Privacy Policy

Privacy Policy

This site is a digital property managed, operated, and optimized by TiMo Midia Ltda, registered under CNPJ No. 62.179.475/0001-44, with its registered office at Rua Ana de Carvalho Silveira, No. 287, Silveira neighborhood, Belo Horizonte/MG, Zip Code 31.140-440, Brazil (“TiMo Midia”). Transparency is a fundamental pillar of our operation. This document describes how we collect, use, and protect your personal data. Laws and regulatory references considered (as applicable): LGPD and Marco Civil da Internet (Brazil), Law 25.326 (Argentina), Law 1581 (Colombia), LFPDPPP (Mexico), CCPA/CPRA and other state laws (USA), PIPEDA (Canada), and APPI (Japan), among others.

1. IDENTIFICATION OF THE DATA CONTROLLER AND CONTACT

This site is a digital property managed, operated, and optimized by: TiMo Midia Ltda., registered under CNPJ No. 62.179.475/0001-44 Address: Rua Ana de Carvalho Silveira, No. 287, Silveira Neighborhood, Belo Horizonte/MG, Zip Code 31.140-440, Brazil (“TiMo Midia”). Data Protection Officer / DPO (Privacy Channel): TiMo Midia Compliance Team Email: [email protected]

2. TO WHOM THIS POLICY APPLIES (SCOPE)

This Policy applies to the processing of personal data: a) in the context of this domain (website) and the technologies used on it; and b) where applicable, in the context of digital properties and advertising inventories operated/monetized by the TiMo Network. It includes activities such as: security, measurement, fraud and invalid traffic prevention, performance improvement, advertising delivery and verification (including programmatic), and user support. This Policy may be supplemented by specific notices (e.g., cookie banner/preference center). In the event of a conflict, the specific notice for the site/environment you are in will prevail.

3. IMPORTANT DEFINITIONS

Personal data: information that identifies or can identify a person, directly or indirectly. Sensitive personal data: data concerning racial/ethnic origin, health, biometrics, political opinions, etc. (where applicable). Processing: any operation performed on data (collection, use, storage, sharing, etc.). Cookies/similar technologies: cookies, pixels, web beacons, SDKs, tags, and identifiers used for operation, measurement, security, and advertising. Programmatic advertising: automated buying and selling of advertising inventory using technology for delivery, measurement, and control (e.g., fraud prevention, frequency capping, reporting).

4. ROLES AND RESPONSIBILITIES (CONTROLLER/PROCESSOR/INDEPENDENT CONTROLLERS) 4.1. TiMo Midia’s Role

TiMo Midia acts as the data controller especially for purposes related to:

  • site operation and maintenance;
  • security and stability;
  • fraud and invalid traffic prevention;
  • measurement and aggregated reporting; and
  • advertising monetization (where applicable).

4.2. Partners and suppliers

Certain technology providers and partners (including advertising and measurement providers) may act:

  • as DATA PROCESSORS (processing data on behalf of TiMo Midia); and/or
  • as INDEPENDENT CONTROLLERS (processing data for their own purposes, according to their policies). Relevant example: Google and advertising/measurement services may process data according to their own rules. For more transparency about the Google ecosystem on partner sites, please see: https://policies.google.com/technologies/partner-sites

5. WHAT DATA WE COLLECT

5.1. Automatic collection (logs and technical data)

For site operation, security, measurement, and advertising, we automatically collect information such as:

  • IP address;
  • online and/or cookie identifiers (where applicable and according to your choices);
  • browser type and version;
  • internet service provider (ISP);
  • date and time of access;
  • referring and exit pages;
  • click, event, and navigation information (e.g., ad impressions, interactions, loading events);
  • technical device information (e.g., operating system, language, resolution, user agent);
  • security and integrity indicators (e.g., signals associated with fraud, bots, invalid traffic). These data are used for system administration, security, fraud prevention, and analysis/reporting (including aggregated data). Whenever possible, we seek to use data in an aggregated manner and/or minimize identification.

5.2. Data provided by you

When you contact us, we may collect:

  • name, email, phone number (if provided);
  • message content and sent attachments;
  • data necessary to validate your request (e.g., identity verification, when necessary).

5.3. Sensitive data and minors

Our services are not directed at minors under 18 years of age, and we do not intentionally collect personal data from minors. If we identify an inadvertent collection, we will take reasonable steps to delete it. As a general rule, we do not request sensitive data. If, exceptionally, you send such data (e.g., through contact), we will process it solely for the purpose of the requested service and with the applicable safeguards.

6. WHAT WE USE THE DATA FOR (PURPOSES)

We use personal data and browsing data to: a) operate, maintain, and improve site functionality; b) ensure security, stability, and technical integrity; c) detect, mitigate, and prevent fraud, bots, and invalid traffic; d) measure audience and performance (including aggregated statistics); e) deliver, measure, and optimize advertising (including programmatic); f) cap ad frequency and improve relevance (where applicable and permitted); g) handle requests, support, and communications; h) comply with legal/regulatory obligations and safeguard the rights of TiMo Midia and third parties.

7. LEGAL BASES (ACCORDING TO PURPOSE AND JURISDICTION)

Processing may be carried out based on one or more legal bases, as applicable:

  • Consent (e.g., advertising/personalization cookies where required);
  • Compliance with a legal or regulatory obligation;
  • Execution of a contract/preliminary procedures (e.g., requested support);
  • Regular exercise of rights (legal proceedings and protection measures);
  • Legitimate interest (e.g., security, fraud prevention, service improvement, measurement), subject to a balancing test and transparency measures. Note: in some jurisdictions, certain advertising practices and/or the use of cookies/identifiers require prior, express, and informed consent. In these cases, we will operate with appropriate consent/opt-out mechanisms.

8. COOKIES AND SIMILAR TECHNOLOGIES

We use cookies, pixels, tags, and similar technologies for site operation, measurement, security, and advertising. 8.1. Cookie categories a) Necessary Cookies: Essential for operation, security, stability, and abuse prevention. b) Performance/Measurement Cookies: Help us understand how the site is used and improve performance, through statistics and reports (aggregated whenever possible). c) Advertising/Marketing Cookies: Used to deliver, measure, and optimize ads, which may involve ad personalization where applicable and permitted. 8.2. How to manage preferences

  • Banner/Preference Center: when available, you can accept, reject, or adjust categories.
  • Browser/Device: you can block or delete cookies in your browser settings. By disabling cookies, some functionalities may be affected, and the user experience may deteriorate.

9. PROGRAMMATIC ADVERTISING, GOOGLE (AD MANAGER/ADX) AND CONSENT MODE

9.1. Google Ad Manager and Google AdX

TiMo Midia uses advertising technology platforms, including Google Ad Manager and Google Ad Exchange (AdX), and may operate as a partner in the Google ecosystem (e.g., MCM/AdX), as applicable.

9.2. Google Consent Mode (Consent Mode v2) and consent signals

Where applicable, we use Google Consent Mode to adjust tag behavior according to your choices, including the following signals:

  • ad_storage (storage for advertising);
  • analytics_storage (storage for measurement/analytics);
  • ad_user_data (sending/using user data for advertising purposes);
  • ad_personalization (ad personalization). 9.3. Operation with consent rejection and “cookieless pings” If you reject certain consents, the tags may operate with restrictions (e.g., without cookies for that purpose) and only send signals/pings with storage limitations. In these scenarios, certain providers may use data in an aggregated manner and/or use statistical modeling for reporting and measurement, without this amounting to the full use of identifiers/cookies for personalized advertising. 9.4. Transparency regarding Google partners For more details on how Google may process data on partner sites, you must refer to: https://policies.google.com/technologies/partner-sites 9.5. Third-party cookies and technologies Other advertising technology and measurement partners may use cookies/IDs on this site for:
  • campaign measurement;
  • ad verification;
  • security and fraud prevention;
  • reporting, frequency capping, and (where applicable) personalization. TiMo Midia does not directly control third-party technologies, which may process data according to their own policies.

10. DATA SHARING (CATEGORIES OF RECIPIENTS)

We may share data, to the extent necessary and according to your choices/settings, with:

  • hosting, infrastructure, security, and technical support providers;
  • measurement and analytics tools;
  • advertising technology (AdTech) partners, including ad management, delivery, and verification platforms;
  • fraud and invalid traffic prevention service providers;
  • consulting and auditing firms (when necessary, with safeguards);
  • public authorities and competent bodies, upon legal obligation, court order, or valid request. Important Note (USA/California and other jurisdictions): The sharing of identifiers and browsing data with advertising partners may be interpreted as a “sale” and/or “sharing” for behavioral advertising under some local laws. Where applicable, we provide opt-out mechanisms through cookie preferences, browser settings, and/or our contact channel.

11. INTERNATIONAL DATA TRANSFER

Due to global operations and the use of technology providers and partners, data may be processed and stored outside the user’s country of residence. Where applicable, we adopt safeguards for international transfers, including:

  • transfer to countries/organizations with an adequate level of protection; and/or
  • contractual clauses and mechanisms recognized by applicable standards (in Brazil, according to ANPD regulations on international transfers and standard contractual clauses).

12. RETENTION AND DELETION

We retain personal data and browsing records for as long as necessary to:

  • fulfill the purposes of this Policy;
  • meet legal/regulatory obligations;
  • enable audits and security analyses;
  • prevent fraud and safeguard rights. Once the necessary period has elapsed, the data will be deleted or anonymized whenever technically possible and compatible with legal obligations. Brazil (where applicable): we observe the minimum record retention periods set forth in the Marco Civil da Internet and other relevant standards, particularly regarding application access logs.

13. DATA SUBJECT RIGHTS (PRIVACY) AND RESPONSE TIMES

You may exercise your rights free of charge by emailing [email protected] For your security, we may request additional information to verify your identity and validate the request. Rights generally covered (depending on applicable jurisdiction): confirmation of processing, access, correction/rectification, anonymization/blocking/deletion, portability, opposition, withdrawal of consent, information on data sharing, and review of automated decisions (where applicable).

13.1. Response times by jurisdiction (operational reference)

  • Brazil (LGPD): simplified format, immediately when possible; and through a clear and complete statement within 15 days of the request, respecting commercial/industrial secrets.
  • Argentina (Law 25.326): access within 10 calendar days; rectification/updating/deletion within 5 business days (according to legal requirements). Free access may have a minimum interval of 6 months, barring legitimate interest.
  • Colombia (Law 1581): inquiries within 10 business days (extendable by up to 5 business days with justification); claims within 15 business days (extendable by up to 8 business days with justification).
  • Mexico (LFPDPPP): decision within 20 days (from receipt); if applicable, execution/effectiveness within 15 days after the response is communicated (timeframes may vary according to applicable rules and exceptions).
  • USA (CCPA/CPRA and state laws): generally a response within 45 calendar days for verified requests, with the possibility of an extension as permitted by law.
  • Canada (PIPEDA): response within 30 calendar days, with the possibility of extension in specific cases and notice to the data subject.
  • Japan (APPI): handling within a reasonable timeframe, according to legal requirements, including rights of disclosure, correction, and cessation of use where applicable. Note: Timeframes may vary depending on the nature and complexity of the request, the need for verification, legal retention hypotheses, and exceptions provided by law. We will always seek to respond within the applicable legal timeframes.

14. USA – RIGHT TO OPT-OUT (“DO NOT SELL OR SHARE”) AND BEHAVIORAL ADVERTISING

Where applicable (e.g., residents of California and other jurisdictions with specific rules), you may:

  • opt-out of the “sale/sharing” of data for behavioral advertising;
  • limit the use/disclosure of sensitive information (where applicable);
  • request access, correction, and deletion as permitted by law. You may exercise these rights: a) through the cookie preference center/button (when available); and/or b) by emailing [email protected]

15. DIGITAL ACCESSIBILITY (BRAZIL)

In compliance with Brazilian inclusion legislation and with the aim of ensuring accessibility, we seek to keep our interfaces aligned with international best practices and, where applicable, with the ABNT NBR 17225:2025 standard and WCAG 2.2 AA guidelines. Accessibility commitments (goals):

  • Keyboard navigation (no “focus traps”) and visible focus;
  • Responsive design preserving content/function on small screens (e.g., 320px CSS);
  • Use of proper semantics (headings, lists, tables) for assistive technologies.

16. INFORMATION SECURITY

We adopt reasonable technical and organizational measures to protect data against unauthorized access, destruction, loss, alteration, improper communication, or diffusion. We seek to align our controls with recognized good practices and, where applicable, with international security and privacy standards (e.g., ISO/IEC 27001 and 27701). Despite our efforts, no environment is completely risk-free. If we identify relevant incidents, we will adopt containment and communication measures as required by applicable legislation.

17. UPDATES TO THIS POLICY

This Policy may be updated at any time to reflect operational, regulatory, or technological changes. We recommend periodically reviewing it. The “Last updated” date at the top of the document indicates when the most recent version became effective.

18. HOW TO CONTACT US

To exercise rights, make inquiries, or send requests: Email: [email protected] Address: Rua Ana de Carvalho Silveira, No. 287, Silveira Neighborhood, Belo Horizonte/MG, Zip Code 31.140-440, Brazil.