Privacy Policy

1. PARTIES

1. Didata Tecnologia Ltda., a private legal entity registered under CNPJ no. 60.643.880/0001-46, headquartered in Belo Horizonte, Minas Gerais, hereinafter referred to as "Didata" or the "Platform";
2. User, an individual over 18 years old or a minor represented by a legal guardian, duly registered on the Platform.

2. PURPOSE

This Policy describes how Didata collects, uses, stores, shares, and protects personal data when the User accesses the educational digital application that uses Artificial Intelligence resources to generate study content and automatically evaluate activities.

3. Personal Data Collected

Note: The Platform is not intended for minors under 18 without consent from legal guardians. Irregular accounts may be blocked.

4. Purposes of Processing

1. Create and manage the User account and authenticate access;
2. Generate personalized educational content and evaluate activities with AI;
3. Monitor performance, analyze learning metrics, and improve features;
4. Comply with legal and regulatory obligations;
5. Send institutional communications, satisfaction surveys, and marketing campaigns, always with opt-out;
6. Prevent fraud and maintain information security.

5. Legal Bases (LGPD, art. 7)

6. Data Sharing

Didata does not sell personal data or share it for third-party marketing without specific consent.

• Data processors (hosting, transactional email, analytics) bound by contracts with confidentiality and security clauses;
• Public authorities when required by court order or legal obligation;
• International transfers only to countries with an adequate level of protection or under standard contractual clauses.

7. Cookies and Tracking Technologies

The Platform uses essential, analytics, and functional cookies. The User may configure the browser to block non-essential cookies, understanding that some features may become unavailable.

8. Data Subject Rights

1. Confirm the existence of processing;
2. Access personal data;
3. Correct incomplete, inaccurate, or outdated data;
4. Request anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed data;
5. Request portability to another service provider;
6. Withdraw consent and request deletion of data processed on that basis;
7. Obtain information about the entities with which Didata shared data.

9. Information Security

Didata adopts technical and administrative measures proportionate to the risk, including encryption of data in transit and at rest, access control with strong authentication, continuous vulnerability monitoring, periodic backups, and incident response procedures, with notice to the ANPD and data subjects when required.

10. Retention and Deletion

Data is stored for as long as necessary to fulfill the purposes described above or comply with legal obligations. After the relationship ends or the legal term expires, data is deleted or anonymized.

11. Marketing Communications

Promotional messages may be sent based on legitimate interest or consent, always including an opt-out mechanism. Withdrawal does not affect essential transactional messages, such as password reset emails.

12. Support Channel

Questions or requests should be sent to contato@didata.ai.

13. Changes to this Policy

Didata may update this Policy at any time. Material changes will be communicated through the registered email or a notice on the Platform. Continued use after publication implies acceptance.

14. Governing Law and Venue

This Policy is governed by the laws of the Federative Republic of Brazil, especially the LGPD and the Brazilian Internet Civil Framework. The courts of Belo Horizonte, Minas Gerais, are elected to settle disputes.