteed fundamental rights of liberty, privacy, and intimacy, including ownership of their Personal Data in physical and electronic records held by Loria Advogados or by duly contracted service providers.

Under current law, Data Subjects have the right to:

• confirm the existence of processing; • access their Personal Data; • correct incomplete, inaccurate, or outdated data; • anonymize, block, or delete unnecessary or excessive data, or data processed in non-compliance with the law; • port their Personal Data to another service provider, as regulated by the ANPD; • delete data processed with consent, except when retention is legally required;• receive information about public and private entities with which Loria Advogados has shared their Personal Data; •receive information regarding the option to withhold consent and the consequences of doing so; • revoke consent at any time, in accordance with applicable law.

CONTACT CHANNEL WITH THE DATA PROTECTION OFFICER (DPO)

To ensure that Data Subjects may exercise their rights, Loria Advogados maintains a dedicated Data Governance area, accessible exclusively through:

Email: contato@loriaadvogados.com.br

Requests may be submitted at any time and will be handled promptly within applicable legal deadlines.

PERSONAL DATA PROTECTION MEASURES

Loria Advogados adopts all legally required security measures to protect Data Subjects’ Personal Data, including internal reviews of data collection, storage, and processing practices, as well as encryption and physical security measures.

Any incidents involving Personal Data that may cause harm to Data Subjects will be reported to the ANPD, and Loria Advogados will cooperate with any necessary investigations and take effective measures to remedy potential damages.

SHARING OF PERSONAL DATA

Personal Data may be shared, as provided by law and/or with the Data Subject’s consent, with companies within the same corporate group, subsidiaries, or affiliates, provided that processing purposes remain aligned with this Privacy Policy and applicable law.

Additionally, Loria Advogados may share data with duly contracted and authorized partner companies and service providers (“Operators”), subject to contractual safeguards ensuring data security and the Data Subject’s rights, and permitting processing only for specific purposes under the Controller’s instructions.

COOKIES

By accepting this Privacy Policy, the Data Subject agrees to the processing of cookies under the terms defined below.

Definition: cookies are data files stored on a user’s device (smartphone, tablet, or computer) that record preference information, location, visited pages, and other usage patterns, facilitating navigation and improving user experience.

Classification:

• By duration:

Session cookies: temporary, deleted when the webpage or browser is closed.

Persistent cookies: remain stored after the browser is closed, used to remember login credentials or improve user experience.

• By purpose:

Strictly Necessary Cookies: Essential for enabling the user to access and use the websites, applications, and services offered, which cannot be properly provided without these Cookies. They are generally session cookies.

Performance Cookies: Collect anonymous information about how users access and interact with the websites, applications, and services offered, allowing the system to recognize usage patterns and record visits and interactions.

Functionality Cookies: Enable the system to remember user preferences (such as login information and location) and provide a more personalized experience, including allowing customizations when available. Such information may be anonymized (becoming Anonymized Data) and does not track activities outside the websites, applications, and services offered. These Cookies are generally persistent.

Analytics and Advertising Cookies: Allow advertisers and partners to deliver more relevant ads and information to users. They are also used to limit the number of times a user sees certain ads and to measure the effectiveness of advertising campaigns. They store certain user preferences and help build user profiles to enhance the browsing experience. These Cookies are generally persistent.

How cookies may be used by Loria Advogados:

Loria Advogados may or may not use cookies when a user accesses internet portals owned by the firm or by companies within its corporate group.

Cookies are associated solely with a specific browser on a particular device and do not provide information that would allow identification of the user’s name or surname.

Due to cookies, Loria Advogados may recognize users who have previously registered on the site, so they do not need to register again upon each visit.

Cookies used on the websites and webpages of Loria Advogados’ internet portals may be installed either by Loria Advogados (originating from its own servers) or by third‑party service providers acting on its behalf.

To use Loria Advogados’ internet portals, it is not necessary for the user to accept cookies sent by Loria Advogados. However, if cookies are denied, the user may need to register each time they access a service that requires prior login.

If the user has not activated the option to block cookies, they may search their device’s hard drive following the browser’s instructions. Configuration information is available in each browser’s guides and manuals, such as the examples below:

Internet Explorer: https://support.microsoft.com/pt-br/help/17442/windows-internet-explorer-delete-manage-cookies

Mozilla Firefox: https://support.mozilla.org/pt-BR/kb/ative-e-desative-os-cookies-que-os-sites-usam

Chrome: https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=pt-BR

Safari: https://support.apple.com/pt-br/guide/safari/sfri11471/mac

It is important to note that correct functioning of the internet portals owned by Loria Advogados and its corporate group may not be guaranteed if strictly necessary Cookies are denied.

ADDITIONAL CONSIDERATIONS

The Data Subject guarantees that all Personal Data provided to Loria Advogados is true and legitimate and undertakes to notify the firm of any changes.

Unless otherwise indicated, responses to questions regarding Personal Data are optional and do not affect the quality or quantity of corresponding services.

Loria Advogados will provide tools enabling Data Subjects to agree, in advance, to this Privacy Policy or any other relevant information before granting consent for the storage of Personal Data.

AMENDMENTS TO THIS POLICY

This Privacy Policy may be updated or amended at any time by Loria Advogados, without prejudice to Data Subjects’ rights under applicable law. Any changes will be highlighted in the Policy and may be subject to specific communication when appropriate.