Privacy Policy
Last updated: July 6, 2026
1. Information We Collect
We collect account registration credentials (name, email address, password hashes), organization setups, workspace records, manually-uploaded ad copy captures, notes, and list selections. Payment data (credit card information) is directly collected and processed by Stripe under PCI-DSS compliance; we do not store raw card numbers.
2. Compliance: LGPD & GDPR User Rights
Under the Brazilian General Data Protection Law (LGPD) and the General Data Protection Regulation (GDPR), you possess the following rights regarding your personal information:
- Right to confirm data processing and access your records.
- Right to correct incomplete, inaccurate, or outdated inputs.
- Right to request anonymization, blocking, or deletion of unnecessary data.
- Right to data portability to another service provider.
- Right to withdraw consent at any time.
3. Multi-Tenant Data Isolation & Security
Competitor surveillance metrics, swipe moodboards, and weekly narrative reports are locked down at the database layer. Our Firestore security rules prevent unauthorized cross-tenant read/write operations. Only authenticated team members linked to your specific Organization ID possess access keys.
4. Data Sharing & Third-Party Services
We do not sell or monetize your organization's captured competitor data. We share email parameters with transactional delivery systems (Resend/SendGrid) and billing references with Stripe exclusively to perform basic operations.
5. Data Retention & Purging
We store account profiles and ad metrics for the duration of your membership. If you trigger a workspace deletion or close your organization account, all nested collections are permanently deleted and purged from our active indices.
6. Data Queries & Contact Info
For any questions, concerns, or requests regarding LGPD/GDPR compliance, personal data logs, or privacy rights, please contact our data officer via email at nicolaudiogo@gmail.com.