Privacy Policy
Last updated: July 2026
Data controller
DataVigia is the controller for data collected through this portal. For any privacy matter, contact mnunes.maciel@gmail.com.
What data we process
Account data (name, email), billing data, contact form data, training campaign results (who interacted with tests) and security metadata from connected platforms (permissions, configurations, access logs). We do NOT access clients' file contents.
Purposes and legal basis
We process data to provide the service (contract performance), for billing (contractual and legal obligation), for security and fraud prevention (legitimate interest) and to answer enquiries (consent). You may withdraw consent at any time.
Sub-processors
We use sub-processors bound by data processing agreements (DPAs): Supabase (database and hosting), Vercel (app hosting), Anthropic (AI reports), Resend (email delivery) and the Microsoft and Google APIs (accessed with the client's authorization).
International transfers
Some sub-processors may process data outside the European Economic Area (e.g. in the US). In such cases adequate safeguards apply, such as the European Commission's Standard Contractual Clauses.
Automated decisions and AI
Reports are generated with AI assistance but support human decision-making; we make no automated decisions with legal effects on individuals. Data sent to the AI is limited to security metadata.
Retention and security
We keep data only as long as necessary for the purposes and legal obligations. Credentials are held in an encrypted vault, each organisation is isolated from the others (Row Level Security) and we apply least privilege.
Your rights
You have the right to access, rectify, erase, restrict and object to processing, to data portability and to withdraw consent. To exercise them, contact us. You may also complain to the supervisory authority.
Children
The service is intended for businesses and is not directed at minors.