Privacy Notice for Beings

Hello, Beings!

Here at Unico, we are driven by the purpose of creating solutions that simplify people's lives through their digital identities. We aim to connect people with products and services, giving them total control over their data and making the relationship between people and companies more transparent, simple, and secure. Our commitment to personal data protection and compliance with the General Data Protection Law ("LGPD") extends to all holders whose personal data we process. For this reason, we have prepared this document to clarify how Unico considers and respects the privacy of Beings and ensures the protection of their personal data as an employer. It is important that this document is read carefully, as you must declare awareness of the obligations and conditions described herein by signing electronically. The provisions in this document will become part of the Employment Contract entered into with ACESSO DIGITAL TECNOLOGIA DA INFORMAÇÃO S.A., a corporation headquartered at Praça General Gentil Falcão, No. 108, 10th floor, Bairro Cidade Monções, ZIP Code: 04571-150, São Paulo/SP, registered under CNPJ No. 05.563.165/0001-95 ("Unico"). Consequently, your Employment Contract and this document must be considered together.

Terms and Definitions.

What personal data is processed by Unico?

Unico collects your personal data starting from the recruitment and selection process, directly from you or partners; throughout your admission process and your journey as a Unique Being, through Unico People or official platforms like E-SOCIAL. Unico will process your personal data solely for expressly stated purposes and always in compliance with the legal bases established by LGPD. The following data may be collected:

• Registration data or identification information: your full name, address, date and place of birth, identification numbers such as CTPS, RG, CPF, CNH, as applicable, and phone number, for example;

• Professional information: such as your professional history, qualifications, and academic certifications, including class registrations (e.g., OAB, for lawyers), performance data, and remunerations, for example;

• Electronic identification data: login information, IP address, badge number, and location, if applicable, for example.

In some cases, Unico's processing of personal data will include Sensitive Personal Data, such as health-related information (to manage licenses and leaves, for example), diversity-related information (to plan corporate inclusion actions, for example), or biometric data, including facial recognition (to manage physical access to offices). Whenever necessary, Unico will ask for your consent, and participation in such surveys will not be mandatory, agreed?

Why does Unico process my data, and what are the legal bases that authorize this processing?

Unico will process your data to:

• Fulfill corporate and social responsibility duties;

• Manage and optimize team performance, promote training, and plan activities to improve the quality of work for Beings;

• Monitor and ensure compliance with health and safety rules;

• Manage IT resources and infrastructure;

• Comply with legal obligations imposed on Unico as an employer and respond to official requests from authorities;

• Ensure compliance with internal policies related, for example, to Information Security and the Compliance Program.

The legal bases allowing data processing for the purposes described above, along with examples, are:

• Compliance with legal or regulatory obligations of Unico: such as data processing by the Personnel Department for granting vacations, licenses, or leaves, or by the Legal Department for Unico's corporate routine;

• Execution of the employment contract signed with the Being: processing by the Finance Department for paying salaries, or by the Personnel Department for granting benefits;

• Regular exercise of rights by Unico in judicial, administrative, or arbitral proceedings: when the Legal Department manages and stores documents, such as contracts, for example;

• To meet Unico's legitimate interests, such as when the Facilities team processes data like your name, phone number, and address for sending gifts and treats, or when the PeopleX team registers you on training and development platforms;

• From collecting your consent: for example, when the Culture team promotes engagement actions, voluntary surveys, and diversity campaigns.

With whom does Unico share your data?

Unico may share personal data, including sensitive data, with third parties contracted or not, such as:

• Providers and administrators of benefits granted to Unico Beings (health, dental plans, meal vouchers, etc.);

• Communication service providers, including institutional content production (campaigns and event content, for example);

• Logistics companies supporting equipment, document, or treat delivery and receipt;

• External consultants, such as accounting firms or recruitment agencies;

• Platforms used for training and development of Beings;

• Platforms used for managing physical access to offices;

• Public or private social security entities, as applicable;

• Judicial, administrative, or regulatory authorities when Unico is obligated or for exercising rights in judicial, administrative, or arbitral proceedings, and even for compliance with legal or regulatory obligations. Examples include INSS, ANPD, Procon, Ministério Público, ordinary and specialized courts.

When transferring your data to third parties, measures are taken to ensure they meet our security standards and remain safe. In the case of international data transfers (sharing with third parties located outside Brazil), Unico will establish the proper mechanism to ensure the legality of such transfers, in accordance with LGPD and guidance from the National Data Protection Authority ("ANPD").

How does Unico protect your data?

During data processing by Unico, the following premises will be considered:

• Unico will only process personal data indicated in this document for expressly stated purposes;

• Unico commits to respecting the confidentiality of the personal data it processes, whether by itself or its employees;

• Unico will maintain appropriate technical and organizational measures to protect your Personal Data against unauthorized, accidental, or unlawful destruction, loss, alteration, misuse, disclosure, or access, as well as against all other illegal forms of processing;

• Measures described in Unico's internal policies will be adopted, including those outlined in the Information Security Policy;

• Unico commits to storing your Personal Data for as long as necessary to fulfill the purpose for which it was collected or to comply with legal or regulatory requirements, or per internal policy (such as facilitating operation of stock-based compensation and incentive plans).

What are your rights?

Unico will provide you, as a Unique Being and Data Subject, with all necessary information to ensure transparency regarding how your personal information is processed. Unico will also ensure the full and effective exercise of your rights.

Your rights include:

• Access to data;

• Correction of incomplete or outdated data;

• Cancellation and opposition to processing Personal Data, provided legal or regulatory obligations do not override these rights;

• Elimination of data processed with your consent;

• Information about public or private entities with whom your data is shared;

• Revocation of consent granted, when applicable;

• Obtaining information about the possibility of not providing consent when data processing relies on this legal permission, as well as being informed about the consequences of not granting this consent.

To exercise any of the rights mentioned, you can contact our Data Protection Officer: Diana Goldstein Troper, via email: dpo@unico.io

How and where does Unico store your data?

Your personal information will be stored on Unico's internal servers, and in some cases, on Google Cloud Platform servers.

How long does Unico store your personal data?

The Personal Data processed by Unico must comply with the timelines established in the Data Retention and Disposal Policy. The timelines consider the type of processing, purpose, and applicable legislation to ensure data is stored only for the necessary duration.

Updates to this Privacy Notice

Unico keeps its Privacy Notice under regular review and will make any updates available to you.

Final Provisions

You acknowledge that the conditions set forth in this document, upon signing the Employment Contract, will be automatically considered an integral and inseparable part of it for all purposes. This document does not override the application of Unico's internal policies and regulations, especially those related to Information Security, the Code of Ethics and Conduct, or any others that may be created in the future.