Privacy Policy

Personal Data: Information related to an identified or identifiable natural person, such as name, email, CPF (Brazilian tax ID), among others.

Data Subject: The natural person to whom the personal data being processed refers.

Controller: Mupi Systems, responsible for decisions regarding the processing of personal data.

Processor: A natural or legal person who processes personal data on behalf of the controller.

Processing: Any operation performed with personal data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, deletion, evaluation, or information control.

DPO (Data Protection Officer): The person designated by the controller to act as a communication channel between the controller, data subjects, and Brazil's National Data Protection Authority (ANPD).

Registration data: Name, email, company, phone number, and job title provided at the time of registration.

Usage data: Information about how the User uses the Platform, including pages accessed, features used, access times, and IP address.

Payment data: Billing information processed by third-party payment providers. Textualiza does not store full credit card data.

Uploaded documents: Documents submitted for processing are used exclusively for service delivery and are not used for any other purpose.

Communication data: Messages sent through the contact form, emails, and support interactions.

The processing of personal data by Textualiza is based on the following legal grounds under the LGPD:

• Contract performance: To deliver the Services contracted by the User (Art. 7, V).
• Consent: For sending marketing communications and newsletters (Art. 7, I).
• Legitimate interest: To improve the Services, platform security, and fraud prevention (Art. 7, IX).
• Legal obligation: To comply with legal and regulatory requirements (Art. 7, II).

Textualiza may share personal data with:

• Service providers: Companies that assist in Platform operations (hosting, payments, analytics), under confidentiality agreements.
• AI providers: For document processing, with anonymization measures where applicable.
• Authorities: When required by law, regulation, or court order.

Textualiza does not sell, rent, or trade the personal data of its Users.

Personal data is stored on secure servers located in Brazil and/or in internationally certified data centers.

Data is retained for as long as necessary to fulfill the purposes for which it was collected, including legal, contractual, and regulatory obligations.

Documents submitted for processing are automatically deleted after the period configured by the User (default: 30 days).

After account closure, personal data will be deleted within 30 days, except where legally required to be retained.

Textualiza adopts technical and organizational measures to protect personal data, including:

• Encryption of data in transit (TLS/SSL) and at rest (AES-256)
• Role-based access control (RBAC)
• Continuous security monitoring and intrusion detection
• Regular encrypted backups
• Periodic security and vulnerability testing
• Staff training in information security

In compliance with the LGPD, the Data Subject has the following rights:

• Confirmation and access: Confirm the existence of processing and access their data.
• Correction: Request correction of incomplete, inaccurate, or outdated data.
• Anonymization, blocking, or deletion: Request anonymization, blocking, or deletion of unnecessary or excessive data.
• Portability: Request data portability to another provider.
• Deletion: Request deletion of data processed with consent.
• Information: Be informed about the entities with which data has been shared.
• Consent revocation: Revoke consent at any time.
• Objection: Object to processing based on a legal ground other than consent, in cases of non-compliance with the LGPD.

To exercise your rights, contact our DPO at the email address listed below.

Textualiza uses cookies and similar technologies for:

• Essential cookies: Necessary for the Platform to function (authentication, security).
• Performance cookies: To analyze how the Platform is used and improve the experience.
• Marketing cookies: To personalize communications and measure campaign effectiveness (with consent).

Users can manage their cookie preferences through the consent panel displayed when accessing the Platform.