Legal document

Privacy Policy

Version 1.0. Effective as of July 4, 2026.

This Policy explains how Donnu A/B processes personal data. It is part of the Terms of Use and should be read together with the Cookie Policy.

1. Controller

The controller of personal data processed in the account relationship is DONNU LTDA, CNPJ 65.082.197/0001-09, with its head office at Rua Lorena, 649, Loja Parte, Padre Eustaquio, Belo Horizonte/MG, Brazil, ZIP 30.730-170.

2. Roles: controller and processor

It is important to distinguish two contexts:

3. Data we process

3.1. Account holders

3.2. Visitors of customers' sites (Donnu as processor)

We do not perform fingerprinting, we do not track Visitors across different sites, and we do not intentionally collect sensitive personal data.

4. Purposes and legal bases

5. Sharing

We do not sell personal data. We may share data with:

6. International transfer

We aim to keep processing on infrastructure located in Brazil whenever possible. When a sub-processor is located abroad, we will adopt the safeguards required by applicable law for the international transfer of data.

7. Retention

We keep data for as long as necessary for the purposes of this Policy and the contractual relationship, and for the periods required by law. Once the relationship ends, data may be deleted or anonymized after a reasonable period, except where the law requires retention.

8. Security

We adopt appropriate technical and organizational measures, such as per-account data isolation (row-level security), access control, credential encryption, and transmission over a secure connection, along with audits and security testing. No system, however, is completely immune to incidents, and we cannot guarantee absolute security.

9. Your rights

Under the LGPD, you may request: confirmation that processing exists; access to your data; correction of incomplete, inaccurate, or outdated data; anonymization, blocking, or deletion of unnecessary data or data processed unlawfully; portability; information about sharing; and withdrawal of consent. To exercise these rights, use the contact in Section 13. Visitor requests relating to customers' sites should be directed to the respective customer, in its capacity as controller.

10. Cookies

The use of cookies and similar technologies is detailed in the Cookie Policy.

11. Minors

The platform is intended for professional use by people 18 or older and is not directed to minors. We do not intentionally collect data from children or adolescents.

12. Changes

This Policy may be updated at any time. Material changes will be communicated by reasonable means before they take effect. The version in force will always be available on the platform, with its date.

13. Data protection officer and contact

To exercise your rights or raise privacy matters, contact our data protection officer (DPO) at marco@donnu.com.br.

DONNU LTDA
CNPJ 65.082.197/0001-09
Rua Lorena, 649, Loja Parte, Padre Eustaquio, Belo Horizonte/MG, Brazil, ZIP 30.730-170
Privacy: marco@donnu.com.br