The following describes the rules applicable to the use of the Vio app on mobile devices with Android and iOS systems ("Application"), provided by the FEDERAL DATA PROCESSING SERVICE ("SERPRO"), headquartered at SGAN 601 Módulo V, Brasília, DF, CNPJ No. 33.683.111/0001-07, in accordance with Law 13.709 of August 14, 2018 (LGPD).
1.1 By using the service, the user confirms that they have read and understood the Terms and Policies applicable to it and agrees to be bound by them.
For the purposes of these Terms of Use, the following definitions apply:
2.1 Personal data: Information related to an identified or identifiable natural person;
2.2 Sensitive personal data: Personal data regarding racial or ethnic origin, religious beliefs, political opinions, membership in a union or organization of a religious, philosophical, or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person;
2.3 Anonymized data: Data related to a data subject who cannot be identified, considering the use of reasonable and available technical means at the time of processing;
2.4 Database: A structured set of personal data, stored in one or more locations, in electronic or physical form;
2.5 Data Subject: The natural person to whom the personal data being processed refers;
2.6 Processing: Any operation performed with personal data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination, or extraction.
2.7 Anonymization: Use of reasonable technical means available at the time of processing, by which data can no longer be associated, directly or indirectly, with an individual.
2.8 Consent: The free, informed, and unequivocal expression by which the data subject agrees to the processing of their personal data for a specific purpose.
2.9 Deletion: Deletion of data or a set of data stored in a database, regardless of the procedure used;
2.10 International Data Transfer: Transfer of personal data to a foreign country or international organization of which the country is a member.
2.11 User: Any natural person who uses the Vio App.
Law No. 12,965 of April 23, 2014: Internet Civil Rights Framework - Establishes principles, guarantees, rights, and obligations for the use of the Internet in Brazil.
Law No. 12,527 of November 18, 2011: Access to Information Law - Regulates access to information as provided for in the Federal Constitution.
Law No. 13,460 of June 26, 2017: Provides for the participation, protection, and defense of the rights of users of public services of the public administration.
Law No. 13,709 of August 14, 2018: Regulates the processing of personal data, including in digital media, by individuals or legal entities under public or private law, with the aim of protecting the fundamental rights of freedom and privacy and the free development of the individual's personality.
Decree No. 7,724 of May 16, 2012: Regulates Law No. 12,527 of November 18, 2011 (Access to Information Law), which establishes access to information as provided for in the Constitution.
The Application provides users with a reader capable of reading and decoding information previously encoded in a QR Code (Quick Response Code) generated by the Vio service, as well as verifying the authenticity of the QR Code through the use of a digital signature. The application can then display the decoded information on the screen or identify reading errors or discrepancies between the digital signature used by the Vio service and the one present in the scanned QR Code. To do this, the application uses the camera of a mobile device, typically a cell phone or tablet. These QR Codes contain a representation of the data present in a document.
Agents from regulatory agencies can use the application during inspections to help verify the authenticity of documents. The application does not alter the rights and duties of citizens and is used solely as a tool by regulatory agents in conjunction with other mechanisms for the same purpose.
It is important to highlight that the application:
Does not store, collect, or process any personal data;
Does not require authentication, login, or registration from its users;
Operates passively and temporarily, only reading and displaying encrypted data in the QR Code. and;
It does not interfere with the legal validity or effectiveness of scanned documents, serving only as an auxiliary tool for verifying their veracity, which is the responsibility of the supervisory agent or responsible authority.
4.1 DATA SHARING
The Application does not send any information read from QR Codes to other devices.
No user personal information is shared by the Application under any circumstances.
4.2 DATA RETENTION
The Application does not store any information read from QR Codes.
4.3 INTERNET ACCESS
The Application may use internet access to update its database of document templates and digital certificates for verifying their veracity.
4.4 THIRD-PARTY SERVICES
The Application may be invoked by third-party applications. In this case, the third-party application launches the Vio Application, which overlays the window of the calling application to scan the QR Code and return the scanned data to the original application. The user will be presented with the Vio scanning screen, and the user has full control over the operation, including the right to cancel it. Data read by the third-party application will be subject to its own terms of use and privacy policy, so the Application is not responsible for how third-party applications use the data provided by it.
The Vio Application does not collect, store, or otherwise process users' personal data, as defined by Law No. 13,709/2018 - the General Personal Data Protection Law (LGPD).
However, in compliance with the principles of transparency and informational self-determination, SERPRO informs that the rights provided for in Article 18 of the LGPD - such as access, correction, deletion, and revocation of consent - may be exercised in the event of any personal data being processed by the controller or by systems integrated with the Application, which must be clearly and in advance notified to the user.
6.1 User Responsibilities
6.1.1 The User is responsible for the proper use of the Application, agreeing to use it for the purposes described in these Terms and Conditions and not to attempt to manipulate the content read or interfere with the operation of the solution.
6.1.2 The User has a quick, secure, and reliable resource at their disposal to assist in verifying the authenticity of the document analyzed. However, Vio is presented as an auxiliary tool and should not be used alone for this purpose. The final decision on the authenticity of the document rests solely with a duly accredited inspection agent, as well as the application of any legal restrictions due to violations of current legislation.
6.1.3 The User is responsible for the repair of any and all damages, direct or indirect (including those resulting from the violation of any rights of other users, third parties, including intellectual property, confidentiality, and personality rights), caused to SERPRO, any other User, or any third party, including due to noncompliance with the provisions of these Terms of Use or any act performed through their access to the Internet, the website, and/or Application.
6.2 SERPRO shall not be held liable for the following:
a. Device infected or hacked by attackers;
b. Device damaged at the time of service consumption;
c. Device protection;
d. Protection of information based on users' devices;
e. Abuse of users' devices;
f. Covert monitoring of users' devices;
g. Vulnerabilities or instabilities in users' systems;
h. Insecure perimeter;
i. Actions arising from interpretations of document authenticity.
6.3 SERPRO's Responsibilities
6.3.1 SERPRO must comply with all laws regarding the proper use of users' personal data in order to preserve the privacy of the data used to provide the service provided.
6.4 Under no circumstances will SERPRO be responsible for the installation of malicious code (viruses, Trojans, malware, worms, bots, backdoors, spyware, rootkits, or any other code that may be created) on the User's or third-party equipment, resulting from the User's Internet browsing.
7.1 This version was last updated on: 15/07/2025.
7.2 SERPRO reserves the right to modify these rules at any time, especially to adapt them to changes in the Application, whether by providing new features or by removing or modifying existing ones.
7.3 Any changes and/or updates to these Terms of Use will be effective upon publication on the Application website (https://vio.serpro.gov.br/legal) and must be fully observed by Users.
If the User has any questions about these Terms of Use, they may contact us through the link: https://www.serpro.gov.br/menu/suporte/css.
8.1 In these cases, the User hereby agrees that all contact will be made from their own current email address.
9.1 The User declares to have read, understood, and accepted all the rules, conditions, and obligations established in these terms.
10.1 The Parties elect the jurisdiction of the District of Brasília/DF to resolve any disputes arising from these terms.
11.1 The User declares that they have read and understood all the rules, conditions, and obligations established in these terms.
11.2 The Application reads QR codes that may contain personal data exclusively on the user's device, without collection, storage, or transmission. The user understands that SERPRO does not further process this personal data, limiting itself to providing the technological infrastructure for local reading of the information.
11.3 By using the application, the user fully agrees and accepts the provisions of these Terms of Use.
© 2017 SERPRO - Federal Data Processing Service
SERPRO owns all copyrights, trademarks, domains, logos, product appearance, trade secrets, patents, and other intellectual property rights associated with the Vio Application and associated technologies. The use of our copyrights, trademarks, domains, logos, product appearance, trade secrets, patents and other intellectual property rights without our express permission is prohibited.