Skip to content
ConsoliDados
PT

Privacy Policy

How ConsoliDados collects, uses, stores, and protects personal data, in compliance with LGPD and GDPR.

1. Who the controller is

ConsoliDados, under the responsibility of Johnny Carreiro (Mogi Guaçu/SP, Brazil), is the controller of the personal data processed through this site and our contact channels. For privacy matters, write to contact@johnnycarreiro.com.

2. What data we collect

  • Data you provide: name, email, phone/WhatsApp, and the content of messages you send via form, email, or scheduling.
  • Browsing data: aggregated site usage metrics, collected with a privacy-first analytics tool that does not build an identifiable individual profile.
  • Minimal technical data: IP address and device/browser type, used for security and operational diagnostics.

We do not voluntarily collect sensitive data categories. Please do not include sensitive data (health, third-party financial data, trade secrets under NDA) in open forms — that kind of information is handled through dedicated channels, under a specific agreement.

3. What we use the data for

  • Responding to contacts, proposals, and estimates.
  • Conducting and delivering contracted engagements (Discovery, projects, support).
  • Meeting legal, contractual, and tax obligations.
  • Improving the site based on aggregated metrics.

We do not sell personal data and do not use it for third-party advertising.

4. Legal basis

Processing relies on: performance of a contract or pre-contractual steps at your request; compliance with a legal obligation; and legitimate interest for commercial communication and security, where your rights do not override it. Where required, we request specific consent.

5. Sharing

We share data only with processors strictly necessary to deliver the service (for example, email, scheduling, and hosting providers), under contractual confidentiality and security obligations. For projects under NDA, we apply additional protocols agreed with the client, including dedicated infrastructure when required.

6. International transfer

Because we serve clients in Brazil and the United States, some processors may process data outside the country of origin. In those cases, we require safeguards compatible with LGPD and GDPR.

7. Retention

We keep data for as long as necessary for the purposes above and for legal obligations. Commercial contact data that does not evolve into a project is periodically deleted or anonymized.

8. Your rights

Under LGPD and GDPR, you may request: confirmation of processing, access, correction, anonymization, portability, erasure, and withdrawal of consent. To exercise them, write to contact@johnnycarreiro.com — we respond within the legal deadlines.

9. Security

We apply reasonable technical and organizational measures: restricted access, encryption in transit, and the data minimization principle. No system is absolutely immune, but we treat security as an engineering requirement, not a checklist item.

10. Cookies

We use the minimum necessary for the site to function. The analytics tool we use does not rely on individual tracking cookies. You can block cookies in your browser without losing essential functionality.

11. Changes

This policy may be updated. The version in force is always the one published on this page, with the date of the last revision.

Last revised: May 2026.