ConhecerTe

Privacy Policy

Last updated: April 25, 2026 · Version 1.0

Plain-language summary (TL;DR)

  • Your personality data is sensitive under Brazilian data-protection law (LGPD). We treat it accordingly.
  • We never sell your data to third parties. Period.
  • We use your data only to generate your report and run the service. Not for invasive marketing, not to train competing AI models, not for anything you wouldn't expect.
  • You can request deletion of everything any time, by email.
  • We rely on trusted third-party processors (Supabase, Stripe, Anthropic, Resend, eNotas) with Data Processing Agreements in place.

The full version below provides each point with the formality required by LGPD.

1. Data controller

The controller of your personal data is:

Ibrae Gestão Empresarial Ltda
Brazilian Tax ID (CNPJ) 63.569.836/0001-21
Email: archanjo@eqti.com.br

Data Protection Officer (DPO):
Email: privacidade@conhecerte.com.br

2. What we collect

2.1 Account data (simple personal data)

  • Full name (or preferred name)
  • Email
  • Password (hashed, never stored in clear text)
  • Tax ID (CPF or CNPJ — for invoicing only, Brazilian customers)
  • Preferred language
  • Timezone
  • Account creation date

2.2 Personality data (sensitive data — LGPD Art. 5, II)

  • Your answers to the questionnaire items
  • Calculated scores (DISC, Jung, Values)
  • The report and USER.md generated from those scores
  • Optional context you provide about profession, family, faith, etc.

2.3 Transactional data

  • Purchase history (amount, date, product)
  • Stripe session ID, Payment Intent ID
  • Payment status
  • Invoice data

Important: we never store full credit card numbers. That is managed exclusively by Stripe, PCI DSS Level 1 certified.

2.4 Usage data

  • Pages visited on the site
  • IP address and browser agent (technical logs)
  • Errors and diagnostics (structured logs)

For product purposes, this data is pseudonymized whenever possible.

3. How we collect

  • Directly, when you fill forms, answer the questionnaire, or create an account.
  • Automatically, via essential cookies as you browse (details in section 10).
  • Via integration, when you pay — we receive from Stripe only the minimum data needed to issue the invoice and confirm the purchase.

4. Purposes and legal basis

We process your data with the following purposes and legal bases (LGPD Art. 7 and Art. 11):

PurposeLegal basis
Create and maintain your accountContract execution (Art. 7, V)
Process payments and issue invoicesContract execution + legal obligation (Art. 7, II)
Generate the report and USER.mdContract execution + specific consent for sensitive data (Art. 11, I)
Send transactional emailsContract execution
Comply with tax obligationsLegal obligation
Defend rights in legal proceedingsRegular exercise of rights (Art. 7, VI)

We do NOT use your personality data for:

  • Invasive marketing;
  • AI model training (ours or anyone else's);
  • Ad targeting;
  • Sale to data brokers;
  • Sharing with HR firms, insurers, health plans, or similar.

5. Who we share with

We share data only with processors necessary for the service to operate, all under Data Processing Agreements:

ProcessorPurposeData sharedCountry
SupabaseSecure storageAccount + answers + scores + reportsUS (DPA)
StripePayment processingAccount + tax dataUS (SCC)
AnthropicReport generation via AIOnly scores + preferred name + optional context. We never send raw questionnaire answers.US (DPA)
ResendTransactional email deliveryName + email + email contentUS
eNotasInvoice issuanceName + Tax ID + purchase dataBrazil
VercelWebsite hostingTechnical logsUS (DPA)

International transfers: when they occur, they are based on Standard Contractual Clauses and LGPD Art. 33.

6. How long we keep data

Data typeRetention period
Account dataWhile the account is active + 5 years after deletion (tax obligation)
Personality data (sensitive)While the account is active. Deleted within 30 days of account deletion request
Transactional and tax data5 years (Brazilian tax obligation)
Technical logs90 days
Backupsup to 90 days after primary data is deleted

7. Your rights (LGPD Art. 18)

You have the right to, at any time:

  1. Confirm the existence of processing of your data;
  2. Access your data;
  3. Correct incomplete, inaccurate, or outdated data;
  4. Anonymize, block, or delete unnecessary data or data processed in non-compliance;
  5. Port your data to another provider;
  6. Delete personal data processed with your consent;
  7. Be informed about with whom we share your data;
  8. Be informed about the possibility of withholding consent and its consequences;
  9. Revoke consent at any time;
  10. Petition the Brazilian Data Protection Authority (ANPD).

How to exercise your rights

Send a request to privacidade@conhecerte.com.br. We respond within 15 days.

Deletion is effective: we remove your account, answers, scores, reports, and USER.md from our production systems within 30 days. Backups are overwritten within 90 days.

8. How we protect your data

  • Encryption at rest (all data stored in Supabase is encrypted).
  • Encryption in transit (HTTPS/TLS 1.3 on all communications).
  • Role-based access control (RBAC) and Row Level Security.
  • Segregation between development, staging, and production data.
  • Passwords stored only in hashed form (bcrypt).
  • Internal access restricted to authorized staff under NDA.

9. Security incident

If a security incident involving your data occurs, we will comply with LGPD Art. 48:

  1. Notify ANPD within the legal deadline;
  2. Notify you by email within 72 hours of becoming aware of the incident, including: description of affected data, measures taken, and guidance for your protection.

10. Cookies and similar technologies

We use:

  • Essential cookies (authentication, session, security) — cannot be removed.
  • Functional cookies (language preference) — removable in browser settings.

We do not use:

  • Third-party advertising cookies;
  • Social network tracking pixels;
  • Device fingerprinting.

11. Children and adolescents

ConhecerTe is not intended for users under 18. We do not knowingly collect data from minors. If we identify a minor's account, we delete it immediately. If you are a legal guardian and think your child used the service, contact privacidade@conhecerte.com.br.

12. Changes to this Policy

We may update this Policy at any time. Material changes will be:

  1. Communicated by email to active users;
  2. Flagged at the top of this page with the new date;
  3. Recorded in a public history (starting from version 1.1).

13. Contact

Data Protection Officer (DPO):
privacidade@conhecerte.com.br

General support:
archanjo@eqti.com.br

Brazilian Data Protection Authority (ANPD):
If you are not satisfied with how we handle your data, you have the right to file a complaint directly with ANPD at gov.br/anpd.

Back to Terms of Use