PRIVACY POLICY
Last updated: December 1, 2025
Hashdata values the privacy and protection of the personal data of its users, clients, and partners. This Privacy Policy explains, transparently, how we collect, use, store, and protect personal data, in accordance with the General Data Protection Law (Law No. 13.709/2018 – LGPD).
1. Who we are
Hashdata is a data collection, analysis, and management platform, accessible through the website www.hashdata.app and the Hashdata App, available on Android and iOS. For the purposes of the LGPD, Hashdata may act as:
Data controller, when it processes data from its own users; and
Data processor, when it processes personal data on behalf of its clients.
2. What personal data do we collect?
We may collect the following data, depending on the use of the platform:
2.1 Registration data
Name
Profile picture (when provided)
Language and usage preferences
2.2 Automatically collected data
IP address
Browser and device type
Access logs
Date and time of use
2.3 Data entered by customers
Personal data entered by customers on the platform (e.g., responses to forms, surveys, or evaluations) is processed under the responsibility of the controlling customer.
3. What we use the data for (purposes)
Personal data is used to:
Allow access to and use of the platform
Authenticate users
Operate, maintain and improve services
Ensure security, fraud prevention and audits
Comply with legal and regulatory obligations
Respond to requests from data subjects
4. Legal bases for processing
The processing of personal data is carried out based on:
Execution of a contract or preliminary procedures
Consent of the data subject, when applicable
Compliance with a legal or regulatory obligation
Legitimate interest, when permitted by the LGPD (Brazilian General Data Protection Law) and assessed proportionally
5. Data sharing
Hashdata does not sell personal data.
Data may only be shared:
With suppliers and technology partners, strictly for the provision of the service
When required by law, court order or competent authority
All third parties are bound by contractual obligations of confidentiality and security.
6. International Data Transfer
If international data transfer occurs, it will only happen:
To countries with an adequate level of protection, or
Through contractual clauses and mechanisms permitted by the LGPD (Brazilian General Data Protection Law)
7. How we protect data
We adopt appropriate technical and administrative measures, including:
Data encryption in transit and at rest
Profile-based access control
Audit logs
Security monitoring
Best practices in information security
8. Data Retention and Deletion
Personal data is kept:
For the time necessary to fulfill the stated purposes
For the duration of the contractual relationship
For the period required by law, when applicable
After this period, the data is securely deleted or anonymized.
9. Data Subject Rights
Under the LGPD (Brazilian General Data Protection Law), the data subject may request:
Confirmation of the existence of processing
Access to data
Correction of incomplete or outdated data
Anonymization, blocking, or deletion
Portability, when applicable
Revocation of consent
Requests can be made through the channel indicated below.
10. Security Incidents
In the event of a security incident that may pose a significant risk or harm to data subjects, Hashdata will:
Adopt immediate containment measures
Assess the impact
Notify clients, data subjects, and the National Data Protection Authority (ANPD), when required by the LGPD (Brazilian General Data Protection Law)
11. Data Protection Officer (DPO)
To exercise your rights or clarify any doubts about this Policy, please contact our Data Protection Officer:
📧 Email: LGPD@hashdata.app
📍 Company: Hashdata
12. Updates to this Policy
This Policy may be updated at any time. The most recent version will always be available on our websites, indicating the date of the last update.