Privacy Policy

Privacy Policy Publication Date: 02/13/2026 CR1PTO HOST INOVA SIMPLES (I.S.) - ME, a legal entity headquartered in the city of Gravataí, State of Rio Grande do Sul, Brazil, duly registered under CNPJ No. 58.638.376/0001-06 (hereinafter referred to as “Cripto Host”, “We”, “Us”, or “Our”), takes your privacy seriously and is committed to safeguarding the security and protection of the data of all clients, partners, suppliers, consumers, and users (“Users” or “you”) of the website https://cripto.host and any other website, platform, system, or application operated by Cripto Host (collectively, the “Platform”). This Privacy Policy (“Privacy Policy”) is intended to inform you about how we collect, use, process, store, share, and protect information gathered during your visits to our Platform and in any communications exchanged with you (“Communications”). This Privacy Policy applies solely to information collected through the Platform and related services provided by Cripto Host. By accessing the Platform, sending Communications, registering for an account, contracting our Services, or providing any personal data, you acknowledge that you have read and understood the terms set forth herein and expressly agree to this Privacy Policy, consenting to the processing of your information as described herein and in accordance with applicable data protection legislation. This Privacy Policy provides an overview of our data processing practices, the types of Personal Data we may collect, the purposes for which such data is processed, the legal bases for processing, the security measures adopted, and the rights you may exercise regarding your Personal Data. If you have any questions about this Privacy Policy or about how your Personal Data is processed, you may contact us at: fale@cripto.host. This Privacy Policy does not apply to third-party applications, services, payment processors, blockchain networks, validators, exchanges, social media platforms, or external websites that may be accessed through links available on the Platform. Accessing such third-party services may result in the independent collection and processing of your data by those entities. Cripto Host does not control, endorse, or assume responsibility for the privacy practices, content, or policies of third-party platforms, which may differ from those described herein. We strongly recommend that you review the privacy policies of any third-party services before providing your Personal Data. If you provide us with Personal Data relating to other individuals, you represent and warrant that you are authorized to do so, that you have obtained all necessary consents required under applicable law, and that such data may be processed by Cripto Host in accordance with this Privacy Policy. 1. Definitions 1.1 For the purposes of this Privacy Policy: (i) “Personal Data” means any information that, directly or indirectly, identifies or may identify a natural person, such as name, CPF (Taxpayer Registry Number), date of birth, IP address, among others; (ii) “Sensitive Personal Data” means any information that reveals, regarding a natural person, racial or ethnic origin, religious belief, political opinion, trade union or religious, philosophical, or political organization membership, data concerning health or sex life, genetic or biometric data; (iii) “Processing of Personal Data” means any operation carried out regarding Personal Data, whether by automated means or not, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction. Also considered Processing of Personal Data is any other operation provided for under the terms of applicable legislation; (iv) “Data Protection Laws” means all legal provisions regulating the Processing of Personal Data, including, but not limited to, Federal Law No. 13.709/18, the General Personal Data Protection Law (“LGPD”). 2. Use of Personal Data **2.1 **Purpose of Data Collection and Use We collect and process Personal Data to manage your relationship with Cripto Host and to provide, maintain, improve, and personalize the Services offered through the Platform. The processing of your Personal Data is carried out in accordance with applicable data protection legislation and for legitimate operational, contractual, and security purposes. Examples of how we use Personal Data include, but are not limited to: (i) To process payments, charge subscription fees, calculate and invoice yield fees, and manage billing related to the Services contracted by you; (ii) To verify, confirm, update, or correct the information we maintain about you; (iii) To provide customer support, respond to inquiries, resolve technical issues, and ensure the proper functioning of your contracted services; (iv) To personalize and enhance your experience on the Platform, including tailoring features, dashboards, notifications, and service recommendations; (v) To enable access to and management of blockchain node infrastructure, including monitoring services and related functionalities; (vi) To communicate with you through the email address and/or phone number you provide, including for operational communications, service updates, security alerts, billing notices, and, where permitted by law, promotional or informational messages regarding Cripto Host services or strategic partners; (vii) To comply with legal, regulatory, tax, compliance, fraud prevention, anti-money laundering (AML), and security obligations; (viii) To conduct surveys, collect feedback, and perform quality assessments in order to improve our Services and better understand user satisfaction. Where required by applicable law, you may opt out of receiving promotional communications at any time by following the unsubscribe instructions included in such communications or by contacting us at fale@cripto.host. Requests related to access, correction, modification, or deletion of Personal Data may also be submitted through this contact channel, subject to applicable legal limitations. 2.2 Furthermore, the Personal Data provided may also be used in the manner we deem necessary or appropriate: (a) under Data Protection Laws; (b) to comply with legal process requirements; (c) to comply with a court order, regulatory decision, or decision by competent authorities, including authorities outside the country of residence; (d) to enforce our Terms and Conditions of Use, as well as the AZ Pay Adhesion Term; (e) to protect our operations; (f) to protect our rights, privacy, safety, or yours or those of third parties; (g) to detect and prevent fraud; (h) to allow us to pursue available remedies or limit the damages that we may sustain; and (i) in other ways permitted by law. 3. Non-provision of Personal Data 3.1 You are not required to share the Personal Data we request with us; however, if you choose not to share it, in some cases, we will not be able to provide you with full access to the Platform, a personalized and faster shopping experience, certain specialized features, or be able to effectively respond to any queries you may have. 4. Data Collected 4.1 The general public may browse the Platform without the need for any registration or submission of Personal Data. However, some of the Platform’s functionalities may depend on registration and the submission of Personal Data. 4.2 When you contact Cripto Host through the Platform, email, support channels, or any official communication means, we may collect and process the following categories of Personal Data: (i) Contact Information, including but not limited to your first name, last name, phone number, city, State, and email address; and (ii) Information You Provide, including any content submitted through contact forms, support tickets, emails, chat communications, or other channels, such as questions, requests, complaints, suggestions, feedback, criticism, or compliments. Such information is collected for the purpose of responding to your inquiry, providing support, improving our Services, maintaining service quality standards, complying with legal obligations, and maintaining internal records related to customer service interactions. 4.3 During general browsing on the Platform, Cripto Host may automatically collect certain technical and usage-related information, including: (i) Location Data. Geolocation data derived from your IP address or device settings when you access the Platform, which may indicate your approximate geographic location (such as country, state, or city level). (ii) Preferences. Information about your preferences and interests related to the Platform and Services, including communication preferences and feature usage patterns, whether explicitly provided by you or inferred from your interactions with the Platform. (iii) Platform Browsing and Technical Data. Information regarding your visits and activities on the Platform, including the pages viewed, time spent on pages, features accessed, referral URLs, browser type, operating system, device type, IP address, session identifiers, and similar diagnostic data. Some of this information is collected through Automatic Data Collection Tools, such as cookies, web beacons, pixels, log files, and similar tracking technologies. For more details, please refer to Section 7 (Automatic Data Collection Tools). (iv) Anonymous and Aggregated Data. Anonymous survey responses and aggregated statistical data about how users interact with the Platform. In certain cases, we apply anonymization, pseudonymization, or de-identification techniques so that the data can no longer reasonably be associated with an identified or identifiable individual using available technology. (v) Other Non-Identifiable Information. Information that does not directly reveal your identity, including device characteristics, browser information, and general usage analytics collected through cookies and similar technologies. 4.4 When you register an account or subscribe to a Cripto Host plan, we may collect: (i) Registration Data, including but not limited to your full name, CPF or other tax identification number (when applicable), email address, and phone number; (ii) Billing and Payment Data, including billing address, credit card information, banking details, and transaction identifiers necessary to process subscription payments and service fees. Payment processing may be conducted through authorized third-party payment service providers, including AZ Pay, which may collect and process your payment information in accordance with their own privacy policies and security standards. Cripto Host does not store full credit card details on its own servers unless expressly required and permitted by law. 4.5 To facilitate subscription payments and service-related charges, Cripto Host may share necessary billing and identification information with AZ Pay, our contracted payment processing partner. Such information may include: (i) Identification and registration data (such as name, CPF, and email address); (ii) Payment-related data (such as credit card details, billing address, and transaction information). AZ Pay processes payment data in accordance with its own privacy policy and applicable financial regulations. Cripto Host does not control the data processing practices of AZ Pay and recommends that Users review AZ Pay’s privacy policy before completing a transaction. The sharing of such data is limited to what is necessary for payment authorization, fraud prevention, charge processing, and compliance with legal and financial obligations. 4.6 In specific situations (e.g., research we conduct to understand the profile of our clients and how their relationship with us works), we may process Sensitive Personal Data of our direct and/or indirect clients (as in the case of our clients’ customers). When this occurs, such processing will take place in accordance with the requirements provided for in the LGPD, notably regarding obtaining consent from our clients and/or consumers, when required. 4.7 In cases where your consent is necessary for the performance of a certain activity, we will inform you about the consequences arising from your non-provision. 5. Sharing of Personal Data with Third Parties 5.1 Cripto Host may share your Personal Data in the following circumstances: (i) With Service Providers and Operational Partners. We may share Personal Data with trusted third-party service providers and partners engaged to perform functions on our behalf and support our business operations. These may include, but are not limited to, payment processors (including AZ Pay), hosting providers, cloud infrastructure services, data storage providers, cybersecurity and fraud prevention services, customer support platforms, analytics providers, marketing and communication tools, IT service providers, and other operational partners necessary for the proper functioning of the Platform. Such service providers may be located in Brazil or in other jurisdictions, including countries where data protection laws may differ from those applicable in your country of residence. In such cases, we adopt appropriate safeguards to ensure that Personal Data is processed securely and in compliance with applicable legislation. (ii) With Strategic or Technical Partners. We may share Personal Data with third parties when necessary to operate, manage, maintain, improve, or secure the Platform, including infrastructure providers, compliance advisors, legal consultants, or fraud prevention entities. (iii) Corporate Transactions. In the event of a reorganization, restructuring, merger, acquisition, capital investment, joint venture, asset sale, transfer of control, or any similar corporate transaction involving CR1PTO HOST INOVA SIMPLES (I.S.) - ME, Personal Data may be transferred to the relevant third party as part of such transaction, subject to applicable confidentiality and data protection obligations. This includes situations related to insolvency, bankruptcy, or judicial recovery proceedings. (iv) Legal and Regulatory Compliance. We may disclose Personal Data when required by applicable law, regulation, court order, subpoena, governmental authority, or regulatory body, or when we believe in good faith that disclosure is necessary to protect our rights, enforce our Terms, prevent fraud, ensure platform security, or respond to legal claims. 6. International Data Transfers 6.1 Personal Data and other information collected by Cripto Host may be transferred to, stored in, or accessed by service providers, operational partners, infrastructure providers, or affiliated collaborators located in Brazil or in other countries, when necessary for the operation, maintenance, security, improvement, or legal compliance of the Platform and Services, in accordance with this Privacy Policy. Such transfers may involve cloud hosting providers, payment processors (including AZ Pay), cybersecurity providers, analytics tools, technical support providers, or other entities that support Cripto Host’s operations. 6.2 Whenever Personal Data is transferred internationally, Cripto Host will adopt appropriate technical, administrative, and contractual safeguards to ensure that your Personal Data receives a level of protection consistent with applicable data protection laws, including the Brazilian General Data Protection Law (LGPD) and, where applicable, international data protection standards. When required by law, we will rely on legally recognized international data transfer mechanisms, including contractual safeguards, adequacy decisions, or other lawful bases that permit cross-border data transfers. 7. Method of Automatic Personal Data Collection 7.1 When you visit the Platform, it may store or retrieve information on your browser, primarily in the form of cookies, which are text files containing small amounts of information. See our Cookie Policy at the end of this term to learn more. 7.2 This information may be about you, your preferences, or your device and is used primarily to make the Platform work as you expect. The information usually does not directly identify you, but it can give you a more personalized web experience. 7.3 In accordance with this Privacy Policy and the Cookie Policy, we and our third-party service providers, upon your consent, may collect your Personal Data in various ways, including, among others: 7.3.1 Through the browser or device: Some information is collected by most browsers or automatically through internet access devices, such as computer type, screen resolution, operating system name and version, device model and manufacturer, language, type and version of the Internet browser you are using. We may use this information to ensure that the Platform functions properly. 7.3.2 Use of cookies: Information about your use of the Platform may be collected by third parties through cookies. Cookies are information stored directly on the computer you are using. Cookies allow the collection of information such as browser type, time spent on the Platform, pages visited, language preferences, and other anonymous traffic data. We and our service providers use information for security protection, to facilitate navigation, display information more effectively, and personalize your experience when using the Platform, as well as for online tracking. We also collect statistical information about the usage of the Platform for continuous improvement of our design and functionality, to understand how the Platform is used, and to assist you in resolving issues regarding the Platform. 8. Duration of Processing 8.1 Personal Data processed by Cripto Host will be retained for as long as necessary to fulfill the purposes for which it was collected, including the provision of Services, account management, billing, compliance, fraud prevention, security monitoring, and enforcement of contractual obligations. Personal Data may also be retained for the period required to comply with legal, regulatory, tax, accounting, and contractual obligations, as well as to respond to requests from competent authorities. In addition, data may be stored for the duration of applicable statutes of limitation for the filing of judicial, administrative, or arbitral actions. 8.2 Personal Data may be retained for longer periods when necessary to comply with a legal or regulatory obligation, to support a corporate transaction, or to exercise or defend the rights of CR1PTO HOST INOVA SIMPLES (I.S.) - ME in judicial, administrative, or arbitral proceedings. In certain cases, after the retention period expires, Personal Data may be anonymized or irreversibly de-identified for statistical, analytical, compliance, or business continuity purposes, in accordance with applicable law. Where technically feasible and legally permissible, Personal Data will be securely deleted or anonymized once it is no longer required for the purposes described above. 9. User Rights 9.1 You may, at any time and in accordance with applicable data protection legislation, request from Cripto Host: (i) Confirmation as to whether your Personal Data is being processed; (ii) Access to your Personal Data; (iii) Correction of incomplete, inaccurate, or outdated Personal Data; (iv) Anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed Personal Data; (v) Portability of your Personal Data to another service provider, subject to applicable legal requirements and provided that such portability does not infringe upon trade secrets or intellectual property rights of Cripto Host; (vi) Deletion of Personal Data processed based on your consent, where legally applicable; (vii) Information regarding the public or private entities with which your Personal Data has been shared; (viii) Information about the possibility of refusing to provide consent and the potential consequences of such refusal; (ix) Revocation of consent, when processing is based on consent. Requests may be submitted through our official contact channel at fale@cripto.host. 9.2 In order to protect your privacy and ensure that Personal Data is disclosed only to the rightful data subject, Cripto Host may request additional information or documentation to verify your identity before fulfilling any request related to Personal Data. 9.3 Please note that, in certain circumstances, your request may not be immediately fulfilled or may be subject to limitations. This may occur when retention of data is required for compliance with legal, regulatory, tax, accounting, security, fraud prevention, or contractual obligations, or when data must be retained for the establishment, exercise, or defense of legal claims. In such cases, Cripto Host will inform you of the legal basis preventing full compliance with your request, where applicable. 10. Security of Personal Data 10.1 We strive to adopt the technical and organizational measures provided for by appropriate Data Protection Laws to protect Personal Data within our organization. Unfortunately, no data transmission or storage system is guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you believe that the security of any of your accounts has been compromised), please notify us immediately. 11. Hypertext Links to Other Websites and Social Networks 11.1 The Platform may, from time to time, contain hypertext links that will redirect you to websites of our partners’ networks, advertisers, suppliers, etc. If you click on one of these links to any of these sites, please remember that each site has its own privacy practices and that we are not responsible for these policies. Please consult said policies before sending any Personal Data to these sites. 11.2 We are not responsible for the collection, use, and disclosure policies and practices (including data protection practices) of other organizations, such as Facebook, Apple, Google, Microsoft, or any other software developer or application provider, social media platform, operating system, wireless internet service provider, or device manufacturer, including all Personal Data you disclose to other organizations through the applications, related to such applications, or published on our social media pages. We recommend that you inform yourself about the privacy policy of each site visited or each service provider used. 12. Use of the Platform by Minors 12.1 The platform is not intended for persons under 18 (eighteen) years of age, and we ask that such persons do not provide us with any personal data. 13. Updates to this Privacy Policy 13.1 If we modify our Privacy Policy, we will publish the new text on the Platform, with the updated revision date. We may change this Privacy Policy at any time. If there is a significant change in the terms of this Privacy Policy, we may inform you through the contact information we have in our database or through a notification on our Platform. 13.2 We remind you that we are committed not to process your Personal Data in a manner incompatible with the objectives described above, unless otherwise required by law or court order. 13.3 Your use of the Platform after the changes means that you have accepted the revised Privacy Policies. If, after reading the revised version, you do not agree with its terms, please terminate access to the Platform. 14. How to Contact Cripto Host If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your Personal Data, you may contact CR1PTO HOST INOVA SIMPLES (I.S.) - ME, operator of the Cripto Host platform, through the following channel: Email: fale@cripto.host We are committed to responding to your request within a reasonable timeframe and in accordance with applicable data protection legislation. Cookie Policy Publication Date: 09/22/2022 When you visit our website, it may store or collect information on your internet browser, primarily in the form of cookies. This information may be about you, your preferences, or your device and is used primarily to make the site work as you expect, in addition to offering a more personalized web experience. The term “cookie” may be used to describe a series of technologies, including, but not limited to, pixel tags, web beacons, and mobile device identifiers. 1. What are cookies? A cookie is a small piece of data (text file) that a website - when visited by a user - asks your browser to store on your device to remember information about you, such as your language preference or login information. Placing cookies will help the website recognize your device on a future visit. We use the term cookies in this policy to refer to all files that collect information in this way. Our website may also contain third-party cookies and APIs (application programming interfaces). We recommend that you check the privacy policy of these third parties. The cookies used collect various information, including that which can identify the user. If you are already a user of our website, we may monitor your visits to the site provided that, at least once, you have started your browsing from a communication sent by us, for example, SMS and email. Cookies also collect generic information, namely how users arrive at and use the sites or the zone of the country/countries through which they access the site, etc. Cookies only retain information related to your preferences. 2. What are cookies for? Cookies are used to help determine the usefulness, interest, and number of uses of the sites, allowing for faster and more efficient navigation and eliminating the need to repeatedly enter the same information. 3. What types of cookies do we use? Our cookies have different functions:

Essential cookies: some cookies are essential to access specific areas of our website. They allow navigation on the site and the use of its applications, such as accessing secure areas of the site through login. Without these cookies, the services that require them cannot be provided.
Analytical cookies: we use these cookies to analyze how users use the site and monitor its performance. This allows us to provide a high-quality experience by customizing our offer and quickly identifying and correcting any problems that arise. For example, we use performance cookies to know which pages are most popular, which method of linking between pages is most effective, or to determine why some pages receive error messages. Based on site usage, we may also use these cookies to highlight articles or site services that we think are of interest to users. These cookies are used only for the purposes of statistical creation and analysis, without ever collecting personal information.
Functionality cookies: we use functionality cookies to allow us to remember user preferences. For example, cookies avoid typing the user’s name each time they access the site. We also use functionality cookies to provide advanced services to the user, such as making comments on an article. In summary, functionality cookies store user preferences regarding the use of the site, so that it is not necessary to reconfigure the site each time you visit it.
Third-party cookies: serve to measure the success of applications and the effectiveness of third-party advertising on our site.
Advertising cookies: serve to target advertising based on the interests of each user and the number of visits made, allowing us to limit the number of times the ad is displayed. These cookies help measure the effectiveness of advertising.

The cookies used can be:

Permanent cookies: are stored at the internet browser level on your access devices (PC, mobile, and tablet) and are used whenever the user makes a new visit to the site. They are generally used to direct navigation according to the user’s interests, allowing us to provide a more personalized service.
Session cookies: are temporary, remain in your internet browser’s cookies until you leave the site. The information obtained allows us to identify problems and provide a better browsing experience.

All browsers allow the user to accept, refuse, or delete cookies, namely by selecting the appropriate settings in the respective browser. You can configure cookies in the “options” or “preferences” menu of your browser.Note that by disabling cookies, you may prevent some web services from functioning correctly, affecting, partially or totally, navigation on the website. We remind you that by disabling cookies, parts of our site may not function correctly. STORE USERS

Name	Function
auth-user-prefs	Records logged-in user information, such as name, email, user permissions within the e-commerce, and database identifier field.
show-cookies-modal-prefs	Records acceptance data of the Cookie Policy.
user-ceps	Records user address data, logged in or not, such as street, number, complement, neighborhood, city, state, country, and ZIP code.
cart-id-prefs	Records the shopping cart identification.
cart-validity-prefs	Registers and controls the validity of the shopping cart.
user-shipping-address	Records address data selected at checkout for product shipping.
user-ship-freight	Registers the shipping method selected at checkout.

NECESSARY FOR STORE OPERATION

Name	Function
api_key_firebase	Used to forward requests to your Firebase project when you interact with Firebase and Google services.
app_id_firebase	Identifies the app in Google Firebase.
project_id_firebase	Identifies the project in Google Firebase.
author_domain	Saves e-commerce settings, such as store name, CNPJ, State Registration (IE), and address.
colors_domain	Used to display the colors defined for the e-commerce.
description_domain	Records dynamic HTML meta tag content “description,” which varies according to the accessed page.
domain	Registers the e-commerce domain.
favicon	Records the store icon image displayed in the browser tab.
images_domain	Records brand logo images.
keywords_domain	Records dynamic HTML meta tag content “keywords,” which varies according to the accessed page.
name_domain	Records dynamic HTML meta tag content “title,” which varies according to the accessed page.
seller-id-prefs	Identifies the seller in the database.
tag_manager	Registers the Google Tag Manager identifier.

STORE MANAGER PANEL

Name	Function
flutter.domain	Registers the e-commerce domain.
flutter.token	Registers the token of the logged-in user for API access.
flutter.prefs_userId	Verifies the seller identification in the database.
flutter.prefs_token	Registers the token of the logged-in user for API access.
flutter.email	Registers the logged-in user’s email.
flutter.name	Registers the logged-in user’s name.
flutter.sellerId	Verifies the seller identification in the database.

PAYMENT PLATFORM

Name	Function
flutter.nome	Registers the seller’s name.
flutter.idSeller	Verifies the seller identification in the database.
flutter.token	Registers the token of the logged-in user for payment API access.
flutter.email	Registers the logged-in user’s email.

4. Cookie Management and Browser Settings The Help section of browsers indicates how to refuse new cookies, get a notification message informing of the receipt of cookies, or how to block them. To simplify your navigation, see below the links directing to the Help section of the most used browsers:

Internet Explorer™: Delete and manage cookies
Safari™: Manage cookies and website data in Safari on Mac
Chrome™: Clear, enable, and manage cookies in Chrome - Computer - Google Chrome Help
Firefox™: Enhanced Tracking Protection in Firefox for desktop | Firefox Help
Opera™: Web preferences.

5. Who to contact in case of doubts? If you have any questions regarding this Cookie Policy, you can find contact information in our Privacy Policy.

Getting started

Project Docs and Guides