Effective Date

This policy is effective as of July 19, 2021, subject to modifications through communication to the user, as stipulated in this document.

This Privacy Policy is an integral and inseparable part of the General Terms and Conditions of contracting by Federica C D.

Your privacy is important to us. By accessing FASHIONiNSP and www.fashioninsp.com, hereinafter referred to as "the platform" and "the website", you agree that Federica C D, hereinafter "THE OWNER", may access, store, use, and delete the personal data you provide in accordance with the following terms of the Privacy Policy:

Concepts

• In this privacy policy, we address concepts and definitions as described: “personal data”, “special categories of data/sensitive data”, “process/processing”, “data controller”, “data processor”, “data subject”, “holder”, “subject” and “supervisory authority/regulatory authority/Regulatory Unit/control body” will have the same meaning as in Law 18.331, Decree 414/009, and Decree 64/020, relating to the protection of natural persons with regard to the processing of personal data (whereby the "authority" is understood as the Regulatory and Control Unit of Personal Data or URCDP);

• "data exporter" means the controller who transfers the personal data;

• "data importer" means the controller who agrees to receive personal data from the data exporter for further processing in accordance with the terms of these clauses and who is not subject to the system of a third country that ensures adequate protection;

• "clauses" mean these contractual clauses, which constitute an independent document that does not include commercial conditions established between the parties under other commercial agreements.

We understand the importance of your privacy. It's important to us too. We commit to providing transparency in our privacy practices and control over your data related to the service of Federica CD (as defined in the Terms of Use of Federica CD). We work in accordance with Law 18.331, the LPDP (Uruguay), COPPA, CCPA (USA), the GDPR (General Data Protection Regulation), and other regulations related to the Protection of personal data. Moreover, Federica CD will not send unsolicited messages or emails to individuals outside of our service user relationship, thus adhering to the regulations on control and prevention of SPAM, as well as the CAN-SPAM Act (USA).

By using the service of Federica CD, you accept the practices described in this Privacy Policy. If you do not agree with the terms of this Privacy Notice, please do not use our services.

THE 7 PRINCIPLES OF LAW 18.331 AND THE COOKIE POLICY

According to Law 18.331, Federica CD, her associates, and subcontractors will be governed by this document for the lifecycle of personal data, ARCO rights, and all processing as established in the following principles:

• Legality. Personal data shall be collected and processed in accordance with article 6 of the LPDP and other applicable regulations. We will be transparent in obtaining clear, prior, and specific consent for each purpose.

• Truthfulness. Data will only be collected and processed for the necessary purpose that was previously informed to the user/interested party. The personal data collected for processing purposes must be truthful, adequate, fair, and not excessive in relation to the purpose for which they were obtained.

• Purpose. Only the minimum necessary data will be collected to fulfill the purpose. Once they are no longer necessary for their purpose, they will be destroyed, in accordance with the principle of Pro-active Responsibility.

• Prior informed consent. In accordance with article 9 of the LPDP, the processing of personal data will be effective once the data subject has given their free, prior, express, and informed consent, which will also be documented.

• Data security. Necessary measures will be adopted to ensure the security and confidentiality of personal data. These measures will aim to prevent their alteration, loss, consultation, or unauthorized processing, as well as to detect information deviations, whether intentional or not, whether the risks come from human action or the technical means used.

• Confidentiality. Measures will be adopted in the database, to use it in a confidential and exclusively manner for the usual operations of its business or activity, being prohibited any dissemination of it to third parties.

• Responsibility. As the controller of the database, and having processors of the same, proactive responsibility will be exercised, including Privacy by Design and Privacy by Default in all its terms.

Regarding the cookie policy, if they identify a user, then they contain personal data and therefore are subject to the effects of Law 18.331 (LPDP) and other data protection regulations. For this purpose, the user will be notified on the first page of the service, of the use of cookies and what types are used for its purpose, giving them control to perform the Opt-In or Opt-Out as they see fit.

ATTENTION: You can exercise your ARCO rights, rights of Access (including the right to obtain a copy of the personal data subject to processing), Rectification, Right to be Forgotten (Cancellation/Deletion), Opposition, Limitation to Processing, and Portability, Update, Objection among others, at any time, and the data controller, once aware, will keep you informed about the course and resolution of the same. For this purpose, the following means are enabled:

• By email to: fashioninspapp@gmail.com

• In writing addressed to the following address: Marco Bruto 1472

• In person and verbally, where your request will be duly noted.

The exercise of the mentioned rights will be free of charge (Principle of Gratuity) for its holder (GDPR, considering #59), as long as the period of request between one exercise and another is more than thirty consecutive days. The necessary means will be provided to comply with the requested without any delay. However, if the medium or support requested by the holder implies an additional and unconventional cost (not belonging to the list ut supra) for the Database Controller, it will be transferred to the applicant.

By clicking the Accept buttons and downloading files, the user will accept, without reservations, the use of the platform under the following terms and conditions, as if they had signed a legally binding contract in writing.

If you wish to exercise your data protection rights of Access, Rectification, Cancellation, and Opposition to the processing of your data (ARCO Rights), you must send us an email to fashioninspapp@gmail.com

Each time you use our services, you must verify the date of this Privacy Notice and review the changes that have been made since your last visit, which are considered updates.

OBJECTIVES OF THE POLICY

Our privacy policy aims to describe how and what data we collect, and how and why we use your personal data, if we can share it and with whom. It also describes the options we offer for you to access, update, or control or receive your personal data that we process. The owner guarantees through this document and in all its services, the Protection of Privacy by Design and by Default (GDPR, article 25 and article 12 of the law 18331 in its wording given by law 19670), and therefore, will not collect or process any personal data that is not previously obtained through express, free, and unequivocal consent requested and granted in this content. In case you detect a possible inconsistency with the privacy policy by design, please let us know by email to: contacto@fashioninsp.com. Once the situation is analyzed, if confirmed, we will adjust it to the law, as soon as possible.

The use of the information we now collect is subject to the Privacy Policy in effect at the time of using that information. In case of making substantial changes in the way we use your personal information, we will notify you when you access our Service. Users are required to read the changes in the privacy policy to use the Service after the posting of such changes.

DESCRIPTION OF THE SERVICES WE PROVIDE

The services provided by the platform are as follows:

FASHIONiNSP is an app where you can scroll through fashion inspiration images and can also create folders called wishlists. To achieve this, FASHIONiNSP must associate each wishlist to a specific user, so will need to store your google email, the one you used to sign in.

• CONSENT TO THE PROCESSING OF YOUR DATA

The click you make on this form, as well as on the boxes of other forms we send you, will imply a "clear affirmative action" of your acceptance of the associated terms and conditions, and the granting of your consent in a free, specific, informed, unequivocal, and express manner to collect your data, and for the processing and purposes described in this and other documents associated with such forms.

Notwithstanding this privacy policy, we may include additional measures, depending on the type of data, or the type of processing, current regulations require special consent. For the processing of data of minors under 18 years of age, we will require authorization from their legal representatives.

REVOCATION OF CONSENT

Your consent can be revoked at any time by contacting us through the contact details appearing at the beginning of this document.

The Data requested by this Platform may be considered mandatory, so refusal to provide them could prevent this from proceeding with the provision of the Service, in case such data are considered necessary for the execution of the contract. In cases where this Platform specifically indicates that certain Data are not mandatory, Users are free not to communicate such Data without this having any consequence on the availability or functioning of the Service. Users who have doubts about which Data are mandatory can contact the Database Controller, at the contact email established in this privacy policy document.

• PRIVACY OF MINORS

Our Service is not directed to individuals under 18 years of age.

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected Personal Data from minors without verification of parental consent, we take steps to remove that information from our servers.

CONSENT FOR DATA PROCESSING OF MINORS

In case some of the data, registered, published, or shared through this platform by the user, belong to a third party, the user grants in this act on behalf of said third party, the necessary consent for its processing, under the same terms consented through the platform for their own data.

PROCESSING OF THIRD PARTY DATA PROVIDED BY OUR CLIENTS/USERS

THE OWNER processes third-party data provided by the user for processing through the platform, on behalf of the user, as a data processor. In such cases, the user is the DATABASE CONTROLLER. If the third party wishes to exercise any data protection rights that may be available under applicable laws or if they have questions or concerns about how their personal information is handled by the Platform as a data processor on behalf of our clients or users, they should contact such user or client who is using the services of the PLATFORM, and consult their privacy policies.

If you no longer wish a user to process your data through our Services, please contact that user directly to request it. If you contact us directly, we may delete or update your information within a reasonable time and after notifying our clients or users of your request.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identity to help us respond efficiently to your request.

PERSONAL DATA WE COLLECT

Your personal data are collected on the platform when you voluntarily provide them.

"THE OWNER", either directly or through third parties, collects, stores, and processes, through the platform, your following data: Email.

WHERE WE COLLECT YOUR DATA FROM

We collect your data:

• When you sign up as a client to our platform

HOW (TYPES OF PROCESSING), FOR WHAT PURPOSE, AND WITH WHOM WE SHARE YOUR DATA

Our privacy policy includes the principle of minimizing the data we collect and limiting its use and purpose only to what we are permitted and to the extent necessary to provide the services you acquire, except for those purposes allowed to comply with legal obligations or other lawful purposes. In virtue of the aforementioned, and in accordance with the regulation, and with the provisions of this policy, once the purpose of the data processing is achieved, the data will be blocked and destroyed.

TYPES OF PROCESSING

The Platform Owner will carry out the following data processing activities: Registration, Storage and Preservation, and Communication.

FOR WHAT PURPOSE WE PROCESS YOUR DATA and WITH WHOM WE SHARE IT

Specifically, we will carry out the referred processing of your personal data for the following purposes:

• Provision of the contracted service

• User authentication and authorization to access their account

• Attention and resolution of requests or doubts required by the Users

• Sending information that may be of interest to the User

• Information on news or activities carried out from the Platform

• Improvements, updates, and expansion of the Services we provide to you

• Marketing activities, including sending marketing material and making phone calls to the user for promotional purposes

• Detection, prevention, and resolution of security and technical issues

• Obtaining global statistics on the use of the Services and Products offered by the Platform

Activities of sending Newsletters, email marketing, SMS, and text messages.

• Automated Marketing Platform

By subscribing to this page you acknowledge that the information you provide will be transferred to an automated marketing platform owned by third parties, for the purpose of processing your data in accordance with the Privacy Policies and terms of said automated marketing platform.

Specifically, we use N/A.

You can change your mind at any time and unsubscribe from our email marketing actions, newsletters, and direct advertising, by clicking on the unsubscribe link found at the bottom of any email you receive from us or by contacting us through fashioninspapp@gmail.com.

DATA RETENTION TIME

The Personal Data of the user will be processed and kept for the purpose for which they have been collected for the duration of the contractual and commercial relationship between the Database Controller and the user and as long as there are pending obligations to be fulfilled, and as long as the data subject does not request the cancellation of their data within the framework of current regulations and this document.

Once the retention period has ended, the Personal Data must be deleted. This is without prejudice to the platform's right to keep such data for an additional period of time when:

a- the User has consented to it, except for the request for their cancellation in accordance with current regulations and as provided by this privacy policy.

• for the period of prescription of actions that may arise from the data subject as well as any claim that the Database Controller may receive from competent public bodies on the matter, or for the time allowed by law or necessary for the fulfillment of any legal obligation, justified provision of the competent control body, or court order.

Depending on the case, the platform will securely delete the information or anonymize it. And if this is not possible, it will securely store your Personal Information and isolate it from any further processing until deletion is possible, blocking access to it.

Once the data is deleted for the reasons mentioned above, the user will not be able to exercise the rights of access, modification, rectification, and data portability.

INTEGRATION WITH SOCIAL NETWORKS

Our websites include social media features, widgets, or social network tags, such as the Facebook "Like" button and widgets, or share buttons.

These or other interactive mini-programs that run on our websites may collect your IP address, which page you are visiting on our sites, and may set cookies to enable the feature to function properly. Social network buttons and widgets will be hosted by a third party. User interactions with these buttons, widgets, or small applications are governed by the privacy policy and other policies of the companies that provide them.

Our websites provide links to other websites. We do not control, nor are we responsible for the content or practices of these other websites. Our provision of such links does not imply our endorsement or sponsorship of these other websites, nor their content, their owners, or their practices. This privacy policy does not apply to such other websites, which will be governed by their own privacy policies and other directives they may have.

SECURITY

THE OWNER has also implemented all the necessary security measures to prevent unauthorized third parties from accessing the data. This includes, in addition to physical, technical, and organizational security measures, as well as legal measures for access only to employees or subcontractors who need to access the data for work reasons, who will be subject to confidentiality clauses and professional secrecy obligations.

All personal data and information provided by users when registering on the PLATFORM will be stored on a secure server that allows protecting such data against unauthorized uses and accesses and ensuring that Data processing is carried out using computer tools that allow compliance with the purposes consented to in this privacy policy.

Your information is encrypted and securely transmitted to us online. You can verify this by looking for a lock icon in the address bar and looking for "https" at the beginning of the web page address.

THE OWNER will also adopt the following security measures:

• Special measures to prevent data leaks, malware installation, or prevent or prevent other related risks from occurring, such as attacks by crackers, denials of service, damage to computer systems, etc. It will also adopt a proactive attitude on the part of companies regarding their duty to communicate such incidents to the competent authorities and affected users when their privacy or intimacy is at risk.

• Secure access to the company's system and/or its databases

• Backup procedures and Technical and organizational measures appropriate to ensure that, by default, only personal data that are necessary for each of the specific purposes of the processing are processed

DATABASE LOCATION
The database where your personal data is stored uses Firebase, Firestore, and Storage, services provided by Google Cloud Platform. These services comply with robust privacy and security standards, including compliance with the General Data Protection Regulation (GDPR) in the European Union and other relevant legislation. Google Cloud services, including Firebase, Firestore, and Storage, are designed with security in mind and offer various certifications that attest to its security measures.

For more information on Firebase, Firestore, and Storage's compliance and security practices, you can visit the Google Cloud Trust and Security center at https://cloud.google.com/security.

By using or registering on the PLATFORM, you expressly consent to the storage of your information in these services provided by Google Cloud.

PLACE OF PROCESSING
The Data are processed within the infrastructure of Google Cloud Platform, which includes multiple data centers around the world. Google employs a number of security measures to protect the data and ensures that it's processed in a manner that complies with applicable data protection laws. The exact location of processing depends on Google's global infrastructure, designed to ensure the reliability and speed of the services.

In addition to Google's infrastructure, some processing activities may take place at the offices of the Database Controller or any other place where the parties involved in such processing are located, provided that all such processing is conducted in accordance with our privacy policy and the applicable data protection legislation.

By using our services, you acknowledge and agree that your personal data may be processed in these locations for the purposes described in our Privacy Policy.

RIGHTS OF ACCESS, RECTIFICATION, MODIFICATION, CANCELLATION, AND PORTABILITY OF PERSONAL DATA

THE OWNER, RESPONSIBLE for the Database, commits to facilitating the user the exercise of the rights of access, rectification, deletion, inclusion of their personal data, as well as their portability, permanently communicating their location so that these can effectively exercise such rights at any time, so that it is as easy to register as it is to delete the data of the users.

Specifically, AT ANY TIME AND DIRECTING TO THE CONTACT EMAIL contacto@fashioninsp.com, the user will have the right to:

• WITHDRAW THEIR CONSENT granted in this document and to OPPOSE the processing at any time.

• ACCESS the data collected by the owner of the platform

• REQUEST THE MODIFICATION of their data, so that they are accurate

• REQUEST THAT THEIR TREATMENT IS RESTRICTED

• REQUEST THE DELETION.

• RECEIVE AND TRANSFER THE DATA TO ANOTHER PERSON (right to the "portability" of your personal information). That is, the user can export a copy of the content of the personal data of their account on this platform, whether for the purpose of making a backup or using it with a service external to this platform.

The user may also present, in the same manner, the complaints or suggestions they deem appropriate.

• COMPLAIN TO THE COMPETENT AUTHORITY for infringement of their rights

HOW TO EXERCISE YOUR RIGHTS

For the Request for ACCESS, MODIFICATION, RECTIFICATION, PORTABILITY OF YOUR PERSONAL DATA, direct to the following email:

Email: fashioninspapp@gmail.com

Requests will be processed by the Owner free of charge within the maximum period of one month, provided that the period of request between one exercise and another is more than thirty consecutive days. The necessary means will be provided to comply with the requested without any delay. However, if the medium or support requested by the holder implies an additional and unconventional cost (not belonging to the list ut supra) for the Database Controller, it will be transferred to the applicant.

MODIFICATION OF THE PRIVACY POLICY

The Owner reserves the right to modify the terms of the privacy policy contained in this document, at any time, notifying the user, through the platform or by email. This is without prejudice to obtaining the user's consent, if necessary.

Users are urged to frequently review the website, taking the last update as a reference.

COOKIE POLICY

The use of such Cookies - or other tracking tools - by this Platform or by the owners of third-party services used by this Platform allows us to better provide the Service requested by you. Ultimately, the inclusion of cookies allows us to offer you more relevant and useful products or services to you, and for you to have a better experience on our platform.

To enable you to exercise your rights as the holder of personal data rights regarding the use of Cookies, we provide you with the following information:

• To exercise your rights, you can direct to the following email contacto@fashioninsp.com, specifying the right you wish to exercise. It is recommended that you provide all the information about the Services you use or have used.

• Also, it is advisable to read our Privacy Policy, as it specifically specifies how to exercise your data protection rights and how to do it.

To exercise your rights in relation to Cookies, You can:

• a) Delete Cookies through your browser

Most web browsers allow you to manage the user's preferences regarding the use of Cookies at any time. You can delete existing Cookies in your browser and change the settings of these at any time, configuring your browser through the options that each manufacturer provides to accept, or not, the Cookies it receives or for the browser to warn you when a server wants to save a cookie.

If you reject all or some of the Cookies, you may not be able to use the services of the Web Pages and Apps of our services that require "log in" nor take full advantage of everything it offers. Browsers are by default enabled to allow Cookies.

You can perform the following actions with Cookies:

a) Search for the links or indications of device and browser manufacturers for the management or deactivation of Cookies in your browser.

b) Use the storage management tools of Cookies In addition, you can manage the Cookie store in your browser, following the indications for example in the following link: http://optout.aboutads.info/?c=2#!/ (http://optout.aboutads.info/?c=2#!/)

c) Reject the Cookies of each collaborating company with us.

Click on ACCEPT if you accept the COOKIE POLICY, confirming that you have read the information and accept the activation of the cookies. After accepting we will not show this message again. At any time, you can change the configuration (configuration option) and obtain more information about our cookie policy.

After activating the cookie policy, you can deactivate it at any time, by entering the Privacy configuration that exists on the page or by sending us an email with the Subject "DEACTIVATE COOKIES".

ACCEPT ☐ SEE MORE ☐ DO NOT ACCEPT ☐

SEE MORE:

TYPES OF COOKIES USED

Our platform uses the following cookies: Analytical Cookies:

They collect statistics on the user's activity when visiting the page and the general activity of the same. The information collected is anonymous and allows optimizing navigation through our web page and guarantee the best service to the user. We use our own and third-party Cookies.

Do you wish to activate the ANALYTICAL COOKIES POLICY? Yes ☐

Session Cookies:

They are a type of technical Cookies designed to collect and store data while the user accesses a web page. They are usually used to store information that only interests to keep for the provision of the service requested by the user on a single occasion (For example: a list of products purchased).

Do you wish to activate the SESSION COOKIES POLICY?

Yes ☐

Persistent Cookies: They are a type of Cookies in which the data is still stored in the terminal and can be accessed and processed for a variable period defined by the Cookie's responsible. All and each of the preceding Cookies may be, in turn: Own or Third Parties.

Do you wish to activate the PERSISTENT COOKIES POLICY?

Yes ☐ and Internal or own use Cookies

Cookies created by our Platform for, for example, allowing user authentication, maintaining the session when you go out and enter the web page, maintaining the preferences about the language selected by the user.

Do you wish to activate the INTERNAL OR OWN USE COOKIES POLICY?

Yes ☐

PURPOSE OF USE OF COOKIES

-To develop new products and improve our services

The owner of the platform may use information to improve their existing products with new functionalities/features and develop new products Create new models and algorithms through machine learning.

From this purpose, no other data processing operation allowed under a different purpose can be carried out.

Activate cookies so we can develop new products and improve our services

Yes ☐

The recipients of the data generated by the Cookies are: FASHIONiNSP

DATABASE CONTROLLER AND CONTACT INFORMATION

Federica CD

fashioninspapp@gmail.com

For this document, the Principle of Contractual Independence applies, which means that if there is a need to modify, delete, expand, or add a clause or provision to it, this does not invalidate the rest of the content of the same and the document in general, generating all the obligations and rights for which it was drafted, provided that such a need to modify, delete, expand, or add a clause or provision does not limit or make impossible the application of the same.

In case of doubts in the interpretation of this policy, this document will be integrated with the definitions established by Article 4 of the GDPR (REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, adhering "The Owner" to the rest of its other provisions.

The General Data Protection Regulation (GDPR, for its acronym in English) is a set of privacy and digital security regulations enacted by the European Commission that aims to provide some basic protections for personal and confidential data of individuals.

Note that requesting the deletion of records may lead to the termination of the account, membership, or other service.

• Procedures to follow to exercise your rights.

You can direct any other inquiry to:

Email: fashioninspapp@gmail.com