Effective Date: June 26th, 2023
Last Updated: April 10th, 2025

1. Introduction

This Privacy Policy describes how CODENATO Tech ("Company," "we," "us," or "our") collects, uses, shares, and protects personal information when you access our websites, applications, platforms, services, and solutions (collectively, our "Services").

We are committed to protecting your privacy and handling your data transparently, responsibly, and in compliance with applicable data protection laws, including the Brazilian General Data Protection Law (LGPD), the European General Data Protection Regulation (GDPR), and other relevant regulations.

2. Data Controller Information

CODENATO Tech
Address: R. Jose Elias, 71, Sala 201, Jardim Karaiba, Uberlândia - MG, 38411-201, Brazil
Email: hi@codenato.tech
Phone: +5534999249956

3. Information We Collect

3.1 Information You Provide Directly

• Account Information: Name, email address, phone number, company name, job title

• Payment Information: Billing address, payment method details (processed by secure third-party providers)

• Communication Data: Messages, support tickets, feedback, and correspondence

• Professional Information: Technical requirements, project specifications, business needs

3.2 Information Collected Automatically

• Device Information: IP address, browser type, operating system, device identifiers

• Usage Data: Pages visited, features used, interaction patterns, access times

• Log Data: System logs, error reports, performance metrics

• Cookies and Tracking: Session cookies, analytics cookies, preference cookies (see Section 9)

3.3 Information from Third Parties

• Business Partners: Referral information, collaborative project data

• Public Sources: Publicly available professional information

• Service Providers: Identity verification, credit check results (where applicable)

4. Legal Basis for Processing

We process personal data based on:

4.1 Contract Performance

To provide Services and fulfill our contractual obligations

4.2 Legitimate Interests

For business operations, service improvement, and security, balanced against your rights

4.3 Consent

Where you have explicitly agreed to specific processing activities

4.4 Legal Obligations

To comply with applicable laws, regulations, and legal processes

4.5 Vital Interests

In rare cases where processing is necessary to protect someone's life or safety

5. How We Use Your Information

5.1 Service Delivery

• Providing and maintaining our Services

• Managing your account and authentication

• Processing transactions and payments

• Delivering customer support

5.2 Communication

• Responding to inquiries and requests

• Sending service updates and notifications

• Providing technical alerts and security notices

• Marketing communications (with consent)

5.3 Improvement and Development

• Analyzing usage patterns and trends

• Developing new features and services

• Conducting research and analytics

• Personalizing user experience

5.4 Legal and Security

• Complying with legal obligations

• Protecting against fraud and abuse

• Enforcing our terms and policies

• Ensuring system security and integrity

6. Data Sharing and Disclosure

6.1 Service Providers

We share data with carefully selected third parties who assist in:

• Cloud hosting and infrastructure

• Payment processing

• Analytics and monitoring

• Communication services

6.2 Business Transfers

In case of merger, acquisition, or sale of assets, data may be transferred with appropriate protections

6.3 Legal Requirements

We may disclose data when required by:

• Court orders or legal processes

• Government authorities

• Law enforcement requests

• Protection of rights and safety

6.4 Consent-Based Sharing

With your explicit consent for specific purposes

6.5 Aggregated Data

We may share anonymized, aggregated data that cannot identify individuals

7. International Data Transfers

7.1 Cross-Border Transfers

Your data may be transferred to and processed in countries other than your own

7.2 Safeguards

We implement appropriate safeguards including:

• Standard contractual clauses

• Adequacy decisions

• Binding corporate rules

• Your explicit consent

8. Data Security

8.1 Technical Measures

• Encryption in transit and at rest

• Access controls and authentication

• Regular security assessments

• Intrusion detection systems

8.2 Organizational Measures

• Employee training and confidentiality agreements

• Limited access on need-to-know basis

• Regular security audits

• Incident response procedures

8.3 Breach Notification

In case of a data breach, we will notify affected individuals and authorities as required by law

9. Cookies and Tracking Technologies

9.1 Types of Cookies

• Essential: Required for site functionality

• Analytics: Help us understand usage patterns

• Preference: Remember your settings

• Marketing: Used for targeted advertising (with consent)

9.2 Cookie Management

You can control cookies through browser settings and our cookie preference center

9.3 Do Not Track

We respect Do Not Track signals where legally required

10. Your Rights and Choices

10.1 Access Rights

• Request access to your personal data

• Obtain copies of your data in a portable format

10.2 Correction and Deletion

• Update or correct inaccurate data

• Request deletion of your data (subject to legal requirements)

10.3 Processing Controls

• Object to certain processing activities

• Restrict processing in specific circumstances

• Withdraw consent where processing is consent-based

10.4 Data Portability

Request your data in a structured, machine-readable format

10.5 Automated Decision-Making

Right to not be subject to solely automated decisions with legal effects

10.6 How to Exercise Rights

Contact us at privacy@[company.com] with your request. We will respond within 30 days or as required by law

11. Data Retention

11.1 Retention Periods

We retain data only as long as necessary for:

• Providing Services

• Legal obligations

• Resolving disputes

• Enforcing agreements

11.2 Deletion Practices

After retention periods, data is securely deleted or anonymized

12. Children's Privacy

Our Services are not directed to individuals under 16. We do not knowingly collect data from children. If we learn of such collection, we will promptly delete the data.

13. Third-Party Links and Services

Our Services may contain links to third-party sites. We are not responsible for their privacy practices. Please review their policies before providing personal information.

14. Changes to This Policy

14.1 Updates

We may update this Policy to reflect changes in:

• Legal requirements

• Our practices

• Service offerings

14.2 Notification

Material changes will be notified via:

• Email to registered users

• Prominent notice on our Services

• 30 days advance notice when possible

15. Contact Information

15.1 Privacy Inquiries

For questions or concerns about this Policy or our practices:

Email: privacy@[company.com]
Data Protection Officer: dpo@[company.com]
Mail: [Company Address]

15.2 Supervisory Authority

You have the right to lodge a complaint with your local data protection authority:

Brazil: Autoridade Nacional de Proteção de Dados (ANPD)
[Other relevant authorities based on jurisdictions]

16. Regional Specifications

16.1 For Brazilian Residents (LGPD)

Additional rights include:

• Confirmation of processing existence

• Anonymization, blocking, or deletion of unnecessary data

• Information about sharing with third parties

• Possibility of denying consent and consequences

16.2 For European Residents (GDPR)

Additional protections and rights as specified under GDPR Articles 12-23

16.3 For California Residents (CCPA)

Additional rights include:

• Right to know categories and specific pieces of personal information

• Right to delete personal information

• Right to opt-out of sale of personal information

• Right to non-discrimination

By using our Services, you acknowledge that you have read and understood this Privacy Policy.