Privacy Policy

Last updated: April 4, 2026

1. Introduction

AIOOH ("we", "our", "the Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our mobile applications.

This policy applies to the following applications:

Aiooh Vendedor

Package ID: br.com.aiooh.vendedores

Application for sales management and OOH media operations.

Aiooh Operador

Package ID: br.com.aiooh.operacoes

Application for field activity management and operations monitoring.

Please read this Privacy Policy carefully. If you do not agree with the terms described herein, do not use our applications.

2. About the Applications

The AIOOH applications are B2B (business-to-business) platforms specializing in the out-of-home (OOH) advertising market. They are designed to facilitate sales management, field operations, and documentation of activities related to OOH media.

The applications work together with AIOOH's servers to synchronize data and ensure that you have access to the information necessary for your operations.

3. Data Collected

3.1 Data Collected by Both Applications

Data Type	Description	Purpose
Email and Password	Authentication credentials for accessing the application	Secure authentication and authorized access
Device Information	Device type, OS version, unique device identifier	Session management and compatibility
Internet Access	Data synchronization and API communication	Communication with AIOOH servers

3.2 Additional Data Collected by Aiooh Operador

The Aiooh Operador collects specific data necessary for field activity documentation:

Data Type	Description	Purpose
Camera	Access to capture photos of field activities	Documentation of OOH media operation activities
Location (GPS)	Geographic location coordinates	Presence verification (check-in) at OOH media sites
Device Storage	Local storage space for offline photo queue	Offline operation and photo synchronization queue

Important: When you use Aiooh Operador to capture photos, you are capturing images in public locations. You are responsible for ensuring that you have authorization to photograph at each location and that you respect the privacy of third parties.

3.3 Data We Do Not Collect

We do not collect or request:

Sensitive personal data (race, religion, health, sexual orientation, political affiliation)
Identity document or passport numbers
Payment information or credit card data directly in the applications
Contacts or friend lists from your device
Browsing history or browser data
Health or physical activity data

4. How We Use Your Data

We use the information collected exclusively for the following purposes related to the commercial operations of the applications:

Authentication: Verifying your identity and granting secure access
Session Management: Keeping your session active and secure
Data Synchronization: Keeping your data up to date across devices
Field Operations: Documenting and tracking OOH media operation activities
Location Verification: Confirming your presence at OOH media sites for check-in purposes
Service Improvements: Technical problem diagnosis and performance optimization
Legal Compliance: Fulfilling legal and regulatory obligations

4.1 We Do Not Share Your Data

Your data is not sold, rented, or shared with third parties for marketing or any other commercial purpose unrelated to the operations of the applications.

5. Storage and Security

5.1 Credential Storage

Your authentication credentials (email and password) are stored in encrypted form on AIOOH's secure servers. Passwords are never stored in plain text.

5.2 Token Storage

Session tokens are stored in encrypted form on your device and expire after a period of inactivity for security purposes.

5.3 Secure Communication

All communications between the applications and AIOOH's servers are conducted through encrypted HTTPS connections. This protects your data in transit.

5.4 Photo Storage

Photos captured in Aiooh Operador are:

Initially stored in the local storage of your device
Synchronized with AIOOH's secure servers as soon as a connection is available
Kept in encrypted storage on our servers
Accessible only for authorized OOH media operation purposes

5.5 Security Measures

We implement the following security measures:

Data encryption in transit (HTTPS/TLS)
Data encryption at rest on servers
Strong authentication and session management
Limited data access to authorized personnel only
Continuous security monitoring

Limitation: While we implement robust security measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

6. Your Rights

6.1 Rights Under LGPD (Brazil's General Data Protection Law)

In accordance with the LGPD (Brazil's General Data Protection Law — Lei nº 13.709/2018), you have the following rights:

Right of Access: Access the personal data we hold about you
Right of Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request the deletion of your data (with legal exceptions)
Right to Data Portability: Receive your data in a structured and readable format
Right to Object: Object to the processing of your data in certain circumstances
Right to Anonymization: Request the anonymization of your data

6.2 How to Exercise Your Rights

To exercise any of these rights, please contact us using the email address provided in the Contact section. We will respond to your request within 15 business days, as required by LGPD.

6.3 Exercising Rights Within the Application

You can manage your account information and preferences directly within the AIOOH applications through the profile settings.

7. Data Retention

7.1 Standard Retention Period

Data Type	Retention Period	Justification
Authentication Data	During the period of active use + 90 days after account deactivation	Necessary for continued access and legal compliance
Session Data	While the session is active	Access management and security
Captured Photos	While necessary for operational purposes + minimum 2 years by law	Activity documentation and legal compliance
Activity Logs	Minimum 1 year	Audit and security analysis

7.2 Data Deletion

After the retention period, your data is permanently deleted or anonymized, except when the law requires us to maintain records for longer periods.

8. Data Sharing

8.1 Within AIOOH

Your data is accessible only to AIOOH employees who have a legitimate need to access it in order to perform their functions. All employees are required to maintain confidentiality.

8.2 With Third Parties

We do not share your personal data with third parties, except in the following cases:

Service Providers: Companies that help us operate the applications (hosting, analytics), under confidentiality obligations
Legal Requirements: When required by law, legal process, or governmental authorities
Rights Protection: To protect our rights, privacy, security, or property
Corporate Transfer: In the event of a merger, acquisition, or asset sale

8.3 International Transfers

If your data is transferred outside of Brazil, we ensure that this occurs under appropriate protective mechanisms as required by LGPD.

9. LGPD Compliance

9.1 Legal Basis for Processing

We process your data based on the following legal bases under LGPD:

Contract: Performance of a contract with you or your employer for use of the applications
Legal Obligation: Compliance with legal and regulatory obligations
Legitimate Interest: When necessary for operations, security, and fraud prevention

9.2 Data Protection Officer (DPO)

AIOOH has appointed a Data Protection Officer responsible for privacy matters. For matters related to data protection, you may contact us using the email provided in the Contact section.

9.3 Right to Lodge a Complaint

You have the right to lodge a complaint with the Autoridade Nacional de Proteção de Dados (ANPD — Brazil's National Data Protection Authority) if you believe your privacy rights have been violated. Visit www.gov.br/cidadania/pt-br/acesso-a-informacao/lgpd for more information.

10. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legislation, or other factors. The "Last updated" date at the top of this page will indicate when it was last modified.

If we make material changes that affect how we handle your personal data, we will notify you through the application or by email. Your continued use of the applications after the changes constitutes your acceptance of the modified Privacy Policy.

11. Contact

If you have questions, concerns, or wish to exercise any right under this Privacy Policy and LGPD, please contact us:

AIOOH

Email: contato@aiooh.com.br

Recommended subject: [PRIVACY] Your specific request

Expected response: We will respond to your request within 15 business days, as required by LGPD.

Additional Information for Google Play Users

This Privacy Policy was prepared in accordance with Google Play's Sensitive Data Policies. The AIOOH applications declare the use of the following sensitive permissions:

Camera (Aiooh Operador): For capturing photos of field activities
Location (Aiooh Operador): For presence verification at OOH media sites
Storage (Aiooh Operador): For offline photo queue management