PRIVACY POLICY

Handerr recognizes privacy and the protection of personal data as essential elements for developing a reliable, secure infrastructure aligned with international compliance standards.

This Privacy Policy has been prepared based on the actual technical and operational functioning of the Handerr platform and is intended to inform, in a clear, transparent, and detailed manner, how personal information is collected, used, stored, shared, protected, and retained within the Handerr technology ecosystem.

This policy constitutes a comprehensive corporate instrument for data governance and must be interpreted together with:

• the Terms and Conditions of Use;
• the Cancellation Policy;
• internal operational policies;
• commercial annexes;
• payment policies;
• and any supplementary document published by Handerr.

Handerr seeks to ensure that the processing of personal data is carried out in accordance with the principles of lawfulness, proportionality, minimization, security, transparency, and technological accountability.

This document has been structured considering privacy practices and standards used by large-scale international technology platforms, adapted specifically to Handerr's operational architecture, infrastructure, and business model.

By registering, accessing, or using Handerr, the user declares that they have read and understood this Privacy Policy and accepts the processing of their personal data in accordance with the terms described herein.

Handerr operates as a digital intermediation technology infrastructure aimed at connecting users who need to resolve needs with professional users or providers capable of offering solutions, services, technical assistance, support, or related products.

The platform incorporates advanced functionalities that include:

• service marketplace;
• geolocation;
• artificial intelligence;
• transactional processing;
• digital reputation;
• messaging systems;
• identity verification (KYC);
• automated recommendations;
• real-time notifications;
• internal positioning;
• third-party integrations;
• and service discovery tools.

These functionalities require the processing of different categories of personal data whose nature, scope, and purpose are described in detail in this policy.

Welcome to Handerr.

This Privacy Policy describes in detail how Handerr collects, uses, stores, shares, protects, retains, and processes the personal information of users who access, use, or interact with the mobile application, website, technological infrastructure, digital services, payment systems, artificial intelligence functionalities, and other components of the Handerr ecosystem.

Handerr has developed this policy using international standards of transparency, accountability, and data protection employed by global technology platforms as a reference, adapting them specifically to Handerr's operational reality.

This document seeks to ensure that the platform's public commitments faithfully reflect the actual technical operation of the currently implemented technological infrastructure.

By registering, accessing, or using Handerr, you accept the practices described in this Privacy Policy.

If you do not agree with this policy, you must refrain from using the platform.

This Privacy Policy applies to:

• the Handerr mobile application;
• the website;
• APIs;
• backend systems;
• databases;
• artificial intelligence tools;
• payments and transactions;
• internal chat;
• geolocation;
• KYC verification processes;
• notifications;
• service marketplace;
• future functionalities;
• third-party integrations;
• commercial and promotional services.

Handerr seeks to process personal data in accordance with the principles of:

• lawfulness;
• transparency;
• minimization;
• proportionality;
• security;
• confidentiality;
• accountability;
• integrity;
• purpose limitation;
• operational necessity.

Handerr collects different categories of data depending on use of the platform.

Information necessary to create, authenticate, and manage accounts:

• email address;
• first name;
• last name;
• internal user identifier;
• encrypted password;
• phone number;
• phone verification status;
• basic authentication information;
• access credentials;
• account status.

The email address serves as the user's primary identifier within the authentication infrastructure.

Information intended for the operational functioning of the Handerr ecosystem:

• professional or personal profile;
• service categories;
• specialties;
• schedule and availability;
• hours;
• reputation;
• ratings;
• scores;
• favorites;
• published services;
• galleries;
• photographs;
• videos;
• biographies;
• work areas;
• cities of operation;
• profile content.

Handerr collects location data to facilitate the operation of the marketplace.

This may include:

• precise latitude and longitude coordinates;
• approximate location;
• city;
• operational area;
• request location;
• distance between users;
• coverage areas;
• service location;
• urgent match location.

Information may be obtained through:

• GPS;
• IP;
• WiFi;
• Bluetooth;
• device permissions;
• manually provided information.

Handerr may collect sensitive information intended for identity validation and security processes.

This may include:

• facial photographs;
• document photographs;
• identity documents;
• national identification number;
• document type;
• biometric images;
• KYC process status;
• review records;
• rejection reasons;
• manual or automated verifications.

This data is especially relevant for professional users, providers, and certain financial operations.

Handerr may collect information related to economic operations and payments:

• payment identifiers;
• references;
• amounts;
• currency;
• transaction status;
• order references;
• financial metadata;
• payment records;
• registered external payments;
• budget history;
• estimates;
• quotes;
• transactional events;
• content received from payment providers.

Certain data may be processed directly by third-party payment providers.

Handerr collects information generated through interaction between users:

• chat messages;
• sent images;
• videos;
• multimedia files;
• forms;
• responses;
• problem descriptions;
• comments;
• reviews;
• suggestions;
• conversation history;
• published content.

We may collect technical information necessary for the operation of the service:

• device identifier;
• operating system;
• application version;
• technical logs;
• connection identifiers;
• push notification tokens;
• IP addresses;
• technical activity;
• performance information;
• session events;
• connectivity data.

Handerr may generate or process information through automated tools and artificial intelligence.

This may include:

• automatic request classification;
• recommendations;
• category suggestions;
• writing assistance;
• profile improvement;
• biography optimization;
• review assistance;
• results organization;
• operational suggestions.

Handerr uses the information collected to:

• create and manage accounts;
• authenticate users;
• operate the marketplace;
• connect clients and professionals;
• display relevant results;
• enable urgent assistance;
• facilitate payments;
• process transactions;
• enable financing;
• verify identity;
• prevent fraud;
• improve security;
• personalize experiences;
• deliver notifications;
• enable chat;
• manage reputation;
• optimize positioning;
• facilitate geolocation;
• provide support;
• improve algorithms;
• train internal systems;
• conduct analysis;
• comply with legal obligations;
• protect users;
• develop new functionalities.

Handerr operates primarily on infrastructure provided by Amazon Web Services (AWS).

Authentication and credential management is performed through specialized AWS services.

Current characteristics:

• active session of approximately 60 minutes;
• refresh token with a duration of approximately 30 days;
• authentication independent of the rest of the operational databases.

Handerr uses multiple repositories and logical databases intended for:

• users;
• requests;
• messages;
• budgets;
• payments;
• transactions;
• events;
• KYC;
• notifications;
• urgent matches;
• favorites;
• catalogs;
• configurations;
• multimedia content.

Among the main categories stored are:

User-generated multimedia content may be stored in cloud object repositories.

This includes:

• profile photographs;
• galleries;
• service evidence;
• chat images;
• videos;
• KYC content.

Access may be performed through temporary signed links.

Currently:

• Upload links may expire in approximately 5 minutes;
• Read links may expire in approximately 15 minutes.

Handerr retains information for as long as necessary to operate the platform, comply with legal obligations, protect users, and maintain operational integrity.

Automatic mechanisms currently exist for certain categories:

Currently, much of the operational information is retained until manual action or technical necessity.

This may include:

• conversations;
• requests;
• payments;
• reputation;
• KYC;
• history;
• transactional records.

Retention may be due to:

• legal obligations;
• security;
• fraud prevention;
• support;
• disputes;
• operational integrity;
• audit;
• internal analysis.

Handerr currently implements a primary logical deletion model.

When a user requests account closure:

• the account may be disabled;
• access may be blocked;
• the user may be marked as deleted;
• certain information may be retained.

Currently, not all categories of information are automatically deleted from all internal repositories.

This may include:

• messages;
• payments;
• requests;
• KYC;
• transactional records;
• associated content.

Handerr may retain information when necessary for:

• legal obligations;
• fraud prevention;
• disputes;
• security;
• audits;
• regulatory compliance;
• protection of other users.

Handerr may share information with technology providers acting as data processors.

Primary cloud infrastructure provider.

May be involved in:

• authentication;
• databases;
• storage;
• content delivery;
• processing;
• infrastructure.

May receive:

• request descriptions;
• associated multimedia content;
• operational information necessary for automatic classification and AI-based assistance.

Purpose:

• classification;
• analysis;
• assistance;
• automation;
• recommendations.

Provider used for push notifications.

May receive:

• device token;
• notification content;
• technical identifiers.

May receive:

• references;
• amounts;
• identifiers;
• transactional data;
• customer data necessary to process payments.

Handerr may integrate:

• banks;
• payment gateways;
• analytics tools;
• mapping services;
• KYC providers;
• anti-fraud tools;
• financing platforms;
• advertising tools.

Due to the global nature of the technological infrastructure, information may be transferred and processed outside the user's country of residence.

This includes transfers to:

• the United States;
• Panama;
• and other territories where technology providers or partners operate.

By using Handerr, the user accepts such international transfers subject to reasonable protection measures.

Location is a core functionality of Handerr.

It may be used for:

• urgent assistance;
• nearby search;
• recommendations;
• matches;
• positioning;
• distance calculation;
• work areas;
• availability;
• future services related to nearby products and businesses.

Accuracy may vary depending on the device, network, permissions, and external services.

Handerr may use automated systems and artificial intelligence to:

• analyze requests;
• classify services;
• recommend professionals;
• organize results;
• optimize profiles;
• improve descriptions;
• suggest categories;
• assist with reviews;
• detect fraud;
• automate processes.

The user acknowledges that:

• automated responses may contain errors;
• recommendations are indicative;
• final decisions belong to the user.

Handerr seeks to implement reasonable technical and organizational security measures.

These may include:

• access controls;
• authentication;
• segmentation;
• monitoring;
• validations;
• infrastructure protection;
• temporary links;
• operational review;
• anti-fraud tools.

However:

• no system is completely invulnerable;
• the internet involves inherent risks;
• third parties may be compromised;
• unauthorized access may occur beyond reasonable control.

Handerr may adopt incident response protocols.

When legally required or reasonably necessary, it may:

• investigate incidents;
• limit access;
• notify users;
• notify authorities;
• implement corrective measures.

Depending on applicable legislation, the user may exercise rights related to:

• access;
• rectification;
• update;
• objection;
• restriction;
• withdrawal of consent;
• deletion;
• portability;
• manual review.

Requests may require:

• identity verification;
• additional validation;
• operational review.

Certain rights may be limited when there are:

• legal obligations;
• fraud prevention;
• security;
• mandatory retention;
• third-party rights.

Handerr may process personal data when a valid legal basis exists, including:

• user consent;
• performance of a contractual relationship;
• compliance with legal obligations;
• legitimate commercial, operational, or security interest;
• fraud prevention;
• user protection;
• dispute resolution;
• technological improvement;
• statistical analysis;
• operational continuity;
• infrastructure protection.

The user acknowledges that certain Handerr functionalities cannot operate properly without the processing of certain personal information.

Handerr may process personal information when reasonably necessary to:

• operate the platform;
• maintain security;
• prevent fraud;
• verify users;
• protect ecosystem reputation;
• improve experience;
• optimize algorithms;
• develop new functionalities;
• conduct internal analysis;
• protect its own or third-party rights;
• investigate suspicious behavior;
• ensure technological stability;
• enforce terms and policies.

The user acknowledges that certain processing may be carried out even when no additional specific consent exists, provided that the law permits processing on the basis of legitimate interest.

Handerr may review, moderate, analyze, limit, hide, or remove content, accounts, communications, or activities when it reasonably considers this necessary to:

• protect users;
• prevent fraud;
• prevent abuse;
• detect unlawful behavior;
• comply with legal obligations;
• maintain ecosystem integrity;
• protect platform reputation;
• ensure technological security.

Operational decisions may be supported by:

• human review;
• automated systems;
• artificial intelligence;
• user reports;
• internal analysis;
• anti-fraud tools.

Handerr does not guarantee prior individual review of all user-generated content.

The user acknowledges that certain information published within Handerr may be visible to other users.

This may include:

• name;
• photograph;
• reputation;
• city;
• professional category;
• biography;
• services;
• galleries;
• reviews;
• published content.

The user is responsible for the information they choose to share publicly within the platform.

Handerr shall not be liable for the use that third parties make of information voluntarily published by the user.

By using Handerr, the user agrees to receive communications related to:

• authentication;
• security;
• operations;
• payments;
• requests;
• support;
• reputation;
• marketing;
• promotions;
• policy changes;
• updates;
• functionalities;
• account activity.

Communications may be sent through:

• email;
• SMS;
• push notifications;
• in-app messages;
• WhatsApp;
• phone calls;
• automated means.

The user may manage certain preferences, although some operational or legal communications may be mandatory.

Handerr may use personal, technical, statistical, or aggregated information to:

• develop metrics;
• conduct analysis;
• improve algorithms;
• optimize performance;
• measure behavior;
• detect trends;
• evaluate functionalities;
• improve user experience;
• train internal models;
• develop new tools.

When reasonably possible, Handerr may use anonymized, aggregated, or de-identified information.

The user acknowledges that certain Handerr functionalities involve direct interaction with other users and partial exposure of information necessary to operate the marketplace.

Consequently, the user understands that:

• absolute privacy cannot be guaranteed within social, commercial, or interaction functionalities;
• certain information will be visible to other users;
• certain activities generate operational records necessary for the operation of the service.

When the user provides information related to third parties, they declare that they have sufficient authorization to share it.

The user shall be liable for any claim and legal action arising from information shared without valid authorization.

The user is responsible for:

• maintaining the confidentiality of their credentials;
• protecting access to their device;
• preventing unauthorized access;
• verifying the security of their communications;
• reviewing shared information;
• properly managing privacy permissions.

Handerr shall not be liable for access resulting from negligence, voluntary sharing of credentials, external malware, or improper use of the user's device.

The user acknowledges that Handerr is a technology platform in continuous evolution.

Consequently, certain functionalities, processing procedures, automated systems, artificial intelligence tools, security mechanisms, or integrations may be modified, updated, or reasonably expanded as the platform evolves.

Handerr may retain, analyze, share, or disclose information when it reasonably considers this necessary to:

• comply with legal obligations;
• respond to valid requests;
• cooperate with authorities;
• protect its own or third-party rights;
• prevent fraud;
• investigate incidents;
• protect platform integrity;
• enforce contracts;
• protect user safety.

Handerr implements reasonable protection and security measures; however, the user acknowledges that:

• the internet is not a completely secure environment;
• no technological system is absolutely invulnerable;
• external third parties may attempt to improperly access information;
• external providers may suffer incidents;
• technical failures may occur beyond Handerr's reasonable control.

To the maximum extent permitted by law, Handerr App S.A., Handerr Internacional S.A., their shareholders, directors, employees, partners, licensors, and providers shall not be liable for:

• unauthorized access;
• leaks originating from third parties;
• cyberattacks;
• malware;
• interruptions;
• connectivity failures;
• loss of information;
• indirect damages;
• lost profits;
• improper use by other users;
• decisions made based on user-generated content or artificial intelligence;
• acts of third parties beyond reasonable control.

The user agrees to hold harmless and indemnify Handerr App S.A., Handerr Internacional S.A., their shareholders, officers, employees, representatives, providers, and partners from any claim, investigation, loss, damage, cost, expense, fine, proceeding, or liability arising from:

• breach of this Privacy Policy;
• improper use of the platform;
• information shared by the user;
• violation of third-party rights;
• fraud;
• illegal use of the application;
• regulatory non-compliance attributable to the user;
• conflicts with third parties;
• commercial activities carried out within Handerr.

Handerr does not guarantee:

• absolute security;
• permanent availability;
• uninterrupted operation;
• complete absence of errors;
• absolute impossibility of improper access;
• absolute accuracy of automated systems;
• total accuracy of recommendations generated by artificial intelligence.

The user uses the platform at their own risk and understands the limitations inherent to any technological infrastructure.

Handerr may modify this Privacy Policy at any time to reflect:

• regulatory changes;
• new functionalities;
• technological evolution;
• integrations;
• operational modifications;
• commercial changes;
• security improvements.

Modifications may be notified through:

• the application;
• email;
• the website;
• internal messages;
• notifications.

Continued use of the platform implies acceptance of the updated version.

For inquiries related to privacy, data protection, or the exercise of rights:

Handerr

Email: privacidad@handerr.com

Website: www.handerr.com

Handerr was created to connect people, resolve needs, and generate opportunities through a fast, intelligent, and reliable technological infrastructure.

The trust of our users is an essential element for the sustainable growth of the platform.

Therefore, Handerr seeks to develop reasonable privacy, security, technological governance, and information protection mechanisms aligned with the evolution of the digital ecosystem and applicable international best practices.

Handerr — Where needs find solutions and talent finds opportunity.