Rules of Security and Privacy

PagSeguro - Mexico

1. This Exhibit is an integral part of the Global Privacy Policy - Grupo UOL. If the USER uses the services, resources, technologies, or features provided by Grupo UOL for payment processing in Mexico, the following supplementary conditions shall be applicable.

2. The terms defined herein are supplementary to the ones set in the Global Privacy Policy - Grupo UOL and PagSeguro’s Rules of Security and Privacy. Except if otherwise provided herein, capitalized terms shall have the same meaning that was attributed to them in the Global Privacy Policy - Grupo UOL and PagSeguro’s Rules of Security and Privacy.

3. If there is any conflict, this Exhibit shall prevail over the Global Privacy Policy - Grupo UOL and PagSeguro’s Rules of Security and Privacy in the territory of Mexico.

(i) Handling Data

4. As for the use of services of PagSeguro and the website of PagSeguro in the territory of Mexico, the entity in charge of the data handling (who establishes the purposes and the means of handling Personal Data) is:

- PSGPMEXICO

- Domicile: Cidade do México.

- Address: Av. Santa Fe, 428, Torre III, piso 20, despacho 2001.

- Email: l-lgpd@uolinc.com

- Phone number: 52 (55) 7933-1071

(ii) Handling Personal Data

5. For payment processing in Mexico, Grupo UOL may collect the following information:

(i) name;

(ii) Local ID - INE/IFE, CURP, RFC;

(iii) e-mail address;

(iv) telephone number and recordings (in the event the USER has made any contact);

(v) date of birth

(vi) payment information.

(vii) information concerning the browser and the operating system of the device;

(viii) IP Address;

(ix) URL links and buttons clicked;

(x) Actions performed by the USER in the websites, applications, and services provided by Grupo UOL;

(xi) URL addresses of pages and screens accessed by the USER in the websites, applications, and services provided by Grupo UOL;

(xii) Date and time of all actions performed by the USERS in the websites, applications, and services provided by Grupo UOL, in addition to access to webpages and screens, and the tools and features that were used;

(xiii) Information about the device used by the USER, version of operating system, browser, among other applications and software installed;

(xiv) Session and User ID, when available;

(xv) Type of connection of the USER, such as Wi-Fi or cellphone networks (EDGE, 3G, and 4G, for instance);

(xvi) Geolocation; and

(xvii) record calls (voice) the USERS make to the call center, who works on our behalf.

6. Grupo UOL may also, in order to improve PagSeguro services and the proper operation of PagSeguro website, collect additional technical information on time zone settings and types and versions of browser’s plug-ins; information on the USER's visits, including the full URL clickstream (including date and time); products that you have viewed or researched; webpage response time, download errors; webpage interaction information (e.g., rolling, clicks, and mouse tracking); methods used for browsing outside the webpage; and telephone numbers used to call our customer support line. These data will be used with the same purposes established in the Global Privacy Policy - Grupo UOL, in full compliance with the principles and rules set in legislation in force.

No sensitive personal data will be processed by the Controller.

(iii) Purpose of handling

7. Data collected from the USERS may be used for the following purposes:

(i) Necessary purposes:

a) Identification, authentication and authorization;

b) To provide proper support to requests and questions from the USERS;

c) To keep registration updated for purposes of telephone contact, e-mail, SMS, mailing list or communication through other means;

d) To protect Grupo UOL from rights and obligations concerning the use of the website, applications, and services provided by Grupo UOL;

e) To cooperate and/or to comply with court order or requisition from administrative authority, as well as to comply with the obligations of preventively reporting certain activities to the applicable authorities;

f) To proceed with payment orders made by the USERS;

g) To manage risks and to detect, prevent and/or remedy fraud or any other potentially illegal or forbidden activities, in addition to breach of applicable policies and terms of use;

h) To check Data in private and public bureaus in order to verify if they are accurate, to update them, or to request supplementary data;;

i) Prove that business transactions were made (as well as the performance of other communication concerning PagSeguro services). (For the calls received in the call center); and

j) For purposes of monitoring and quality assurance of customer support. (For the calls received in the call center).

(ii) Secondary purposes:

a) To improve the interactive experience and use during the browsing at the websites, applications, and services provided by Grupo UOL;

b) To create statistics, studies, researches, project planning and evaluations concerning the activities and behaviors of the USER when using the websites, applications, and services provided by Grupo UOL, performing such operations in anonymous way with Anonymized Data;

c) To promote services by Grupo UOL and its partners, in addition to informing about new features, tools, contents, news and other information relevant to the relationship with Grupo UOL;

d) To submit newsletters and emails that the USERS have expressly agreed to receive;

e) To share payment information between the companies of Grupo UOL, in order to streamline the USERS’ experience when using the websites, applications, and services provided by Grupo UOL; and

f) For training purposes (For the calls received in the call center).

You may object to these secondary purposes through the mechanisms set out in the Global Privacy Policy – Grupo UOL.

8. The use, access and sharing of the database created hereunder shall be made within the limits and purposes of Grupo UOL’s activities, and it may be shared and made available for access and/or research to third parties with whom Grupo UOL has a legal relationship, for the purposes described in the Global Privacy Policy - Grupo UOL, PagSeguro’s Rules of Security, the provisions hereunder, Applicable Law or court order, and includes the following. Please consider that the purposes of the data transfers will be established in the Global Privacy Policy – Grupo UOL and/or PagSeguro’s Rules of Security. The transfers that require your consent are marked with an “asterisk” “*”:

(i) companies who are part of Grupo UOL;

(ii) business partners (financial partners);*

(iii) vendors (Gaming, Social Apps, Online Services, Physical Goods, Software, Travel and Ticketing);

(iv) service providers;

(v) authorities and public agencies;

(vi) general third parties such as tax solutions, external audit companies and law firms.

We remind you that we can transfer your personal data without your consent according to article 37 of the Federal Law on Protection of Personal Data Held by Private Parties (“LFPDPPP”).

By accepting this document, you accept the transfers that require your consent.

(iv) USER rights

9. In addition to the USER rights mentioned in the Global Privacy Policy - Grupo UOL, USERS may also exercise their Opposition rights, which grants the data subject the right to oppose the processing of personal data for specific purposes and the right to limit the use and disclosure of their personal data. USERS could exercise their rights to oppose to data transfers that require their consent. The rights explained in this paragraph can also be exercised through the mechanisms established in the “Global Privacy Policy – Grupo UOL”.


Versions in other languages are provided just for reference, if any question arises, the Portuguese version shall prevail.