Privacy Policy

Last updated: October 30, 2025

Kanecorp is committed to the security, confidentiality and integrity of the data processed in its services. This Privacy Policy describes how we process personal and corporate data on our websites and platforms, in accordance with applicable legislation, including data protection laws such as the Brazilian General Data Protection Law (LGPD).

1. Controller and Contact

As a rule, Kanecorp is the controller of the personal data collected through this institutional website and, as applicable, may act as controller or processor in the context of the platform contracted by corporate customers.

If you have any questions about how we process data or wish to exercise your rights as a data subject, you can contact our privacy/DPO team through the following channels:

• E-mail: [email protected]
• Contact form at /en#contact

2. Data We Collect

The amount and type of data collected may vary depending on how you interact with Kanecorp (institutional website, contact forms, meeting scheduling, use of the platform, etc.). In general, we may collect:

• Contact and identification data, such as name, e-mail, company, job title and information provided in contact forms or communications with our team.
• Institutional/registration data, such as legal entity name, tax ID, contractual information and details of authorized representatives in the context of corporate customers.
• Operational data entered into the platform, depending on how the customer and its users operate the platform, related to operations, logistics, analytics and activity logs in high-criticality environments.
• Technical logs and audit events, including access records, actions performed on the platform, timestamps, session identifiers and any error codes.
• Website technical metadata, such as IP address (where possible, anonymized or truncated), browser type, operating system, device, pages visited, time spent and traffic source, used for security, statistics and user experience improvement.
• Meeting scheduling data (for example, date/time, name, e-mail) when you book meetings via tools such as Calendly or similar solutions integrated into our flow.

When data collection is carried out by integrated third-party partners or providers (e.g. form, scheduling or analytics tools), processing will also be subject to those providers' own policies.

3. Legal Bases

Depending on the context and purpose, we rely on different legal bases to process personal data, including:

• Consent, when you choose to provide data in order to receive messages, materials, take part in events or use optional features.
• Performance of a contract or pre-contractual measures, to enable negotiation, signature and performance of contracts with customers and partners, as well as to respond to commercial requests.
• Compliance with a legal or regulatory obligation, where the law requires us to store or share certain data.
• Legitimate interests, in situations such as information security, fraud prevention, auditing, continuous improvement of our services and B2B relationship, always taking into account your fundamental rights and freedoms.
• Exercise of rights in judicial, administrative or arbitration proceedings.

4. Purposes for Using Data

We use the data we collect for specific and legitimate purposes, including:

• Responding to inquiries, requests and business opportunities.
• Enabling, operating and supporting the use of the Kanecorp platform.
• Processing operational data entered by users, according to the features contracted by the customer.
• Scheduling, organizing and conducting meetings and support interactions.
• Carrying out operational, statistical and performance analyses to continuously improve our services.
• Maintaining the security of our environments and preventing fraud, abuse and unauthorized access.
• Complying with legal, regulatory and contractual obligations, including record-keeping and audit requirements.

5. Information Security

We apply robust information security standards aligned with industry best practices, including technical, administrative and organizational controls to protect data against unauthorized access, loss, misuse, alteration or destruction.

Among the measures we adopt, as applicable, are:

• Encryption in transit and, where applicable, at rest.
• Environment segregation and multi-level access controls.
• Logging and auditing of relevant events within the platform.
• Credential and authentication policies, including strong passwords and, where applicable, multi-factor authentication (MFA).
• Periodic monitoring and review of permissions and administrative access.

No security measure is absolute. In the event of a relevant security incident involving personal data, Kanecorp will assess the impact and, when required by law, notify competent authorities and affected data subjects.

6. Data Sharing

We do not sell personal data. However, we may share data with third parties in the following situations:

• Service providers and processors that support the operation of our website, platform and business routines (for example, hosting providers, form tools such as Formspree, scheduling solutions such as Calendly, e-mail service providers and analytics tools).
• Business partners, when necessary to perform contracts, carry out technical integrations or deliver joint solutions.
• Public authorities, where there is a legal obligation, court order or request from a competent authority.
• Corporate transactions, such as mergers, acquisitions or reorganizations, always subject to appropriate security and confidentiality safeguards.

Whenever data is shared, we require third parties to comply with confidentiality, security and data protection obligations that are consistent with this Policy and applicable legislation.

7. Data Subject Rights

In line with data protection laws such as the LGPD and other applicable regulations, you, as a data subject, may exercise, where applicable, the following rights:

• Access the personal data we process about you.
• Request correction of incomplete, inaccurate or outdated personal data.
• Request deletion or anonymization of unnecessary, excessive or unlawfully processed data.
• Request data portability to another service or product provider, where applicable.
• Request information about public and private entities with which we share your data.
• Request review of automated decisions that affect your interests, subject to legal limits and trade secrets.
• Withdraw consent, where consent is the legal basis for processing, without affecting the lawfulness of processing carried out before the withdrawal.

To exercise your rights, please use the channels indicated in Section 1 of this Policy. We may request additional information to confirm your identity and process your request securely.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Policy, in line with legal, regulatory and contractual retention periods, as well as any additional periods required for the exercise of rights or defense in legal proceedings.

At the end of the applicable retention periods, data may be deleted, anonymized or stored in segregated environments with restricted access, in accordance with current legislation and duly substantiated legitimate interests.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the site, improve navigation, understand usage metrics and support security features. In general, the types of cookies may include:

• Strictly necessary cookies, which are essential for the operation of the site and basic navigation features.
• Performance and analytics cookies, which collect aggregated information about how the site is used and may use anonymized or truncated IP addresses where configured.
• Functional cookies, which remember preferences and choices to provide a more personalized experience.

You can manage cookies directly in your browser settings, where you may block or delete cookies. However, this may impact the functioning of certain parts of the site.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing activities, legal or regulatory updates and the evolution of our services.

Whenever there are material changes, we will publish the updated version on this page with the corresponding "Last updated" date. We encourage you to review this Policy regularly.