Brazil Privacy Notice (English)

Introduction

Unlimit and its group companies or businesses are part of a global payments and technology organisation holding various licenses and authorizations as each business is obliged to under the laws and regulations it operates in.

Unlimit Brasil Instituição de Pagamento Ltda (“Unlimit” or “we” or “us” or “Company”) provides our merchants with payment services and the platforms and applications (“platforms”) through which credit card payments services and other alternative payment methods are offered (“payment services”) to merchants.

The purpose of this Privacy Notice is to provide you with information on how Unlimit processes your personal data when you correspond, apply or establish relations with us as a customer, partner or merchant or when you use our corresponding services and website.

This Privacy Notice sets out our current policies and commitment to data protection and privacy. In line with this, we aim to collect and process only personal data strictly necessary in the context of our relationship with customers and merchants (collectively referred to as “Customers” or “you”) and online resources, in order to provide services and/ or information for specific and legitimate purposes.

Unlimit while providing it’s services to you is committed to appropriate use and protection of personal data in respect with Law No. 13.709 of 14 August 2018, Lei Geral de Proteção de Dados (‘LGPD’) any amending or replacing Brazil legislation adopted with regard to the protection of Personal Data (“data protection law”).

If you are looking for a privacy notice in respect of another jurisdiction/country please select the country of choice on www.unlimit.com.

What this Notice tells you

This Notice contains a description of:

1. Scope and General Provisions;
2. Why do we process personal data;
3. When do process personal data;
4. What types of personal data do we process;
5. What are the purposes for processing your personal data;
6. Who do we share your personal data with;
7. Automated decision making and profiling;
8. Website and Automatic collection — Cookies and IP addresses;
9. What are your rights and how to raise a complaint;
10. How long we keep your personal data;
11. How we keep your personal data secure;
12. Your responsibilities;
13. How do we tell you when we change this Notice.

Scope and General Provisions

This Notice should be read together and in conjunction with the relevant Terms and Condtions of the service/product (as applicable) provided by Unlimit.

  • This Notice is addressed to natural persons (“data subjects”) in the context of relationships that arise between Unlimit and its Customers, where natural persons:
  • Are Directors, signatories, representatives, shareholders, beneficial owners, secretaries, officers, employees of legal entities or are Individuals who are current or potential/applicant or former Customers;
  • Represent a legal entity/Customer, have applied to Unlimit for a service/product offered by Unlimit, are applicable users of a Unlimit service/product, website or online system.

In this Notice:

  • “Personal data” refers to information that identifies you or may identify you (e.g., depending on who you are, a merchant, cardholder, supplier or business partner) and depending on how you interact with us, we may process different types of personal data;
  • “Processing” of personal data refers to collecting, gathering, handling, storing, transmitting and combining personal data;
  • A “data subject” is a person that can be identified or identifiable from the personal data processed by a controller or processor;
  • A “data processor” means any person who processes personal data on behalf of a data controller;
  • A “data controller” means any person who alone or in conjunction with another person determines the purpose and means of processing personal data.

If you are an end-user of a Customer’s services or product (like a payer or a shopper), we act as a processor for the Customer and we recommend that you review the privacy policies of the Customer. If you want to know how we process any of your personal data as a processor on the instructions of the Customer, then this Notice applies.

Some links on Unlimit websites may contain links or lead/originate to/from non-Unlimit websites or areas with their own data protection policies, which may differ from our Privacy Notice. Please ensure that the relevant policies of other entities are acceptable to you prior to using other sites or areas. Unlimit does not accept any responsibility or liability for third party websites. Additionally, if you are not a data subject to whom this Notice is addressed, please refer to the privacy policy of the relevant data controller entity of your personal data to learn more about how the entity processes it.

Why do we process personal data

For us to be able to provide our services to our Customers, we require that the Customer shares information (including certain personal data) requested by us for the following grounds:

  • To comply with our legal obligations deriving from AML legislation and other legal acts. These legal obligations require us to identify you, verify your identity and perform due diligence and enhanced due diligence if applicable on your person, as well as to fulfil our legal obligations under payment laws such as fraud prevention and other applicable laws;
  • For contractual purposes: to establishment of business relations for provision of services, execution of transactions and for the performance of contractual obligations between both parties (Unlimit and its Customers) requires provision of certain personal data;
  • Our legitimate interests, such as implementing online and physical security measures for the proper provision of our services, ensuring data and physical and logical security, as well as access control management, communicating with you to provide the best quality service etc.

Unlimit, as a provider of payment services and payment methods to Customers of services often acts as a processor of personal data in respect to these businesses, who are the responsible parties as controllers for your personal data and its processing.

 

When do we process personal data

Various types of personal data are collected and processed in the context of the relationship arising between you and Unlimit and according to the service/product used and your capacity. Indicatively, the following are examples of categories and types of personal data may be processed:

Individual personal information E.g., Name, previous names, data and place of birth, language, if you hold prominent public functions (PEPs), residence permit.
Individual personal contact details E.g., Work address, home address, email address, telephone number, other contact details.
Identity information E.g., Passport, National ID card, Nationality, Utility bill, tax residence and tax ID.
Financial information E.g., Income, assets, financial status, source of wealth, personal bank details, professional status, employment field, employer details (including for example information such as certificates of directors/shareholders), level of education, property ownership, personal investments and income, loans, copy of payslips, tax returns, credit reference information.
Authentication data E.g., Signature specimens, user logins.
Communications E.g., Personal data that you may provide by filling in forms or by communicating with us (e.g., directed to us in letters, emails, via our electronic channels such as through our apps/ dashboards).
Transactional and other/ documents information E.g., Data arising for the execution of payment transactions (including data such as date, time, amount, currencies, beneficiary details, location information and details of merchant/ATM associated with the transaction), supplementary/supporting documentary evidence related to transactions, details arising from contractual obligations between Unlimit and Customers.
Location and technical information .g., Location data (for example at the time of login or a transaction); technical information from/on devices and technology you use, IP addresses and device information, visitor’s information and similar information collected automatically.
Publically available Data E.g., Details about you from public records, media and information available in databases, on the internet.
Documentary Data E.g., Details about you stored in documents in different formats or copies of them.
Investigations data/ results of due diligence and enhanced due diligence E.g., Due diligence checks, sanctions and AML checks, Information to identify and manage fraud. We may also collect data regarding criminal convictions and offenses (special category of data), as part of its compliance measures with regulatory obligations, as well as other supporting documents and personal data related to the categories above.
Media E.g., Closed circuit television (CCTV) at our offices (which may collect photos or videos of you).
Consents E.g., Any permissions or consent given to us.

What are the purposes for processing your personal data

Your personal data is processed with the data minimization principle in mind. We aim to limit the processing of your personal data to what is needed for a lawful purpose. The Company uses personal data, amongst others, to:

  • Verify your identity (e.g., authentication, AML purposes and fraud prevention purposes);
  • To provide the payment services requested in accordance with our merchant/Customer agreements (e.g., including conducting acceptance procedures to enter into business relations);
  • To provide delivery channels (e.g. online systems, dashboards);
  • To execute transactions;
  • To execute requests, act upon instructions;
  • To perform our contractual obligations;
  • To perform anti-money laundering checks and evaluations;
  • For crime prevention purposes and/or cooperation with authorities;
  • Use technology for decision-making purposes, such as fraud prevention and anti-money laundering;
  • Perform data analytics to improve our Services;
  • To  communicate with you and provide you with up-to-date information;
  • To provide ongoing support, handle inquiries, complaints and similar issues;
  • To provide information in relation to the requested/provided products and services;
  • To provide information on products/services (this may be advertising/marketing which will be subject to your consent and you may unsubscribe at any time);
  • To enforce internal procedures and protective measures against fraud, risk and financial crime;
  • For internal and regulatory reporting purposes;
  • For internal operational support and administrative purposes (e.g., product development, audit, risk management);
  • Obtain reports of an online problem (e.g., with our website/online services);
  • General administrative functions (e.g., maintenance of our internal records necessary for keeping up-to-date information in our systems, general record-keeping);
  • Statistics and analytics for internal purposes and improvement of services and website;
  • Compliance with our legal obligations and regulatory framework;
  • Enforce or defend the rights of Unlimit or Unlimit group/affiliates;
  • Ensure security and business continuity;
  • For service quality management and product improvement.

Legal bases — Lawful reasons for processing

When we process your personal data, we will rely on one of the processing legal bases below. We may process your personal data for more than one legal basis depending on the specific purpose for which we are using your data.

Conclusion and performance of a contract

This is when processing of personal data is needed to conclude a service contract with you and/or perform our obligations under a contract (to provide services) concluded with Customers. This is also processing in the course of the application to be able to complete our acceptance process of a potential Customer to be able to enter into a contract.

Legal obligation or for public interest

This is when we are required to process your personal data to comply with a legal obligation. Unlimit is subject to various legal obligations, legal and regulatory requirements which include AML Laws and Laws on provision of payment services among others. We are also required to implement regulations and directives of competent supervisory authorities of Unlimit’s business. The purposes of processing include verification controls of identity, money laundering and fraud prevention, compliance with our record reporting obligations, tax obligations, risk control measures, as well as providing information to a competent authority, public body or law enforcement agency.

Legitimate interests

Where necessary, we may process personal data where there is a legitimate interest for us or a third party in pursuing commercial and business interests, except where such interests are overridden by your interests, fundamental rights and freedoms.

Your consent

In particular circumstances, we may ask you for specific permission to process personal information for specific purposes. Your data will be processed in this way if you agree to this. Where the legal basis is the consent you provided, you may withdraw your consent any time. The revocation of your consent will not affect the legality of the data processed prior to the revocation.

We have set out below for in a table format, an indicative description for your convenience, of the ways we may use your personal data as set out above, and which of the legal bases we may rely on to do so; we have also identified what our legitimate interests are and may be where appropriate.

Purpose (what we use your information for) Lawful reason Our Legitimate Interests
Acceptance processes to establish relationship:

To review Customer’s application

 Performance of contract (to establish a contractual relationship)

Legal Obligation

 Compliance with applicable regulations governing the provision of Company’s services

Record Keeping

Legal obligations during the review of an application
AML/TF, fraud prevention activities:

To identify, examine, prosecute and prevent crime or fraud

To verify Customer and identify his (continued) eligibility for the requested services and ability for management of the account

To manage risk internally for the Company and externally for the Customers

To comply with applicable laws and regulations

To provide information to authorities upon request

To respond and solve complaints and data subject requests

 Legal Obligation

Performance of contract

Legitimate Interest

 To establish and implement an internal fraud and crime identification and reporting mechanism

Compliance with applicable regulations governing the provision of Company’s services

Cooperation with authorities at a national and international level

To fulfill our legal and contractual obligations
Conducting of business relationship:

To deliver the requested products and services

To execute and manage Customer’s payment orders and to perform our obligations arising from Customer’s transaction

To apply on the Customer’s account any fees and charges;

To collect any due funds

To communicate with the Customer and provide information

 Performance of contract

Legal Obligation

Legitimate Interest

 Fulfilment of our legal and contractual duties

Compliance with applicable regulations governing the provision of Company’s services

Company’s interest in providing the requested services at a satisfactory and anticipated level

Record Keeping maintenance
To manage the Company’s operations, financial

and business ability, communication channels and organizational planning

 

 Legal Obligation

Legitimate interests

 Compliance with applicable regulations governing the provision of Company’s services

To fulfill its legal and contractual obligations
To provide information in relation to the (requested) products and services available

To communicate with Customers and provide support to meet Customer’s needs

To manage relations of the Company with counterparties, partners, and service providers

 Performance of contract

Legal Obligation

Legitimate interests

 To ensure products and services are suitable for Customers

To develop and improve products and services and to define applicable charges

To identify the target market

To fulfill our legal and contractual obligations
To improve services and products

To manage our cooperation with other service providers

To analyze Customers, and efficiency of operation of products and services

To launch and test new products

To develop new products and expand its business

For Marketing activities

 Performance of contract

Legal Obligation

Legitimate Interest

 To develop and improve products and services and to define applicable charges

To fulfill legal and contractual obligations
For proper execution and performance of the agreement between the Customer and the Company

To exercise rights set out in agreements

To inform the Customer in relation to any changes to the Terms and Conditions of the services provided

 Legal Obligation

Performance of contract

Legitimate interests

 Compliance with applicable regulations governing the provision of Company’s services

To fulfill its legal and contractual obligations

Who do we share your personal data with

Unlimit shares your personal data to carry out your requests, to provide our services and perform our business or as may be required by applicable laws.

Third parties under these circumstances include:

Service providers

We will disclose personal data to third-party partners and service providers (processors) so they can process it on our behalf where required and under our instructions. These service providers are required to provide sufficient assurances in accordance with data protection law. (e.g., being bound contractually to confidentiality and appropriate data protection obligations). We will only share personal data necessary for them to provide their services.

Auditors, advisors and consultants

We may disclose personal data for purposes and in the context of audits (e.g. external audits, security audits), to legal and other advisors, in order to investigate security issues, risks, complaints etc.

As such, personal data may be transferred and disclosed to:

  • Money laundering and fraud prevention aggregation/agencies, compliance/verification services and risk prevention services. This is required in order to verify your identity, ensure protection against fraud, confirm eligibility for our services/products;
  • Banks (other credit and financial service institutions), and similar institutions. These enable us to provide our services and include correspondent banks, intermediary banks;
  • Alternative Payment Providers (such as Pix, NuBank, PicPay);
  • Payment Systems (SWIFT, Visa, MasterCard,, Unionpay), payment service providers(Pix, NuBank and PicPay), card processing and brands (Elo). These enable us to provide our services;
  • Data management, storage, archiving, cloud storage service providers;
  • Companies assisting us with provision of our services (e.g. technological services, solutions, support such as support/maintenance/development of IT applications, technology, website management, telephony/SMS services);
  • Customer support service providers and marketing service providers;
  • Administrative service providers;
  • Auditing and accounting services and consultants;
  • External legal advisors.

Internal

Entities which are affiliated/related to us that are bound to equivalent data protection obligations as us. We may disclose your personal data to those companies to:

  • Provide support services and technical services to these internal third parties and receive some of these services from them;
  • Contribute to the research, data analytics and studies to improve the products and services that the Company and other internal third parties provide.

Regulatory authorities, law enforcement, courts

We may disclose personal data to comply with applicable legislation, regulatory obligations, to respond to requests of regulatory authorities, government and law enforcement agencies, courts and court orders in Brazil, such as:

  • Supervisory Authorities including the Central Bank of Brazil (“CBB”);
  • Council for Financial Activities Control (COAF) and the Police;
  • Tax Authorities;
  • Information Exchange Mechanisms;
  • Other regulators, authorities and public bodies wherever obligations exist;
  • Other recipients may be any person/legal entity/organization for which you ask your data to be transferred to (e.g., reference etc.) or give your consent to transfer personal data;
  • We may also disclose your data in circumstances such as the following;
  • If we are under a duty to disclose or share your personal data to comply with any legal or regulatory obligation or request;
  • In order to apply or enforce the Terms and Conditions or any other agreement in place in the context of our relationship and to investigate potential breaches;
  • In order to protect Unlimit’s rights, safety or property, or that of our customers or third parties/the public. This includes exchanging information with other companies and organizations for the purposes of money laundering, fraud prevention and equivalent risks;
  • If Unlimit or substantially all of its assets are acquired by a third party, in which case personal data held by it about its Customers will be one of the transferred assets;
  • If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request;
  • In order to apply or enforce the Terms and Conditions or any other agreement in place in the context of our relationship and to investigate potential breaches;
  • In order to protect Unlimit’s rights, safety or property, or that of our customers or third parties/the public. This includes exchanging information with other companies and organizations for the purposes of money laundering, fraud prevention and equivalent risks.

Transfers outside Brazil or to international organisations

We are a company with a global reach. Your personal data may be processed locally in the Brazil, or in another country where we or our partners operate worldwide, as permitted by law. Your personal data may be transferred from the Brazil or from another country that restricts transfers of personal information to third countries or to international organizations if the transfer is necessary and has a legal basis as described in this notice. Such transfers take place for example:

  • When necessary to carry out and in the context of transactions (e.g. card transactions, payment orders to third countries, through correspondent bank in third country);
  • Under applicable law (e.g. tax legislation);
  • On the basis of your instructions or consent;
  • In the context of data processing undertaken by third parties on our behalf (e.g. the data may also be processed by staff operating outside of Brazil, who work for Unlimit or for one of our third party service providers or our Group. Such staff may be performing technical duties and support, duties related to processing of your orders, provision of support services etc.).

Should data movement take place, we may use the standard contractual clauses for restricted transfers (as amended or when made available by the Brazil Data Protection Agency (ANPD)) or other locally-compliant mechanisms (such as local transfer agreements orconsent) to ensure that an adequate or equivalent level of protection is appliable to personal data as the one in the country of origin.

We aim to take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice (e.g., requirement to observe privacy standards equivalent to ours, maintaining security standards and procedures to prevent unauthorised access, use of technology such as encryption and firewalls) to protect the security of data in transit and at rest.)

Automated decision-making and profiling

Automated decision-making means the process of making decisions through automated means of processing personal data, without human intervention. In establishing and carrying out a business relationship, we do not generally use automated decision-making.

We may process some specific data automatically, by using systems to make automated suggestions or decisions, including profiling, based on information we have or collect from other authorized sources. This helps us ensure we are able to react quickly and efficiently, with an aim also to protect our Customers. Automated decisions we may make include:

Detecting fraud: We are required to take anti-money laundering and anti-fraud measures. We may use your personal data to help us decide if an account/payment instrument is potentially being used for purposes of fraud or money-laundering/terrorist financing or sanctions contraventions. Such assessments are carried out in order to help us detect if an account/payment instrument is being used in ways fraudsters work or in a way unusual for you or the business of our Customer. If we determine there is a risk of fraud, unauthorized use, unusual activity, we may stop activity on the account/block the payment instrument and/or refuse access to them.

You, as a data subject, have the right under Article 20 of the LGPD to request for the review of decisions made solely based on automated processing of personal data affecting your interests. Should you wish to exercise this right, please contact us.

Website and Automatic collection - Cookies and IP addresses

Unlimit’s website contains forms which may be used by website visitors. When website visitors send us information online via forms on the website, in the context of provision of services, the information will be used for purposes and in ways set out in the Privacy Notice.

If you send us a CV/resume through our Website, your personal data is processed in terms of our Talent Acquisition Privacy Notice accessible on Unlimit’s careers page. Please read it should you require more information.

In some instances, Unlimit and other entities (such as service providers) may use cookies and other technologies to collect certain types of data automatically when you visit Unlimit websites and online platforms. The collection of this data enables Unlimit to improve security, usability of Unlimit’s websites and online resources and to measure effectiveness of marketing activities. We may collect information about your computer or mobile device (including for example type of operating system and browser) for system administration.

For detailed information on cookies and the purposes for which we use them, please refer to our Cookie Notice available on our website.

An IP address is a number assigned to your computer when you access the internet, which allows computers and servers to recognize and communicate with one another. IP addresses of website visitors may be recorded for IT security and diagnostic purposes. This information may also be used in aggregate form to conduct website trend and performance analysis. In the context of provision of services, IP addresses may also be used for the purposes and in ways set out in with the Privacy Notice including fraud prevention.

What are your rights and how to raise a complaint

Depending on the applicable law, you may have rights as afforded under applicable data protection law – these rights are afforded to natural persons who are data subjects of personal data which we hold as a controller. We ensure that you may exercise your rights under applicable privacy and data protection laws, which means that Unlimit endeavours to provide reasonable assistance in respect to requests from individuals regarding processing of personal data, rights to access, deletion, amendment etc.

Please note that your rights are not absolute and may be limited due to a legal basis replied upon by us to process your personal data. As the majority of processing we perform is a consequence of legal obligations, some of the rights may be limited by our legal and regulatory requirements or legitimate interests.

Depending on the applicable laws, you may have certain rights under data protection law. For example, under the LGPD you have the following rights:

Right of access This means data subjects can request a copy of the personal data retained and a confirmation from us whether personal data is processed or not.
Request correction of incorrect personal data You can request a correction of incorrect or incomplete data kept by us. In such a case, we may need to verify the accuracy of the data we have and data provided and take steps to correct our records.
Object to the processing of personal data You can object to the processing of personal data by us and request us to stop using the data in certain circumstances such as:

Processing is conducted on the lawful ground of legitimate interest or of serving the public interest; however you object on grounds relating to your particular situation;

In such a case, we may continue processing if we demonstrate that we have compelling legal grounds for processing which override your rights or that processing is necessary to establish, exercise of defend a legal claim;

Please note that despite your objection, we may continue to use your personal data. This will be in cases where processing is required in compliance with legal obligations imposed on us (the requirements of legal obligations to process and retain data will supersede any right to objection.);

Processing is conducted for marketing purposes;

In certain circumstances, if you objection to the processing of certain personal data, we may not be able to provide you services and may need to terminate provision of services.
Right to deletion of data You can request erasure of your personal data (depending on the circumstances and agreements in place) where:

Processing is no longer required for the reasons the data was collected or processed;

We are relying on consent as a legal basis, and you withdraw your consent;

You have objected to the processing of data;

The data has been unlawfully processed (i.e. breach of legal basis requirement);

Required by law;

We may continue to retain you data if another legitimate reason for doing so exists;

Our requirements to comply with legal obligations (record-keeping requirements in particular) to process and retain certain data will supersede any right to erasure requests, and we may also continue to retain/use your data if another legitimate reason for doing so exists (for exercise of legal claims and or serving in the public interest).
Restriction of processing of personal data You can request that we restrict /suspend the use of personal data if:

You requested that we verify the accuracy of your personal data we have;

Processing is unlawful but you do not request its erasure;

Processing and retention of data is no longer needed by us, but you wish that we retain it as this data is required by you to establish, exercise or defend a legal claim;

You have objected to the processing of data and are waiting for verification on our overriding legitimate interest;

In some cases restriction might prevent the Company from performing its obligations under the contractual relationship with the Customer. In such event, we will notify Customer accordingly.
Withdrawal of consent If we are relying on the lawful basis of your consent (i.e. we requested and you provided your consent), you can withdraw your consent at any time.

We may continue to process your information if another lawful basis exists for doing so. If we are unable to provide you with services due to the withdrawal of consent, we will inform you accordingly.
Data portability You can request from us to provide personal data to you directly

in an easily re-used format or to a third party if technically possible.

This right applies only to personal information provided by you to us for the performance of contractual relationship with us, or which we process based on your consent.

This right may not be fully applicable in cases where the processing is done due to a legal obligation of the Company.

Exercising your rights

Please contact our data protection team directly at contact details indicted below to exercise your rights or if you have questions about the use of your personal data.

You may be subject to identification procedures and measures in order to ensure that no personal data is disclosed to unauthorized persons. We may also request additional information/clarifications to process your request as rapidly and efficiently as possible.

All requests should contain a clear description of the object of the request in English or Portuguese.

We will not normally charge a fee to access your personal data (or exercise other rights). We may charge a fee where your request is clearly unfounded, excessive or repetitive. Alternatively, we may reject such a request as manifestly or excessively burdensome, unfounded and not submitted in good faith.

Depending on the complexity of your request and volume of data associated with it, we will aim to satisfy all legitimate requests within one month of receipt or to inform you of refusal, or of an extension period of up to three months to satisfy your request. We will notify you appropriately if your request requires more than one month to fulfil.

Right to file a complaint

If you have any complaints about the use of your personal data, exercise of your rights, please notify and/or file a complaint with our data protection function directly at the contact details indicated below or fill out and submit the relevant form available on the Company’s website: www.unlimit.com. We will immediately investigate and inform you in regard to your complaint.

Complaints must be made in English or Portuguese in a comprehensive manner and contain sufficient details and a clear description of the complaint.

If you believe that we have not been able to resolve your complaint, you may also submit a complaint to the ANPD by visiting www.gov.br.

Contact details:

Unlimit has appointed a Group Data Protection Officer at its headquarters, who can address questions and concerns and can be contacted as follows:

Data Protection Function

Unlimit Brasil Instituição de Pagamento Ltda

Av. das Nações Unidas, 12551, cj 2201, Brooklin Novo, São Paulo, 00004-578, Brazil Email: [email protected]

How long we keep your personal data

Our retention period is primarily determined by our obligations under applicable legislation to retain data for a specific period of time. Destruction will not be possible prior to the lapse of this period.

We are obliged to keep Customer data (including personal data) during the existence of the business relationship and for a minimum period of 5 years after business relationship termination, or after Customer application rejection/withdrawal, in accordance with AML legislation and other requirements applicable to our business.

We may retain certain documents which contain personal data for longer than 5 years. For example, we may keep your personal data (which may be part of certain documents) for a period of 10 years to comply with tax laws.

The retention period may be extended in case of other lawful reasons justifying longer retention (such as for complaints handling, legal proceedings, investigations, regulatory, tax, money laundering and crime and fraud prevention purposes).

How we keep your personal data secure

Unlimit has established security internal policies and procedures for secure processing of personal data in order to protect data from unauthorised access, loss, misuse, alteration or destruction. We ensure to the best of our abilities that access to personal data is limited to persons on a need-to-know basis, and that persons who have access are required to maintain its confidentiality. We utilise a series of technology and security solutions to protect data (such as storage of information you provide us on secure servers, perimeter security mechanisms, such as encryption etc.). Nonetheless, security cannot be absolutely guaranteed against all threats despite our best efforts.

Transmission of information via the internet is not completely secure. We cannot guarantee the security of data transmitted to us via email, to our website or online resources; such transmissions are at your own risk.

Where you have access to our resources via user authentication means (e.g. user credentials), you are responsible for keeping your user credentials secure and confidential and not to disclose them to any persons. Please also consult our security tips available on our website.

Your Responsibilities

You are responsible for ensuring that the information provided to Unlimit by you/about you or on your behalf is accurate and up to date, and you must inform us if anything changes as soon as possible.

If you provide information about another person, you must direct them to this Privacy Notice and ensure they also agree to Unlimit using their information as described in it.

How do we tell you when we change this Notice

We may revise or update our Privacy Notice from time to time. In such a case, we make the most recent version of the Privacy Notice available on our website, informing you accordingly by displaying in the updated version and relevant date of update.

You are advised to visit our website frequently to consult our Privacy Notice in its most recent version. An unofficial translation is made available here.

Privacy Notice
UNL.BR_DP_PN_CUST-01/2024		 Current Version
July 2024
Region Products may vary
Language Select language
We’ve got all your details, thanks!
We’ve received your application form.

One of our sales team will be
in touch ASAP.

Close