Privacy Policy

Hello! Welcome!

This platform and all its content (“PLATFORM”) is managed and operated by LEGITIMUZ TECNOLOGIA LTDA., registered under CNPJ/ME nº 52.178.446/0001-04, headquartered at Alameda Rio Negro, nº 500, 5th floor – Tower B, Room 501 to 508, Alphaville, Barueri/SP, ZIP code 06454-000, and contact via email [email protected].

LEGITIMUZ provides identity verification services. As your privacy is very important, this Privacy Notice explains how we handle your personal data: collection, use, sharing, storage, and protection.

⚠️ Your acknowledgment and acceptance of this Privacy Notice are essential to proceed with the verification of your identity. If you do not agree, please do not provide your data.

Definitions

• CLIENT: Legal entity that contracts and uses LEGITIMUZ solutions.
• END CLIENT (You): Natural person, legally capable, who uses the services of the CLIENT of LEGITIMUZ, and whose personal data are processed by LEGITIMUZ on behalf of the CLIENT.
• DATA PROCESSING: Any operation performed with personal data (collection, use, transmission, storage, etc.).
• CONTROLLER: The CLIENT, responsible for decisions regarding processing.
• PROCESSOR: LEGITIMUZ, which processes data on behalf of the controller.

1. What personal data do we collect?

LEGITIMUZ collects the minimum necessary personal data to perform identity verification services.

Purposes and data collected:

• Service execution and platform access
  • Data: Name, ID (RG), CPF, parental information, date of birth, photograph, and video recording for proof of life.
  • Legal basis: Contract execution / Fraud prevention / Compliance with legal obligation.
• Service improvement and statistical analysis
  • Data: Name, ID (RG), CPF, parental information, date of birth.
  • Legal basis: Contract execution.

2. With whom do we share your data?

• Partners and suppliers: to enable services (e.g., data hosting, servers, email providers).
• LEGITIMUZ clients: when you are already registered on another client’s platform, to facilitate authentication.
• Financial institutions/partners: risk analysis, regulatory compliance, or fraud prevention.
• Authorities and legal entities: to comply with legal obligations or court orders.

Whenever possible, data will be anonymized, and sharing occurs only to the strict extent necessary.

3. How do we protect your data?

• Adoption of technical, administrative, and organizational security measures.
• Access control with logins and passwords.
• Logging of access records.
• Regular backups.
• Encryption techniques.
• Restricted access only to authorized individuals, under an absolute duty of confidentiality.

4. What are your rights?

• Existence and access: confirm whether processing occurs and obtain a copy of your data.
• Rectification: correct incorrect or outdated data.
• Explanation: obtain details on collection, use, and sharing.
• Deletion: request permanent deletion, anonymization, or blocking of data.
• Objection: object to specific processing or withdraw consent.
• Portability: request transfer of your data to another controller.
• Review of automated decisions: you may request reviews, though LEGITIMUZ does not make automated decisions.

📩 To exercise your rights: [email protected]

5. International data transfer

Your data may be transferred to servers abroad or to international LEGITIMUZ clients, always in compliance with applicable laws.

6. Data retention period

Data is stored for as long as necessary for the purposes described in this Privacy Notice or until you exercise your rights (objection, cancellation, etc.).
They may be retained after this period to:

• Comply with legal and regulatory obligations.
• Safeguard LEGITIMUZ’s rights.
• Fulfill court orders or authority requests.

7. Changes to this Privacy Notice

LEGITIMUZ may modify this notice whenever there are changes in data processing.
👉 The date of the last update will always be indicated at the beginning of the document.

8. Contact

Data Protection Officer (DPO):
📧 Thomas Hannickel – [email protected]