Confidentiality agreement

Updated February 22, 2018

The parts:

BALDER INTELLIGENCE SERVICES IN MARKETING DIGITAL LTDA, a limited company under the name of SAFETYMAILS, headquartered at Avenida José Silva de Azevedo Neto, nº200, block 5, sala 424, CEP 22.775-056, Barra da Tijuca, City of Rio de Janeiro (CNPJ) under No. 22.527.773 / 0001-63, herein represented by its legal representatives, hereinafter referred to as SAFETYMAILS

and on the other side,

the CUSTOMER, a natural or legal person identified by registering on the “https://panel.safetymails.com”, electronic address, represented by a person properly authorized by its legal representatives,

Considering that

I.    resolving to accept this protocol of intent, considering that for the good and faithful performance of the services provided by SAFETYMAILS with its validation, verification and hygiene tool for email addresses (SAFETYMAILS), and for meeting security criteria of (specification, functioning, performance), organizational (teams, bases, etc.) and marketing (organization, prices, brand, price tables practiced) of both parts.

II.    the parties understand that this agreement is an integral part of the SafetyMails Terms of Use ;

Chapter 1

objective of this Agreement

Sole Paragraph : The purpose of this term is the protection and confidentiality of the CONFIDENTIAL INFORMATION made mutually between the parties, due to the use of SAFETYMAILS services on a trial or contractual basis by the CLIENT, who wishes to perform the data processing of your property's email databases.

Chapter 2

Definitions

2.1 In order for the provisions of this document to remain clear and transparent, we present definitions of terms that will be cited throughout this text:

a)    Email : email address;

b)    Email Marketing : email messages sent for commercial purposes based on the CAPEM rules and the Can-Spam Act of 2003;

c)    CAPEM : Brazilian Code of Self-Regulation for Email Marketing Practice (http://www.capem.org.br/)

d)    Can-Spam Act of 2003 : Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (Pub.L. 108-187 - https://www.fcc.gov/general/can-spam) - American law against spam;

e)    GDPR : General Data Protection Regulation (Regulation (EU) 2016/679 - (https://www.eugdpr.org/) - European Data Protection Act;

f)    SPAM : email messages sent without the prior consent of the recipient;

g)    Database : repository of customer registration information, especially emails, which may contain other information such as name, age, address, among others, that allow identification and are voluntary and expressly granted by its owner for the purpose of receiving information, advertising and/or contract fulfillment and execution of services;

h)    Personal data : according to the GDPR, it is any information related to a person, who can identify it directly or indirectly, such as name, location, online identifier, among others (GDPR Art. 4, item 1)

i)    Data Controller : person or company that has control over personal data that will be processed by SAFETYMAILS services. The Data Controller becomes a CLIENT when creating an account on the SAFETYMAILS website (GDPR Art. 4, item 7)

j)    Data Processor : SAFETYMAILS is the personal data processor that works on behalf of the Data Controller, to perform a set of operations, automatic or not, such as collection of records, structuring, storage, adaptation, change, consultations , transmission, among others (GDPR Art. 4, items 2 and 8) In this case, it is SAFETYMAILS, only in the scope the purpose of its service and nothing more.

k)    SafetyMails : validation, verification and hygienization of email address bases service through a web environment, with its reports, functionalities, texts, source codes and methods;

l)    Interface : is the grouping of a set of texts, images, links, and navigation devices, under the same URL or its variants, in the Internet environment;

m)    E-mail Validation : process of individually reading the existing email addresses in a database in search of technical inconsistencies that may cause failures in their correct functioning, according to the standards parameters RFC 822 and RFC 5321 (from "ARPA Internet text messages, 1982" and all documents that may supplement or replace them), but not only these, and it is up to SAFETYMAILS to decide the other rules to adopt;

n)    E-mail Verification : Checking the existence of valid email addresses for later communication, using existing databases and other technical and legally possible forms with email providers

o)    EMail Basics : Correction of previously identified email errors, filtering of email records that are considered harmful or disposable by email validation and verification services ;

Chapter 3

Confidential information

3.1 For the purposes of this term, confidential information shall be considered as technical, operational, commercial, legal, mode of action, inventions, processes, formulas and designs, production systems, logistics and layouts , business plans, accounting methods, accumulated experience and techniques, documents, studies, opinions and research to which all employees and employees of both parties have access:

a)    by physical means, such as printed documents, manuscripts, photographs, etc;

b)    by digital means such as documents and spreadsheets online, by email or cloud-based (always protected by password or with limited and controlled access);

c)    by any means recorded on electronic media, such as CDs, DVDs, flash drives, emails or similar; and

d)    orally

3.2. It will also be considered confidential data, personal information contained in the databases shared and processed in the SAFETYMAILS environment at the CLIENT's request, such as email addresses, names, document numbers and registrations , residential addresses, age, nationality, among other similar data contained in the database, although, to carry out the end-activity of SAFETYMAILS, only email address information is required.

Capítulo 4

Non-Confidential Information

4.1 For the purposes of this term, confidential information will NOT be considered:

a)    those already available to the general public, without responsibility of the parties;

b)    those already known to the CLIENT and not acquired directly or indirectly from SAFETYMAILS;

c)    those already known to SAFETYMAILS and that were not acquired from the CLIENT;

d)    status of the email addresses consulted in SAFETYMAILS - these statuses will be part of historical database, each address being stored individually, not characterized as data sharing;

e)    all such information may be released from these terms on the express authorization of the party which has been consulted;

confidentiality and absolute secrecy

Obligations of Parties

5.1 The parties pledge MUTUALLY to:

a)    maintain in confidentiality and absolute secrecy to all the information contemplated in Chapter 3, by itself, and by its employees (if any) through SAFETYMAILS's service relationship and related to interface, design, specification, operation, organization or performance of SAFETYMAILS and any other information exchanged between the parties;

b)    not to use the confidential information to which you has access, to generate its own, present or future benefit, or for the use of third parties;

c)    not to provide personal data to third parties, except by free, express and informed consent or in the cases provided by law (Civil Code, Cap 1, Art 7, item VII)

5.2 SAFETYMAILS is committed to:

a)    for itself and its employees to maintain in confidentiality and absolute secrecy all the information contained in the bases of electronic mail addresses (emails) of the CLIENT that are submitted to processing by SAFETYMAILS;

b)    not to copy, reproduce, market, rent or provide the electronic mail (email) address bases and other aggregated data that have been provided by the CLIENT, fulfilling the requirements of Can-Spam, GDPR and Brazilian Civil Rights Framework for the Internet;

c)    use the maximum amount of available resources to maintain the protection of the data stored in your databases, as per the Data Protection Policy published on its website;

d)    inform the client of any leak of information, within 72 hours, as provided in GDPR Art.33 item 1;

5.3 The CLIENT pledges to:

a)    by itself, and by its employees, when applicable, to maintain in confidentiality and absolute secrecy all technical information obtained through BALDER's service rendering relationship and related to BALDER's interface, design, specification, operation, organization or performance;

b)    maintain total secrecy of your system access information (login and password), your personal and non-transferable information, inform SAFETYMAILS immediately in case of loss of this information, knowing that you are fully responsible for any actions taken in the SAFETYMAILS interface through your user;

c)    to care for accounts and any subaccounts in SAFETYMAILS that are under its responsibility have access only by authorized personnel and properly identified in the SAFETYMAILS system;

d)    inform SAFETYMAILS immediately of any unauthorized access or breach of security occasionally detected;

5.4 The results of consultations carried out by the CUSTOMER may also be an integral part of evaluative surveys or other materials, with the purpose of informing the market about the general quality of the market bases, progress made, among other documents such as whitepapers, slide projections, informative videos, among others, that SafetyMails deems pertinent, without mentioning specific email addresses, nor characterizing individuals or companies and therefore not violating the criteria of personal data protection or confidentiality and privacy agreements ;

5.5 In compliance with the rules, laws, regulations and good practices, if SAFETYMAILS is legally obliged to disclose any information from stored databases, it undertakes to notify THE CLIENT of such obligation, seeking to carry out your best efforts to ensure that the information thus disclosed remains confidential.

5.6 SAFETYMAILS and the CLIENT pledges to cooperate, if requested, with the authorities in case of legal request for information (GDPR, Art 31)

Chapter 6

Duration of Agreement

6.1 This term shall become effective as of the date of its acceptance by the parties (automatically made after registration in the SafetyMails system). The provisions of this instrument shall, however, be applied retroactively to any confidential information that may have already been disclosed before the date of its acceptance.

6.2 All confidentiality and secrecy information provided in this term shall be valid for 1 (one) year or for as long as the service relationship continues and for a minimum period of 5 (five) this document or the breaking of the CLIENT's bond with SAFETYMAILS.

Chapter 7

Penalties

7.1 Failure to observe any of the confidentiality provisions set forth in this instrument shall subject to the offender, as well as to the causative agent or facilitator, by action or omission of any of those related in this Term, payment, or recomposition , of all losses and damages proven by the injured party, as well as the respective civil and criminal liability, which will be determined in legal proceedings or administrative proceedings;

Chapter 8

jurisdiction

8.1 The jurisdiction to resolve any doubts or controversies resulting from the implementation of this Instrument is that of the city of RIO DE JANEIRO, State of RIO DE JANEIRO, if not resolved administratively;

And because they are so fair and agreed upon, the Parties agree to these terms upon account and user creation in the SAFETYMAILS system