Privacy Policy
How Bouzr handles your personal data, compliant with LGPD and US practices.
Last updated: May 27, 2026
1.Who we are (Controller)
Bouzr is operated by Bouzr (em elaboração). We are the controller of personal data processed on this platform.
Data Protection Officer (DPO): privacidade@bouzr.com.
2.Data we collect
We collect only what is needed to operate the service:
- Account data: name, email and password (stored hashed, never in plain text).
- Usage data: campaigns, tasks, workspaces and settings you create on the platform.
- Lead data (Miner module): public business information (name, address, phone and institutional email, social profiles) obtained from open sources.
- Technical data: IP address, browser type, and session/analytics cookies.
We do not store credit card data. Payments are processed externally via Stripe.
3.Legal bases and purposes
We process personal data based on (LGPD Art. 7):
- Contract performance — to provide the service you signed up for.
- Consent — for marketing communications (revocable anytime).
- Legitimate interest — for security, fraud prevention and product improvement.
- Legal obligation — when required by law.
4.Who we share with (Subprocessors)
We use trusted service providers to operate the platform. Each processes data only per our instructions and their own privacy policies:
- Cloud database and authentication providers (US servers).
- Cloud application hosting providers (US servers).
- Transactional email delivery providers.
- Google — Places API (public business search), OAuth (authentication) and Analytics (anonymous usage statistics).
- Stripe — payment processing. We do not store card data — everything is handled directly by Stripe.
We never sell your personal data to third parties.
5.International transfer
Some data is stored on servers located in the United States, through our cloud infrastructure providers. We ensure these transfers follow adequate safeguards per LGPD (Art. 33) and contractual clauses with providers.
6.Miner module and business data
The Miner collects only public business data (available on Google Places and the company's own institutional website). We do not collect protected personal data without legal basis. When using leads for commercial outreach (cold email), you are responsible for including a clear opt-out and complying with applicable anti-spam laws (LGPD, US CAN-SPAM, GDPR where applicable).
7.Cookies
We use essential cookies (session/authentication) and analytics cookies (Google Analytics) to understand usage and improve the platform. You can block non-essential cookies in your browser settings.
8.Your rights
Under LGPD (Art. 18) and US privacy practices, you may:
- Access your data and know how it is processed.
- Correct incomplete or outdated data.
- Request deletion of your data.
- Request portability (export your data).
- Withdraw consent at any time.
- Opt out of marketing communications.
To exercise any right, email privacidade@bouzr.com. We respond within 15 days.
9.Retention and deletion
We keep your data while your account is active. After cancellation, we retain data for up to 30 days (for possible recovery), then delete or anonymize it, unless legally required to retain.
10.Security
We apply technical and organizational measures: encrypted passwords, encryption in transit (HTTPS), per-client data isolation, role-based access control, and rate limiting against abuse. No system is 100% secure, but we continuously work to protect your data.
11.Minors' data
Bouzr is intended for businesses and professionals. It is not directed at anyone under 18, and we do not knowingly collect minors' data.
12.Changes
We may update this policy. Material changes will be communicated by email or in-app notice. The "last updated" date at the top reflects the current version.
13.Contact
Privacy questions: privacidade@bouzr.com. General support: suporte@bouzr.com.