Last updated: June 24, 2026. Version: 2.1 (English version).
This Privacy Policy is permanently published and publicly accessible at https://bugee.com.br/legal/privacy_policy and describes how Bugee Apps Ltda. (the "Bugee" brand), enrolled with the Brazilian taxpayer registry (CNPJ) under No. 48.942.384/0001-98, with its registered office at Rua Rio Grande do Norte, 1435, sala 708, Savassi, Belo Horizonte/MG, CEP 30130-138 (hereinafter "Bugee," "we," or "our"), collects, uses, stores, shares, and protects the personal data of the users and visitors of the website https://bugee.com.br and the Bugee Workspace platform, as well as of its native applications.
This Policy was prepared in accordance with Brazil's General Data Protection Law (Lei nº 13.709/2018, "LGPD") and, with respect to integrations with Google services, with the Google API Services User Data Policy, including the Limited Use requirements. The address above is the canonical URL of this Policy, linked to the Google OAuth consent screen.
By using our services, you acknowledge that you are aware of the contents of this Policy. We recommend that you read it in full. If you have any questions, please contact us at [email protected].
1. Identification of the Controller and the Data Protection Officer (DPO)
Controller of personal data:
- Legal name: Bugee Apps Ltda.
- Trade name: Bugee Apps (the Bugee brand)
- CNPJ: 48.942.384/0001-98
- Address: Rua Rio Grande do Norte, 1435, sala 708, Savassi, Belo Horizonte/MG, CEP 30130-138
- Phone: (31) 99845-1800
- E-mail: [email protected]
- Website: https://bugee.com.br
Personal Data Protection Officer (Encarregado/DPO): pursuant to Article 41 of the LGPD, Bugee has designated as its Officer the legal entity Bugee Apps Ltda. itself, which performs this function through its management. The official channel for communication with the Officer is the e-mail address [email protected] and, alternatively, the postal address and phone number indicated above. Through this channel, any data subject may submit requests, questions, and complaints, as well as exercise the rights provided for under the law.
2. Definitions
For the purposes of this Policy, the following definitions apply, in accordance with the LGPD:
- Personal data: information relating to an identified or identifiable natural person.
- Sensitive personal data: data concerning racial or ethnic origin, religious conviction, political opinion, membership in a union or in a religious, philosophical, or political organization, data concerning health or sex life, and genetic or biometric data, when linked to a natural person.
- Data subject: the natural person to whom the personal data refers.
- Processing: any operation carried out with personal data, such as collection, production, receipt, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, deletion, evaluation, modification, communication, transfer, dissemination, or extraction.
- Controller: the party responsible for decisions regarding the processing of personal data. With respect to the registration data of users and website visitors, Bugee acts as the Controller.
- Processor: the party that carries out the processing of personal data on behalf of the controller. With respect to the data that the user enters into the Workspace modules about third parties (clients, contacts, buyers), Bugee acts as the Processor, with the user being the Controller of such data.
- Sub-processor: a third party engaged to assist in providing the service, processing data on behalf of the processor or the controller.
- Consent: a free, informed, and unambiguous expression by which the data subject agrees to the processing of their personal data for a specified purpose.
- ANPD: the Brazilian National Data Protection Authority.
3. Controller and Processor Roles
Bugee acts in two distinct roles, depending on the data being processed:
- As Controller: with respect to your registration, profile, payment, and browsing data, and to the information you provide to us directly in order to subscribe to and use the platform, as well as for lead capture on the website.
- As Processor: with respect to the content you create or enter into the Workspace modules, including data about third parties (clients, leads, contacts, buyers, reviewers, and recipients). In this case, you are the Controller of such data and are solely responsible for having an appropriate legal basis, for fulfilling the duties of disclosure, and, where required, for obtaining the consent of the data subjects, as well as for respecting the rights of those data subjects.
Bugee does not request or process, on its own initiative and in its capacity as Controller, sensitive personal data of data subjects. If you enter, into the Workspace modules (for example, Notes, CRM, BugDrive, Chat/WhatsApp) or in imported reviews, any sensitive personal data of third parties, you do so in your capacity as Controller and assume responsibility for identifying the basis under Article 11 of the LGPD that authorizes such processing.
4. What Data We Collect and How
We collect personal data that you provide to us directly, data generated by your use of the platform, and data that you expressly authorize us to import from third-party services (such as Google, Meta, LinkedIn, and Canva). Below, we organize the data by category.
4.1. Account and Profile Data
- E-mail and password (the password is managed and stored securely by the authentication service, and is never held in plain text by Bugee).
- Full name, photo/avatar, nickname and, where provided, date of birth and phone number (including a WhatsApp indication).
- Personal address and company data (company e-mail, phone, address, city, state, postal code, and website).
- CPF and RG (Brazilian individual taxpayer and ID numbers), when provided by the user for the issuance of contracts, proposals, and tax or commercial documents.
- Verification codes sent by e-mail, stored securely using hashing (SHA-256), never in plain text.
4.2. Workspace Module Content
The platform is modular and stores the content you create or enter into each tool:
- CRM: data about your clients and leads (name, e-mail, phone, website, company, CNPJ, city, state, notes, sales values, and tags).
- Project Manager: cards, tasks, comments, collaborators, and linked leads.
- BugDrive: folders and files you upload, including their metadata.
- My Card (public digital business card): title, description, photo, cover, links, WhatsApp number and, when configured, a snapshot of the Instagram feed. On public pages, we collect visitor data (IP address, User-Agent, and view and click logs) for statistical purposes.
- Notes, Calendar, and Developer Tools: free-form content from notes, events, flowcharts, mind maps, and requests made through the API testing tool.
- Password Manager: the vault items (name, URL, username, password, and notes) are encrypted on your own device (AES-GCM) before reaching our servers; we store only the encrypted content, to which Bugee has no access in plain text.
- Finance: transactions, budgets, categories, and financial tags.
- Store (e-commerce) and Coupons & Points: buyer data (name, e-mail, phone, CPF/CNPJ, delivery address), orders, items, payment status, and loyalty accounts.
- AI Creatives: prompts, projects, generated images and text, brand kits, and credit usage records.
- Social Media and E-mail: integration tokens, post content, messages, conversations, connected e-mail accounts (whose IMAP/SMTP access credentials are stored in specific protected fields), attachments, and campaign recipient lists.
- Chat/Automation (WhatsApp): contacts' phone numbers and names, message content and media, automations, and campaigns.
With respect to the content you enter about third parties, Bugee acts as Processor, as set forth in Section 3.
4.3. Payment Data
- Through the Asaas and Stripe processors: customer identifiers, e-mail, CPF/CNPJ, phone, and payment data.
- Card data is tokenized by the payment processor. Bugee does not access the full card number; it stores only the token, the card brand, the last 4 digits, and the expiration date.
- Records of subscriptions, payments, webhook events, and credit history.
4.4. Website Leads
When you fill out a contact form on the website, we collect name, e-mail, phone, contact preference, business segment, project objective, platforms, desired integrations, budget, and description, as well as the visitor's IP address and User-Agent, for context and fraud-prevention purposes.
4.5. Browsing Data, Cookies, and Analytics
- First-party analytics: we record pages accessed, referrer, session identifier, country/city (approximate IP-based geolocation), device type, and viewport. We do not store the IP in plain text; instead, we keep a pseudonymized identifier (SHA-256 hash of IP + User-Agent).
- Third-party cookies and trackers: the Meta Pixel, Google Analytics (GA4), and Google Tag Manager, as detailed in Section 6.
5. Purposes and Legal Bases
We process your personal data for the purposes below, always supported by a legal basis provided for in Article 7 (or Article 11, for sensitive data) of the LGPD.
- Authentication and account management: legal basis of performance of a contract (Article 7, V).
- Provision of the Workspace services and storage of your content: performance of a contract (Article 7, V).
- Issuance of contracts, proposals, and tax documents (CPF, RG, CNPJ): performance of a contract and compliance with a legal or regulatory obligation (Article 7, II and V).
- Payment processing and billing: performance of a contract and compliance with a legal obligation (Article 7, II and V).
- The platform's artificial intelligence features (AI Creatives, agents, text and image generation, diagnostics, and suggestions): performance of a contract (Article 7, V), when you voluntarily activate these features. Activation entails sending the necessary content to subcontracted AI providers (see Sections 8 and 9), solely to generate the requested output.
- Website lead capture and qualification: pre-contractual procedures and legitimate interest (Article 7, V and IX).
- First-party analytics and fraud prevention: legitimate interest (Article 7, IX), using pseudonymized data.
- Third-party marketing cookies and trackers (Meta Pixel, GA4, GTM): consent (Article 7, I), collected through the consent banner.
- Integrations with Google services (Login, Google Ads, Google Business Profile): consent (Article 7, I), expressed on Google's own OAuth consent screen, revocable at any time.
- Integrations with Meta (Instagram/Facebook), LinkedIn, and Canva: consent (Article 7, I).
- Information security and compliance with court or authority orders: compliance with a legal obligation and regular exercise of rights (Article 7, II and VI).
When you enter third-party data into the Workspace modules, you act as Controller and are responsible for identifying the applicable legal basis and for fulfilling the duties of disclosure and of obtaining consent, where required.
5.1. Automated decisions
Bugee does not adopt, in its capacity as Controller, decisions based solely on automated processing that produce legal effects or significantly affect the data subject. The lead-qualification, diagnostic, and automation features function as support tools, the results of which are always submitted to the assessment and final decision of a human user (the advertiser or the account operator). Any automated uses that you may configure within the Workspace are your responsibility as Controller. Should Bugee come to adopt a relevant automated decision, you may request a review under Article 20 of the LGPD, through the Officer's channel.
6. Cookies, Tracking Technologies, and Consent Banner
We use cookies and similar technologies to operate the website, measure audience, and optimize campaigns. We have adopted an LGPD consent banner that respects your choice:
- Third-party tools (the Meta Pixel, ID 803709464323006; Google Analytics GA4, ID G-LWVVTHL9K4; and Google Tag Manager, ID GTM-W53HXRGR) are only loaded in your browser after you click "Accept."
- If you click "Decline," no third-party tracker is loaded.
- First-party analytics, which records only page statistics in a pseudonymized manner in our own database, remains active regardless of your choice, on the basis of legitimate interest.
Revoking cookie consent: you may, at any time, change or revoke your choice by reopening the cookie preferences banner available on the website (the "Cookie preferences" link), which stops the future loading of third-party trackers. You may also block or delete cookies through your browser settings; we note, however, that deleting cookies through the browser does not, by itself, undo the loading of scripts that has already occurred in the current session, which is why we recommend using the preferences panel.
Meta Conversions API (CAPI): for measuring e-commerce conversions, we may send to Meta, via the Conversions API (server-side), purchase events containing contact data (e-mail, phone, and name) previously converted into a SHA-256 hash, such that they are not directly identifiable. We transparently clarify that this server-side transmission results from the completion of an order and from the legitimate-interest basis for measurement, and is not conditioned on the cookie banner, since it is carried out from our server (and not by means of cookies or scripts in your browser). The data sent is limited to what is strictly necessary and is transmitted in hashed form.
7. Google User Data (Google API Services)
This section describes, in a specific and highlighted manner, how Bugee accesses, uses, shares, stores, retains, and deletes the data obtained through the Google APIs. Access always occurs subject to the explicit authorization of the user, on Google's OAuth consent screen, and may be revoked at any time. Bugee requests only the minimum scopes necessary for the functionality that the user chooses to enable (scope minimization) and displays the OAuth consent screen, with the requested scopes, before any access. There are three distinct integrations, each with its own scopes.
7.1. Login with Google (scopes openid, email, profile)
- Data Accessed: Google account identifier, e-mail address, name, and profile photo.
- Data Usage: to authenticate the user and create/populate the account at Bugee. We do not use this data for any other purpose.
- Data Sharing: login data is neither sold nor shared with third parties. It is processed by the authentication service that operates on our own infrastructure.
- Data Storage & Protection: the identity is stored by the authentication service in our self-managed Supabase environment, hosted in Brazil, with traffic over HTTPS/TLS.
- Data Retention & Deletion: the data remains for as long as the account is active and is removed when the account is deleted (see Section 12), with the authentication identity permanently erased (hard delete). You may also revoke Login access at any time at myaccount.google.com/permissions.
7.2. Google Ads (scope https://www.googleapis.com/auth/adwords)
- Data Accessed: the user's Google account e-mail and identifier; access and refresh tokens (OAuth); identifiers of the accessible ad accounts; and the structure and metrics of the campaigns, ad groups, ads, and keywords (impressions, clicks, cost, conversions, CTR, CPC) of the user's own Google Ads account.
- Data Usage: to allow the user to create, edit, list, pause, remove, and analyze their own Google Ads campaigns within the Bugee panel. When the user activates artificial intelligence features (generation of ad copy or a campaign plan), the supporting content is processed by a subcontracted AI provider solely to generate the requested output.
- Data Sharing: the data is not sold. It is not shared with third parties, except: (a) with our own infrastructure that stores the integration; and (b) when the user activates AI features, in which case the necessary content is sent to the AI provider Anthropic, which acts as a subcontracted processor, solely to generate the requested output, as set forth in Section 8.
- Data Storage & Protection: the OAuth tokens are stored in an integration table in the self-managed Supabase Postgres database, hosted in Brazil, with access restricted by Row Level Security (RLS) and by a service key (service_role). The tokens are never returned to the browser. Traffic over HTTPS/TLS.
- Data Retention & Deletion: the tokens and any campaign data that may be mirrored or cached are kept for as long as the integration remains connected. The user may disconnect the integration at any time, an action that discards the tokens and the Google Ads integration data stored by Bugee. We transparently clarify that, due to the current architecture, deleting the Bugee account does not automatically remove the Google Ads integration tokens; to ensure the removal of these tokens from our environment, use the "Disconnect" function before deleting the account. In any event, you may revoke access directly at myaccount.google.com/permissions and request the removal of any residual data through the Officer's channel.
7.3. Google My Business / Google Business Profile (sensitive scope https://www.googleapis.com/auth/business.manage)
- Data Accessed: the user's Google account e-mail and name; OAuth tokens; business locations (name, title, address, phone, hours, categories, website); local posts; reviews (rating, comment, reviewer's name and photo, anonymity indication) and replies; and profile performance metrics.
- Data Usage: to allow the user to manage their own profile through the Bugee panel, editing business information, creating and deleting posts, replying to reviews, and viewing the performance dashboard. Optional AI features may generate diagnostics and suggested replies to reviews, which are only published upon the user's confirmation.
- Data Sharing: the data is not sold. It is not shared with third parties, except: (a) with our own infrastructure; and (b) when the user activates AI features, in which case the necessary content (including review text and profile data) is sent to the AI provider OpenAI, which acts as a subcontracted processor, solely to generate the requested output, as set forth in Section 8.
- Data Storage & Protection: tokens and mirrored data in integration tables in the self-managed Supabase, hosted in Brazil, protected by RLS and a service key, with traffic over HTTPS/TLS. The tokens are never exposed to the browser.
- Data Retention & Deletion: kept for as long as the integration remains connected. Disconnection discards the tokens and the integration data stored by Bugee. Unlike the Google Ads integration, all mirrored Google My Business data is linked through a cascade-deletion relationship and is also automatically removed when the Bugee account is deleted. The user may also revoke access at myaccount.google.com/permissions.
7.4. Third-party data (reviewers) imported from Google My Business
The names and photos of Google My Business reviewers are personal data of third parties, imported solely for display and reply within the user's panel, in support of managing the user's own business profile. We adopt the following commitments regarding this data: (i) it is processed under strict minimization, limited to what is necessary for the user to view and reply to reviews; (ii) it is not reused for any other purpose, is not sold, does not feed advertising, and is not used to train models; and (iii) it is removed from our environment upon disconnection of the integration and upon deletion of the account, as it is subject to the cascade deletion described in Section 7.3. The same applies, in the context of Google Ads, to third-party data (such as end customers and associated metrics), which is processed only for managing the user's own campaigns and is not reused by Bugee.
8. Limited Use and Compliance with the Google API Services User Data Policy
Bugee's use and transfer of information received from the Google APIs adhere to the Google API Services User Data Policy, including the Limited Use requirements. In particular, we declare that, with respect to data obtained via the Google APIs:
- We do not use the data for advertising purposes.
- We do not sell the data.
- We do not transfer the data to third parties, except in order to: (i) provide or improve the feature requested by the user; (ii) comply with an applicable legal requirement; or (iii) with the user's express consent. Sending Google content to the AI providers (Anthropic, for Google Ads, and OpenAI, for Google My Business), when the user activates an AI feature, falls exclusively under exception (i): it is automated inference processing to generate the output requested by the user, and not a transfer to an independent third party.
- The AI providers act as processors (service providers) under contract, process the data solely to generate the output requested by the user, do not retain it beyond what is strictly necessary for that purpose, and do not use it to train or improve their own models.
- No human reads the data, except: (i) with the user's express consent for specific data; (ii) for security purposes (such as abuse investigation); or (iii) to comply with applicable law. Processing by AI models is automated and does not constitute human reading.
- We do not use the data to develop, improve, or train generalized artificial intelligence or machine-learning models. The platform's AI features only make inference calls to providers to generate the output requested by the user; no models of Bugee's own, nor of the providers, are trained with this data.
Google's standard text (in English): "Bugee's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements."
9. Sharing with Sub-processors and Third Parties
To operate the platform, we rely on service providers (sub-processors) that process personal data on our behalf or receive data strictly for the indicated purpose. We do not sell your personal data. The main third parties are:
- Supabase (Bugee's self-managed infrastructure, hosted in Brazil): database, file storage, and authentication for the entire platform.
- Asaas: processing of payments, subscriptions, and billing (Brazil).
- Stripe: processing of payments, subscriptions, and credits.
- Mercado Pago: Store payment processing (generation of payment links via Checkout Pro), when the merchant connects their own Mercado Pago account (Brazil). It receives the order and buyer data required to charge the payment.
- Melhor Envio: shipping quotes, label issuance, and shipment tracking for the Store, when the merchant connects their own account (Brazil). It receives the buyer's name, document (CPF/CNPJ), full address, contact, and the order's dimensions/weight, in order to calculate shipping and generate the shipping label.
- Meta: the Pixel and the Conversions API (marketing measurement, with contact data in SHA-256 hash), as well as Instagram Graph and Facebook (publication and management of content authorized by the user).
- Google: Login, Google Ads, Google My Business, Google Analytics (GA4), and Google Tag Manager.
- OpenAI: artificial intelligence features (generation of images and text, diagnostics, and suggested replies to Google My Business reviews), in its capacity as a subcontracted processor.
- Anthropic: artificial intelligence features (agents, generation of ad copy, and Google Ads campaign plans), in its capacity as a subcontracted processor.
- Evolution API (messaging integration service used by Bugee): sending and receiving messages via WhatsApp.
- n8n (automation tool operated within Bugee's environment): automation of internal notifications for leads captured on the website.
- Hostinger: hosting provider for the server infrastructure and transactional e-mail sending services (SMTP), as well as hosting and delivery of images and other static assets of the website.
- Canva: import of designs authorized by the user.
- LinkedIn: publication of content on the user's profile, subject to authorization.
- ViaCEP: postal code lookup for automatic address completion.
- ipify: obtaining the visitor's public IP address, used to generate the hashed visitor identifier and to log the IP capture.
- ipwho.is: approximate geolocation by IP address, for visit-statistics purposes.
The AI providers (OpenAI and Anthropic) act as subcontracted processors, processing the data only to generate the requested output, without retention beyond what is necessary and without use for training their models. We may also share personal data to comply with legal or regulatory obligations, to respond to requests from competent authorities, and to regularly exercise our rights, including in judicial or administrative proceedings.
10. International Data Transfer
Bugee's core infrastructure for the database, file storage, and authentication is maintained in a self-managed environment (Supabase/Coolify) physically hosted in Brazil (São Paulo). Thus, the core of your account data, Workspace content, and files remains within the national territory.
Some of the sub-processors listed in Section 9 are headquartered or operate servers outside Brazil, notably in the United States and in other countries (for example, Stripe, Meta, Google, OpenAI, Anthropic, Canva, and LinkedIn). Accordingly, when you use the features that depend on these services, the personal data strictly necessary for the contracted purpose may be transferred internationally.
Such transfers comply with the provisions of Article 33 of the LGPD and occur: (i) when indispensable to performing the feature you have chosen to use (for example, processing an international payment, publishing content on a social network, or generating an AI output); and/or (ii) subject to your consent, in the case of integrations and marketing trackers. Bugee adopts, to the extent that each provider makes them available, the contractual safeguards offered by these providers (such as their respective data processing terms and international transfer clauses incorporated into their standard contracts), and limits the data transferred to the minimum necessary for the purpose. Bugee does not represent the existence of safeguards that have not actually been made available by the respective provider.
11. Data Subject Rights
Pursuant to Article 18 of the LGPD, you, as a data subject, may exercise the following rights at any time:
- Confirmation of the existence of processing of your personal data.
- Access to the data.
- Correction of incomplete, inaccurate, or outdated data.
- Anonymization, blocking, or deletion of unnecessary or excessive data, or of data processed in noncompliance with the LGPD.
- Portability of the data to another service or product provider, upon express request.
- Deletion of data processed on the basis of consent, except for the cases of retention provided for by law.
- Information about the public and private entities with which Bugee has shared your data.
- Information about the possibility of not providing consent and about the consequences of refusal.
- Revocation of consent, at any time.
- Objection to processing carried out on the basis of one of the grounds for which consent is dispensed with, in the event of noncompliance with the LGPD.
To exercise your rights, simply contact us at [email protected]. We may request additional information to confirm your identity before fulfilling the request, as a security measure. We will respond to requests as soon as possible and, as a rule, within 15 (fifteen) days from receipt, with this period being subject to justified extension in cases of complexity. You also have the right to file a petition with the ANPD.
12. Data Retention and Deletion
We retain your personal data only for as long as necessary for the purposes described in this Policy, observing the applicable legal periods. By way of concrete retention parameters:
- Account data and Workspace content: for as long as the account is active. After the account is deleted, the data is erased as set forth in Section 12.1, except for legal retention cases.
- Tax and payment data and documents (invoices, receipts, billing records): for the period required by tax and fiscal legislation, as a rule 5 (five) years, in line with Article 173 of the Brazilian National Tax Code and Article 27 of the Consumer Protection Code.
- Access and application logs (connection and usage logs): for the period under the Brazilian Internet Civil Framework (Lei nº 12.965/2014), corresponding to a minimum of 6 (six) months, and may be retained for a longer period for security and the regular exercise of rights.
- Data processed on the basis of consent (cookies/trackers and integrations): until consent is revoked or the integration is disconnected.
- Pseudonymized usage statistics (hashed visitor identifier): since they are not linked to your account, they may be retained in aggregate form for an indefinite period for statistical purposes.
- Backups: the data may persist in encrypted backups until the rotation or natural expiration of the backup cycle, as a rule up to 30 (thirty) days, after which it is overwritten.
Once the purposes and legal periods have been exhausted, the data is deleted or anonymized.
12.1. Account deletion
You may request the deletion of your account directly on the platform, on the profile page ("Danger Zone"), with double confirmation. Upon confirming, we run an automated process that removes your personal data from all tables and file storage areas containing your personal data, and permanently deletes (hard delete) your authentication account. The deletion is irreversible. The same functionality is available in the native applications. As detailed in Section 7.2, the removal of the Google Ads integration tokens depends on prior use of the "Disconnect" function, so it is recommended that you disconnect that integration before deleting the account.
12.2. Deletion channel by e-mail (including without account access)
If you are unable to access your account (for example, due to loss of credentials), or prefer not to use the self-service deletion, you may request the deletion of your data by sending a request to [email protected]. After confirming your identity, we will process the deletion as soon as possible and, as a rule, within 15 (fifteen) days, except for legal retention cases.
12.3. Disconnecting integrations
Disconnecting any integration discards the corresponding access tokens stored by Bugee. In the case of Google My Business, disconnection and account deletion also remove the mirrored profile data. In the case of Google Ads, the removal of the tokens specifically depends on disconnection (see Section 7.2). To revoke access directly with Google, use myaccount.google.com/permissions.
12.4. Inactive accounts
Accounts that remain inactive for a prolonged period may be subject to prior notice and, if the inactivity persists, to the deletion of the associated data, except for legal retention cases. We will notify the data subject, through the registered contacts, before proceeding with deletion due to inactivity.
12.5. Reservations
Certain data may be retained after account deletion when necessary to comply with legal obligations (for example, tax and payment records) or for the regular exercise of rights. Records existing in backups may persist for an additional period until their rotation or expiration.
13. Information Security
We adopt technical and administrative measures to protect personal data. Among the measures actually implemented, the following stand out:
- Data traffic encrypted under HTTPS/TLS.
- Per-user isolation via Row Level Security (RLS) in the database, so that each user can only access their own data.
- Separation between public access keys and the service key (service_role), with administrative operations and integration tokens accessible only through the latter.
- Client-side encryption (AES-GCM) of the password vault content, before it is sent to our servers, so that Bugee stores only the encrypted content. The credentials for e-mail accounts (IMAP/SMTP) are stored in specific protected fields.
- Hashing (SHA-256) of verification codes, visitor identifiers, and the contact data sent via the Meta Conversions API.
- CSRF protection in the OAuth flows, with single-use states and expiration.
- Password management by the authentication service, with no plain-text storage by Bugee, and tokenization of card data by the payment processors.
Despite our efforts, no system is entirely immune to incidents. Should a security incident occur that may result in significant risk or harm to data subjects, we will notify those affected and the ANPD in accordance with the law.
14. Data of Children and Adolescents
The Bugee platform is not intended for persons under 18 years of age, and we do not intentionally collect personal data of children and adolescents, with no offering of services in our registration directed at this audience. Should any processing of a minor's data occur, it will be carried out in the minor's best interest, in accordance with Article 14 of the LGPD. If you are a legal guardian and identify that a minor under your responsibility has provided us with personal data without proper authorization, please contact us at [email protected] so that we may take the appropriate measures, including deletion.
15. Changes to This Policy and Versioning
This Policy may be updated periodically to reflect changes in our services, in the law, or in our data processing practices. The version and the "Last updated" date indicated at the top of this document identify the current version in effect. In the event of material changes, we will adopt reasonable means to inform you, such as a notice on the platform or a communication by e-mail. We recommend that you periodically review this document. Continued use of the services after the publication of a new version implies awareness of the changes.
16. Governing Law, Jurisdiction, and Contact
This Policy is governed by the laws of the Federative Republic of Brazil. The courts of the Judicial District of Belo Horizonte/MG are elected to resolve any disputes arising from this document, with the waiver of any other, however privileged it may be.
For questions, requests, or the exercise of rights related to personal data, please contact the Data Protection Officer (DPO):
- E-mail: [email protected]
- Phone: (31) 99845-1800
- Address: Rua Rio Grande do Norte, 1435, sala 708, Savassi, Belo Horizonte/MG, CEP 30130-138