Skip to content

Privacy Policy

Effective July 2, 2026. English.

1. Data controller

Filtro Digital ("we", "controller") is responsible for processing your personal data. To exercise your rights or ask questions, write to privacy@filtrodigital.com.br (our Data Protection Officer / DPO).

2. Data we collect

Identity and access data: email address, authentication provider (e.g., email/password, OAuth), session hash, locale, and theme preferences.

Value profile: the weights you assign to the 14 evaluation axes (e.g., identity politics, faith, family, artistic merit) make up your value profile, used to compute personalized fit with works. IMPORTANT: this profile reveals ideological, moral, and/or religious convictions and is treated as SENSITIVE personal data under LGPD art. 5(II) (Brazilian Law 13.709/2018) and GDPR art. 9 (EU) — see the legal bases below.

User-generated content: reviews, votes, scene quotes, comments, and club/guide posts.

Payment data (billing): payments are processed by Stripe; we receive only minimal indicators (subscription status, dates, amounts) — never the full card number, which stays at Stripe.

Technical and usage data: IP address (for security, rate-limiting, fraud prevention), User-Agent, anonymous/aggregate usage events (PostHog), authenticated-session data (httpOnly cookies), and access logs as permitted by law.

Work metadata and aggregate scores are not personal data; your per-user interaction with works (votes) is linked to your account while it exists.

3. Legal bases (LGPD / GDPR)

Contract performance and pre-contractual steps (LGPD art. 7(V) / GDPR art. 6(1)(b)): creating your account, showing personalized scores, processing your reviews, and delivering the Service.

Explicit consent (LGPD art. 7(I) & 11 / GDPR art. 6(1)(a) & 9): for processing the VALUE PROFILE as sensitive data, for usage analytics (PostHog), and for any optional purposes. You may withdraw consent at any time without affecting the lawfulness of prior processing.

Legal obligation (LGPD art. 7(II) / GDPR art. 6(1)(c)): access-log retention under the Marco Civil da Internet and other applicable rules.

Legitimate interests (LGPD art. 7(IX) / GDPR art. 6(1)(f)): security, fraud prevention, vote-brigade detection, and Service stability, always balanced against your rights.

For users in Brazil under LGPD, this policy meets arts. 7-11; for users in the EU under GDPR, arts. 6, 9, and 13/14.

4. Purposes of processing

Provide the Service: authentication, personalized scores, recommendations, clubs, guides, debates, and premium subscription.

Compute scores and consensus: your reviews feed the scoring models (including AI models) that produce the aggregate Woke/Value Scores.

Security and moderation: prevent abuse, fraud, brigading, and unlawful content; enforce moderation rules.

Service improvement: aggregate/anonymous usage analytics (PostHog), error detection (Sentry), and new-feature development.

5. Sharing with third parties and processors

Supabase (database, auth, storage): hosts account, content, and score data under a data-processing agreement (DPA), in datacenters with recognized security standards.

Stripe (payments): processes charges. Card data never transits our servers — it goes directly to Stripe via Elements/Checkout (PCI-DSS Level 1).

Google Gemini / AI models (content analysis): used to produce scores and evidence from the public metadata of works and from community consensus. Excerpts of your User Content (reviews/quotes) may be sent to the AI provider for score synthesis, under the license granted in the Terms of Service.

PostHog (product analytics): aggregate/anonymous usage events for continuous improvement. No direct identity when analytics consent is denied.

Sentry (error monitoring): receives error traces with minimal data, scrubbed of sensitive information.

Authorities and third parties, when required by law or valid court order (Marco Civil da Internet arts. 19/21; LGPD art. 7(II)), or to protect Filtro Digital's rights.

We do not sell your personal data.

6. International transfer

Some processors operate outside Brazil/EU (e.g., US). In such cases, international transfers observe LGPD art. 33 safeguards (standard clauses, adequate countries, or specific consent) and GDPR chapter V (adequacy decisions or European Commission standard contractual clauses).

7. Retention

Active account: your data is kept while the account exists.

User Content (reviews/votes): kept while the account exists; votes/reviews may be anonymized (delinked from your identity) on account deletion, remaining to support aggregate scores, unless full deletion is requested below.

Access logs: per legal/regulatory timeframes (Marco Civil da Internet art. 15) and security needs.

Payment data: kept as long as necessary for tax/accounting and refund purposes (Stripe).

Anonymous/aggregate analytics data: may be kept indefinitely, as it does not identify you.

8. Your rights (LGPD art. 18 / GDPR art. 15-22)

You may request at any time: confirmation of processing; access to your data; correction of incomplete, inaccurate, or outdated data; anonymization, blocking, or deletion of unnecessary, excessive, or unlawful data; data portability; deletion of data processed on your consent (withdrawal); information about sharing; withdrawal of consent.

HOW TO EXERCISE — in-product: visit /en/me to export your data and/or delete your account (which triggers deletion/anonymization per this policy). Direct channels: write to privacy@filtrodigital.com.br; we respond within the statutory period (LGPD: up to 15 days; GDPR: up to one month). If unresolved, you may complain to the ANPD (Brazil) or your local data-protection authority (EU).

9. Cookies and similar technologies

We use cookies and local storage for: authenticated session (httpOnly, necessary), locale/theme preference, CSRF prevention (double-submit token), and analytics (when consented). You can manage preferences in your browser; necessary cookies cannot be disabled without breaking functionality.

10. Automated decisions and profiling

Scores and personalized fit (match) are derived by automated processing (including AI) from your reviews and value profile. These outputs are OPINIONS (see the Terms of Service), not decisions producing significant legal effects on you under GDPR art. 22 / LGPD art. 20. You may contest the output by requesting human review via privacy@filtrodigital.com.br.

11. Security

We adopt technical and organizational measures (TLS in transit, secret segregation, database row-level security, server-only key isolation, rate-limiting, monitoring). No system is fully secure; we will notify you and authorities as required by law in the event of a relevant security incident.

12. Children and teenagers

The Service is not directed to children. Data from anyone below the minimum age (see Terms of Service) is not knowingly collected; if identified, it will be deleted. For teenagers, processing sensitive data (value profile) requires parental or guardian consent.

13. Changes to this policy

We may update this policy. The "last updated" date below reflects the current version. For material changes, we will notify authenticated users or by email.

14. Contact (DPO)

Data Protection Officer (DPO): privacy@filtrodigital.com.br. Use this channel to exercise your rights or report a privacy issue.

Last updated: July 2, 2026 · Filtro Digital · https://filtrodigital.com.br
Privacy Policy · Filtro Digital