DataVigiaBack

Privacy Policy

Last updated: July 2026

Data controller

DataVigia is the controller for data collected through this portal. For any privacy matter, contact mnunes.maciel@gmail.com.

What data we process

Account data (name, email), billing data, contact form data, training campaign results (who interacted with tests) and security metadata from connected platforms (permissions, configurations, access logs). We do NOT access clients' file contents.

Purposes and legal basis

We process data to provide the service (contract performance), for billing (contractual and legal obligation), for security and fraud prevention (legitimate interest) and to answer enquiries (consent). You may withdraw consent at any time.

Sub-processors

We use sub-processors bound by data processing agreements (DPAs): Supabase (database and hosting), Vercel (app hosting), Anthropic (AI reports), Resend (email delivery) and the Microsoft and Google APIs (accessed with the client's authorization).

International transfers

Some sub-processors may process data outside the European Economic Area (e.g. in the US). In such cases adequate safeguards apply, such as the European Commission's Standard Contractual Clauses.

Automated decisions and AI

Reports are generated with AI assistance but support human decision-making; we make no automated decisions with legal effects on individuals. Data sent to the AI is limited to security metadata.

Retention and security

We keep data only as long as necessary for the purposes and legal obligations. Credentials are held in an encrypted vault, each organisation is isolated from the others (Row Level Security) and we apply least privilege.

Your rights

You have the right to access, rectify, erase, restrict and object to processing, to data portability and to withdraw consent. To exercise them, contact us. You may also complain to the supervisory authority.

Children

The service is intended for businesses and is not directed at minors.