Legal

Privacy Policy

This policy explains how Compasso collects, uses, shares, and protects personal data when you access the website, join the waitlist, create an account, or use any travel planning and travel finance features we make available.

Last updated

March 29, 2026

Privacy contact

contact@compassoonline.app

1. Scope of this policy

This policy applies to the Compasso website, public pages, signup forms, waitlist flows, authorized marketing communications, and any product, authentication, subscription, or integration features that may be enabled over time.

If a specific flow includes a supplemental notice, such as a payment integration or a beta feature, that notice supplements this policy only for the relevant context.

2. Data we may collect

The information we collect depends on how you interact with Compasso. In many cases, you can browse the public site without creating an account.

  • Identity and contact data, such as name, email, country, language, role, or company, when you fill out forms, subscribe to updates, or contact us.
  • Account data, such as credentials, access history, language preferences, and security settings, when authenticated areas are available.
  • Travel planning and finance data, such as destinations, dates, budgets, installment purchases, savings goals, reminders, and notes, when you use product features.
  • Technical and usage data, such as IP address, device type, browser, operating system, pages viewed, traffic source, cookie identifiers, and navigation events.
  • Transactional data, such as subscription plan, billing status, charges, currency, invoices, and metadata returned by payment processors, when paid services are enabled.

3. How we use data

We use personal data to operate, maintain, and improve Compasso in a secure and useful way.

  • Create and manage accounts, authenticate logins, and remember preferences.
  • Run travel planning, financial projection, alert, and reporting features.
  • Respond to messages, support requests, business inquiries, and communications you asked for.
  • Measure website performance, fix errors, and prevent abuse, fraud, malicious scraping, and security incidents.
  • Comply with legal, regulatory, tax, and recordkeeping obligations and respond to valid authority requests.
  • Send updates, invitations, and promotional content only on a lawful basis and with opt-out options where required.

5. Data sharing

We do not sell personal data. We share information only with third parties needed to operate the service or when the law requires it.

  • Infrastructure, hosting, analytics, monitoring, authentication, email, customer support, and workflow vendors.
  • Billing and payment partners when you subscribe to a paid plan or complete a transaction.
  • Providers helping with security, fraud prevention, audits, legal support, and compliance.
  • Public authorities, courts, and regulators when there is a valid legal obligation, lawful request, or need to defend rights.
  • Buyers, investors, or successors in a corporate transaction, subject to confidentiality and applicable law.

6. International transfers

Some of our vendors operate in multiple countries, so your information may be processed outside Brazil or outside the country where you are located.

When that happens, we use appropriate safeguards such as contractual protections, vendor reviews, access controls, and measures compatible with applicable law.

7. Data retention

We keep personal data for as long as needed to fulfill the purposes described in this policy, meet legal obligations, resolve disputes, and preserve service integrity and security.

  • Account and product data are generally kept while the account remains active and for a reasonable additional period for backup, auditing, and fraud prevention.
  • Tax, financial, and security records may be kept longer when required by law or justified by clearly identified legitimate interests.
  • Deletion requests are reviewed case by case, taking into account mandatory retention periods and the need to defend legal rights.

8. Information security

We use reasonable technical and organizational measures designed to reduce the risk of unauthorized access, misuse, loss, alteration, or destruction of personal data.

No system is perfectly secure. You should use strong passwords, protect your devices, and contact us promptly if you notice unauthorized use of your account.

9. Your rights

Depending on the law that applies to you, you may have rights over your personal data.

  • Confirmation that we process your data and access to that data.
  • Correction of incomplete, inaccurate, or outdated information.
  • Anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed data.
  • Portability, where technically feasible and subject to trade secret protections.
  • Information about data sharing and about the option to withhold consent.
  • Withdrawal of consent, objection to certain processing, and review of automated decisions where applicable.
  • The right to lodge a complaint with the ANPD or the competent authority where you live.

To exercise these rights, email contact@compassoonline.app. We may ask for additional information to confirm your identity before completing the request.

10. Children, updates, and contact

Compasso is not directed to children under 16 without parental or guardian involvement. If you believe a child sent us personal data without appropriate authorization, contact us so we can review and remove the data when required.

We may update this policy to reflect changes in the product, the law, or our operations. When changes are material, we will publish the updated version on this page with a new date and, when required, provide additional notice.

For privacy questions, requests, or complaints, contact contact@compassoonline.app.