Skip to content

Legal

Privacy Policy

Last updated: June 12, 2026

This Privacy Policy describes how Social Brand collects, uses, stores, and protects the personal data of visitors to socialbrand.io and of those who reach us through the channels available on it, in compliance with Brazil's General Data Protection Law — LGPD (Law No. 13,709/2018) and the Brazilian Internet Civil Framework (Law No. 12,965/2014).

1. Who we are

Social Brand is a corporate communications agency headquartered in Belo Horizonte, Minas Gerais, Brazil. For the purposes of the LGPD, Social Brand acts as the controller of the personal data processed through this website — that is, the party that decides on the purposes and means of processing.

If you have questions about this policy or about how your data is processed, contact us at contato@socialbrand.io.

2. What data we collect

We collect only the data you provide directly through the website's forms and the technical records required for its operation:

  • Contact form — name, email, company, role, phone (optional), area of interest, and message.
  • Newsletter — email address.
  • Open application (Careers) — name, email, LinkedIn profile, and introduction text.
  • Access logs — IP address, date and time, and browser identifiers, collected automatically by the hosting infrastructure to keep the website secure and operational, as required by Article 15 of the Brazilian Internet Civil Framework.

We do not collect sensitive personal data (such as racial origin, religious belief, political opinion, or health data) and we do not make automated decisions that produce legal effects concerning you. Browsing the website does not require registration.

3. How we use the data

The data collected is used exclusively to:

  • Respond to your contact request and schedule conversations about our services.
  • Send the automatic confirmation that your message was received.
  • Send the newsletter with content on corporate communications, when you subscribe.
  • Review open applications and follow up in potential hiring processes.
  • Keep the website secure, prevent fraud and abuse (such as spam), and comply with legal obligations.

We do not sell personal data, nor do we use it for purposes incompatible with those described above.

4. Legal bases for processing

All personal data processing carried out through the website relies on one of the legal bases set out in Article 7 of the LGPD:

  • Preliminary contractual procedures (Art. 7, V) — when you fill out the contact form to discuss our services.
  • Consent (Art. 7, I) — when you subscribe to the newsletter or submit an open application. Consent may be withdrawn at any time.
  • Legitimate interest (Art. 7, IX) — for website security, spam prevention, and the improvement of our channels, always within the limits of your reasonable expectations.
  • Compliance with a legal obligation (Art. 7, II) — such as retaining access logs for 6 months, as required by the Brazilian Internet Civil Framework.

5. Cookies

The website does not use tracking, advertising, or audience-measurement cookies, nor analytics tools that identify individual visitors. No first-party cookies are set by the website while you browse.

If this changes — for example, with the adoption of a metrics tool — this policy will be updated and, where required by law, your consent will be requested through a specific notice, in line with the guidance on cookies issued by Brazil's National Data Protection Authority (ANPD).

6. Sharing and processors

Your data is not sold or shared with third parties for marketing purposes. To operate the website, we rely on service providers — processors, as defined by the LGPD — that process data on our behalf and under our instructions:

  • Vercel (website hosting) — processes technical access logs.
  • Resend (email delivery) — processes form data to deliver messages and manage the newsletter list.

We may also share data when necessary to comply with a legal or regulatory obligation or with an order from a competent authority.

7. International data transfers

The providers listed above store data on servers located outside Brazil, particularly in the United States. These transfers comply with Article 33 of the LGPD and are supported by adequate contractual safeguards undertaken by the providers themselves in their terms and data protection addenda.

8. Retention and deletion

  • Contact messages and applications — kept for as long as necessary to handle your request and, afterward, for a period compatible with applicable legal obligations or the regular exercise of rights.
  • Newsletter — your email remains on the list until you unsubscribe, which can be done through the opt-out link included in every email sent.
  • Access logs — retained for 6 months, as required by Article 15 of the Brazilian Internet Civil Framework.

Once the purpose of processing has been fulfilled, the data is deleted or anonymized, except where retention is required by law.

9. Your rights as a data subject

Article 18 of the LGPD entitles you, at any time and upon request, to:

  • Confirmation that your data is being processed.
  • Access to the data we hold about you.
  • Correction of incomplete, inaccurate, or outdated data.
  • Anonymization, blocking, or deletion of data that is unnecessary, excessive, or processed in violation of the law.
  • Portability of your data to another service provider, subject to ANPD regulations.
  • Deletion of data processed on the basis of your consent.
  • Information about the public and private entities with which we share your data.
  • Information about the option of not providing consent and the consequences of refusal.
  • Withdrawal of consent, at any time and free of charge.

10. How to exercise your rights

Send your request to contato@socialbrand.io, indicating the right you wish to exercise. We will respond within the timeframes set by the LGPD and may request additional information to confirm your identity, as a security measure. This same channel serves as the point of contact with our data protection officer (Article 41 of the LGPD).

If you believe your rights have not been honored, you may also file a petition with Brazil's National Data Protection Authority (ANPD) at www.gov.br/anpd.

11. Information security

We adopt technical and administrative measures designed to protect personal data from unauthorized access and from accidental or unlawful destruction, loss, alteration, communication, or dissemination (Article 46 of the LGPD) — including encryption in transit (HTTPS/TLS), restricted access to the mailboxes and tools that process data, minimal data collection, and anti-spam mechanisms on the forms.

No system is absolutely secure. In the event of a security incident that may create relevant risk or harm, we will notify the affected data subjects and the ANPD, as required by law.

12. Children and adolescents

Social Brand's website and services are aimed at a professional audience and are not intended for anyone under 18 years of age. We do not knowingly collect data from children or adolescents; if we identify such records, they will be deleted.

13. Changes to this policy

This policy may be updated to reflect changes to the website, our services, or the law. The current version will always be available on this page, with the update date indicated at the top. Relevant changes will be highlighted and, where required by law, communicated directly or submitted for renewed consent.

14. Governing law

This policy is governed by the laws of the Federative Republic of Brazil, in particular the LGPD (Law No. 13,709/2018), the Brazilian Internet Civil Framework (Law No. 12,965/2014), and, where applicable, the Consumer Protection Code (Law No. 8,078/1990).