LGPD and transparency

Privacy Policy — Crevity

Crevity ("Crevity", "we") respects your privacy. This Policy explains how we collect, use, and protect personal data when you use our digital invitation and HTML email signature services.

Last updated: [DATE]

1. Who controls the data (Controller)

Controller: [COMPANY/RESPONSIBLE NAME]

Tax ID: [CNPJ/CPF]

Contact email (DPO/privacy): [EMAIL_PRIVACIDADE]

City/State: [CITY/STATE]

2. What data we collect

We collect data minimally, only to deliver the Services.

2.1. Data provided by you

  • Invitation data: names, date, time, location, message, theme/template chosen, and other fields you fill in.
  • Signature data: name, title, company, phone, email, links and information you provide.

Important: avoid entering sensitive data (e.g., health, religion, biometrics) in the fields. The Services are not designed to handle such data.

2.2. Data collected automatically

  • Technical information: IP, browser type, operating system, language, pages accessed, and basic usage events.
  • Cookies/similar technologies: for operation, security, and performance analysis.

3. How we use your data (purposes)

  • Perform the service (generate invitation image and HTML signature).
  • Improve performance and experience (e.g., fix errors, understand aggregated usage).
  • Security and abuse prevention (fraud, spam, malicious automation).
  • Support and customer service when you contact us.

4. Legal bases (LGPD)

  • Performance of contract (provide the requested Service).
  • Legitimate interest (security, product improvement, aggregated analytics).
  • Consent, when applicable (e.g., non-essential cookies, if used).

5. Data sharing

  • Infrastructure providers (hosting, CDN, logs, monitoring) strictly to operate the Services.
  • Analytics tools (if enabled) for aggregated metrics.
  • Authorities when required by law.

We do not sell your data.

6. Storage and retention

  • Content you enter may be processed to generate the result (image/HTML).
  • Standard retention: [EX.: "we store up to 30 days to allow re-edit/recovery"] or "we do not store; processing happens and the user downloads the file".
  • Technical logs may be kept for [EX.: 90 days] for security and diagnostics.

Adjust this section to reflect what you actually do in the backend (it is the most important part to avoid inconsistencies).

7. Cookies

  • Essential: required for operation and security.
  • Analytics (optional): to understand site usage (if applicable).

You can manage cookies in your browser. If you use analytics with consent, show a consent banner.

8. Security

We adopt technical and organizational measures to protect data, such as HTTPS, access controls, environment segregation, security logs, and secure development practices.

No system is 100% secure, but we work to reduce risks continuously.

9. Data subject rights

  • Confirmation and access
  • Correction
  • Deletion (when applicable)
  • Portability (when applicable)
  • Information about sharing
  • Withdrawal of consent (when the basis is consent)

To exercise rights, contact: [EMAIL_PRIVACIDADE].

10. Third-party content and links

The site may contain links to third parties. We do not control those sites' policies.

11. Changes to this policy

We may update this Policy. The "Last updated" date will be revised.