Skip to main content

Privacy Policy – YuIA

Last updated: July 08, 2025.

Data Owner and Controller: YuIA (CNPJ 48.005.030/0001-17) – For any questions about this Policy or requests regarding your personal data, please contact us at suporte@yuia.com.br.

Commitment to Your Privacy​

Your privacy is important to us. It is YuIA's policy to respect and protect the privacy of any personal information we may collect on our website YuIA. We only request personal information when we genuinely need it to provide a service to you, always through fair and legal means, with your knowledge and consent, explaining why we are collecting it and how it will be used. We retain the collected data only for as long as necessary to provide the requested service and adopt commercially acceptable security measures to protect this data against loss, theft, unauthorized access, disclosure, copying, use, or modification. We do not share your personally identifiable information publicly or with third parties, except when required by law or as described in this Policy. Continued use of our website after the publication of updates to this Policy will be considered acceptance of the revised terms. If you have any questions about how we handle user data, please contact us at the email address indicated above.

Note: Our website may contain links to external sites not operated by us. We have no control over the content or privacy practices of these third-party websites and assume no responsibility for their respective privacy policies. We recommend that you read the privacy policies of any external websites you visit from links on our site.

Information We Collect​

We collect different types of personal information from users, depending on their interaction with YuIA. This information may be provided directly by you or collected automatically during use of the service. Below we detail the categories of data collected and examples of each:

  • Data provided by the user: When you create an account on YuIA, we request registration information such as full name, email address, and a password for access. We may also request payment data (for example, credit card information or other payment methods) when you subscribe to a paid plan, as well as other information necessary to process transactions (such as payment history). All YuIA users must be at least 18 years old, so we do not deliberately collect data from minors. By registering, you declare that you are over 18 years old. If we discover that we have inadvertently collected data from someone under 18, we will delete that information.

  • Content and platform interactions: When you use YuIA features, we collect the content you actively provide to the service. This includes, for example, the questions, commands, or texts you submit to the site's AI tools, as well as any files or information you send during use. This user content data ("User Content") is stored to enable the automated features offered by YuIA and to allow you to review your interaction history. We emphasize that, although the responses and features are provided automatically by Artificial Intelligence algorithms, there may occasionally be human intervention on this data for moderation, technical support, or service improvement purposes, always within the limits of this Policy and in compliance with applicable law.

  • Communications and support: If you contact us through email, a support form, or other channels, we will collect the information you choose to provide in these communications. This may include your name, email address, the content of the message, and any attachments. We use this data solely to answer your questions, resolve issues, or improve our services, as needed.

  • Automatically collected data: When you visit or use the YuIA website, we automatically collect certain technical and usage information through technological tools:

    • IP address and log data: We record your device's IP address, access dates and times, browser type and version, operating system, and similar information that your browser automatically sends. This log data helps us understand how the service is being accessed, enable your connection, and maintain platform security.
    • Usage and device data: We collect information about how you navigate and interact on our site, such as pages accessed, features used, time spent on certain functionalities, errors or failures that occurred, as well as device information (device model, unique device identifiers, operating system version, regional settings, time zone, etc.). This usage data is important for analyzing service performance, identifying user preferences, and improving the experience offered.
    • Cookies and tracking technologies: We use cookies (small text files stored in your browser) and similar technologies to recognize you across different sessions, remember your preferences, and enhance your browsing experience. For example, we may use cookies to keep your session logged in, save chosen settings, or provide personalized content. Tracking technologies also help us collect analytical data about site traffic and aggregate user behavior. You are free to manage cookies in your browser, and you can refuse or delete them; however, this may impact some YuIA functionalities (for example, being unable to stay logged in or see personalized content).

Use of Information (Processing Purposes)​

We use the collected personal data for various purposes necessary for the operation and improvement of YuIA. In general, data is processed to:

  • Provide and operate the service: We use your information to enable your access to the platform and deliver contracted features, for example, generating AI responses to your prompts, enabling experience personalization features, and keeping your account active. This includes processing subscription plan payments and managing your contracted plan, when applicable.

  • Manage and improve the service: Usage data and user feedback are analyzed to fix issues, develop new features, and improve service quality over time. For example, we may use error or performance logs to optimize our systems, or evaluate in aggregate which features are most used to guide future improvements. We may also use submitted content (in anonymized or aggregated form) to train or adjust our artificial intelligence algorithms and thus improve the effectiveness of automated responses, always in compliance with this Policy. If you do not wish for certain provided content to be used for service improvement, please let us know through the contact email.

  • Communication with the user: YuIA may use your name and email to send important communications about the service. This includes, for example, registration confirmation messages, payment notices, notifications of significant changes to this Policy or our Terms of Use, and updates about new features or improvements to the site. We may also send newsletters, informational content, or promotional offers, if you have consented to receive them. In these marketing communications, you will always have the option to opt out, by clicking the unsubscribe link present in the emails or contacting us to be removed from the list. We respect your privacy and will not send spam; the frequency of messages is limited and related to service use or content we deem relevant to you.

  • Security and fraud prevention: Collected data is used to ensure the security of the site, your account, and other users, as well as to detect and prevent malicious or illegal activities. For example, we monitor IP addresses and usage patterns to identify unauthorized access, cyber attacks (such as breach attempts or malicious code dissemination), and misuse of YuIA features. If we detect fraud, abusive behavior, or violation of our terms, we may use available information to take preventive and mitigating measures, including blocking involved accounts or reporting to competent authorities, where applicable.

  • Compliance with legal obligations: Your data may also be processed so that YuIA can comply with legal or regulatory obligations to which it is subject. This includes storing access records as required by the Marco Civil da Internet (Law 12,965/2014), issuing tax documents in compliance with Brazilian tax legislation, and responding to valid legal requests from authorities (such as court orders or government requirements). Additionally, we may process and retain certain data to protect YuIA's rights in potential judicial or administrative disputes, for example, keeping proof of transactions and communications related to service use.

In any case, we use personal data exclusively for the purposes stated in this Policy and/or at the time of collection. If we need to use data for purposes not initially foreseen, we will request your specific consent or do so only with support from another adequate legal basis.

YuIA processes users' personal data based on the legal grounds provided by the Brazilian General Data Protection Law (LGPD - Law No. 13,709/2018) and other applicable legislation. The main legal bases we use are: Consent of the data subject and Contract performance. In practical terms:

  • Contract performance and preliminary procedures: When you register and use YuIA, we are establishing a contractual relationship (acceptance of our Terms of Use and this Policy). Thus, we need to process your data to perform this contract, that is, to provide the service as agreed – this legal basis allows us to collect and use, for example, your email and password for authentication, your payment data to charge for the subscription, and the content you input to generate the requested responses and features.

  • Explicit consent: In certain situations, we will request your consent to process data that does not fall under another legal basis. For example, we may ask for your consent to send you promotional communications (newsletter) or to use certain non-essential cookies. Whenever consent is the legal basis, it will be freely given, informed, and unequivocal, obtained through an affirmative action on your part (such as checking a checkbox). You have the right to revoke consent at any time, which will not affect the processing already performed, but may prevent the continuation of certain services. If minors (under 18 years old) improperly use the service, YuIA is not responsible for such unauthorized use, and any data collected from minors without parental consent will be deleted once identified.

  • Legal obligation: Some data may be processed because the law requires it. For example, the Marco Civil da Internet and ANPD regulations may require the retention of certain access records for defined periods, or tax legislation may require maintaining financial transaction data. In these cases, YuIA will process and store the data strictly for the period necessary to fulfill such legal obligations.

  • Legitimate interests: In specific situations, we may process personal data based on our legitimate interest, provided that such interest is lawful, specific, and proportionate, and never to the detriment of the user's fundamental rights and freedoms. For example, we may have a legitimate interest in improving our services through the analysis of aggregated usage data, or in promoting platform security through anti-fraud monitoring – in these cases, we will carefully evaluate the impact on user privacy and adopt safeguards to minimize risks.

If you have questions about the legal bases that apply to a particular type of data or processing operation, please feel free to contact us for clarification. We reinforce that we process your personal data only within the limits and purposes permitted by current legislation and by this Policy, in accordance with your consent or another adequate legal basis.

Sharing of Data with Third Parties​

YuIA values your privacy and does not sell, rent, or share your personal data with third parties outside the scenarios described here. In general, we only share your data in the following circumstances:

  • Essential service providers (data processors): To enable our operations, we rely on trusted third-party services that process certain data on our behalf, following our instructions and in compliance with this Policy. These partners include:

    • Cloudflare: content delivery network (CDN) and security service that helps protect the site against attacks and improve access performance. Cloudflare may process data such as IP addresses and traffic information to filter malicious access and efficiently distribute content. (Cloudflare's Privacy Policy is available on the company's official website.)
    • Microsoft Azure: cloud computing platform where our servers and infrastructure are hosted. Your data stored on YuIA (account, provided content, etc.) may be stored in databases or servers maintained on Azure. (Consult Microsoft's Privacy Policy for more information.)
    • Stripe and Mercado Pago: payment service providers that process subscription transactions. When you make a payment, necessary information (such as name, transaction amount, and payment method data) is securely transmitted to these companies in order to process the payment, verify fraud, and fulfill financial obligations. YuIA does not store complete credit card data on our servers – this processing is done securely by the payment providers. (Privacy policies available on the Stripe and Mercado Pago websites.)
    • Brevo (Sendinblue): platform used for sending transactional emails and communications (for example, welcome emails, password resets, newsletters). Your name and email may be transferred to Brevo solely to facilitate sending these messages on our behalf. These emails contain strictly necessary content (such as activation links or YuIA news) and respect the receiving preferences you have configured.
    • Google AdSense: Google's advertising service that we use to display ads on our site to help fund our operations. AdSense may place cookies (such as the DoubleClick cookie) in your browser to display more relevant ads based on your interests and limit the number of times the same ad appears for you. These behavioral advertising cookies anonymously track your browsing preferences to present advertising content that may be of interest to you, helping to fund YuIA. (For more information, consult Google AdSense's Privacy Policy and FAQs.)

    All third parties listed above act as data processors or partners of YuIA, and only have access to personal information necessary for the performance of their functions. We enter into agreements or terms with these partners to ensure that they maintain the confidentiality and security of shared data and process it in accordance with applicable data protection laws (such as the LGPD). In the event of replacement or inclusion of new critical providers that have access to personal data, this Policy will be updated to reflect the changes.

  • Legal requirements and protection of rights: We may disclose a user's personal data to comply with a legal obligation or court order, or to cooperate with government authorities in investigations, under the terms of the law. In these cases, we will provide only the data strictly necessary in response to the valid legal demand. Similarly, we may share information if we believe in good faith that this is necessary to protect our rights, safeguard user security, investigate fraud, or enforce/apply our Terms of Use (for example, in cases of violation of platform rules).

  • Business transfers: If YuIA undergoes any relevant corporate transaction, such as a merger, acquisition, incorporation, reorganization, or sale of part of its assets, users' personal data may be transferred to the successor entities involved, as part of the intangible assets traded. In this case, we will ensure the continuity of your data protection, and will notify affected users regarding the transfer and the application of this Policy to the successor entity. If the transaction results in any material change in how your data will be processed, we will provide advance notice and, if necessary, request your consent.

  • With your explicit consent: In addition to the above cases, in any situation not covered by this Policy where it is necessary to share your data with third parties, we will request your specific consent. For example, if at any time we wish to share public testimonials with your name, or provide your contact information to a business partner for a joint offer, we will only do so with your prior and informed authorization.

We emphasize that we will not share, sell, or disclose your personal information to third parties indiscriminately. Any sharing will strictly observe the purposes described herein or imposed by law, respecting the principles of necessity and data minimization.

Cookies and Tracking Technologies​

Cookies are small text files that our site saves on your device to recognize your browser and store certain information. YuIA uses cookies and similar technologies for the following main purposes:

  • Essential functionality: Some cookies are necessary for the site to function correctly. For example, we use session cookies to keep you logged in while navigating between pages, so you don't have to re-enter your credentials for each action. These cookies generally expire when the session ends (when the browser is closed).

  • Preferences and personalization: Cookies can also remember your preferences (for example, chosen language, display settings) and provide personalized content based on your previous interactions with YuIA. This makes your experience faster and more personalized, avoiding having to reconfigure options each visit.

  • Analytics and performance: We may use cookies or anonymous identifiers to collect statistical information about site usage – for example, which pages are most accessed, how long users stay on certain sections, click-through rates on specific buttons, etc. This analytical data helps us understand engagement and improve content and functionality, and is generally collected in aggregate form, without individually identifying users.

  • Advertising (Google AdSense): As mentioned, advertising partners such as Google AdSense may place advertising cookies (such as the DoubleClick cookie) to serve relevant ads to users. These cookies allow, for example, a specific ad to not be shown repeatedly to the same user and for the displayed ads to match potential interests inferred from websites visited (anonymous preference tracking). YuIA implements AdSense to help fund the maintenance of the service and future development, displaying ads in a non-intrusive way. It is worth noting that Google may use and combine data collected through these cookies on YuIA with information from other sites to improve ad effectiveness, as described in their own privacy policies.

  • Other similar technologies: In addition to traditional HTTP cookies, we may use similar technologies such as local storage, web beacons (pixel tags), or mobile SDKs (in case we offer a mobile application) for purposes similar to those above – ensuring functionality, storing preferences, or measuring interactions.

Cookie control: When accessing YuIA for the first time, you may see a notice about the use of cookies, giving you the chance to consent to non-essential cookies. Even after consenting, you can at any time adjust your browser settings to refuse cookies or delete those already stored. Note, however, that refusing certain essential cookies may impair site functionality. For example, if authentication cookies are blocked, we will not be able to keep you logged in, and some features may not work properly.

For more detailed information about how Google uses advertising cookies and how to manage your ad preferences, you can visit Google's Privacy Policy page and the ad settings section of your Google Account. For other third-party cookies (such as payment services or analytics), consult the official documentation of those providers.

Data Storage, Transfer, and Retention​

Location of storage: Personal data collected by YuIA is primarily stored on servers located in Brazil. We maintain our main infrastructure in data centers located within national territory to ensure that Brazilian users' data is processed in accordance with local data protection laws. However, some specific processing may occur abroad, through the third-party services we use. For example, when processing a card payment, your data may transit through international servers of payment operators; or when sending transactional emails, the information passes through the email platform's servers (which may be hosted outside Brazil).

International data transfer: Whenever there is a transfer or processing of personal data outside Brazil, YuIA commits to adopting adequate protection measures in compliance with the LGPD. This includes assessing whether the destination country offers a level of data protection equivalent to Brazil's, or entering into contracts and standard data protection clauses with foreign recipients, or obtaining your specific consent for the transfer, when required. Many of our providers (such as Microsoft, Google, Cloudflare) adhere to international privacy standards and implement recognized mechanisms (for example, the European Union's standard contractual clauses) to legitimize cross-border data transfers. By using YuIA, you agree that your data may be transferred to these partners located in other countries, as necessary for the provision of the service, understanding that we apply the protections described in this Policy regardless of the location of processing.

Data retention period: We will keep your personal data only for as long as necessary to fulfill the purposes for which it was collected, as described in this Policy, or as required by specific legal deadlines. This means, for example, that as long as you maintain an active account on YuIA, we will store your registration data and content to enable your continued experience. If you close your account or request the deletion of your personal data, we will delete or anonymize the related data, except when certain data needs to be retained for an additional period to:

  • Fulfill a legal or regulatory data retention obligation (for example, financial transaction records may be kept for up to 5 years in accordance with tax legislation; connection records may be maintained for the period determined by Marco Civil legislation).
  • Allow YuIA to exercise its regular rights in judicial, administrative, or arbitral proceedings – for example, we may retain information necessary to prove compliance with contractual obligations or for defense in litigation, respecting applicable limitation periods.
  • Serve legitimate interests of YuIA or third parties, such as fraud detection, provided that legal requirements are met. For example, even after account deletion, we may internally maintain an identifier associated with a banned user to prevent recurrence of malicious activities – without retaining excessive or unnecessary personal data.

In any case, when we retain data after account closure, we do so in restricted format, with limited access, and only for the strictly necessary time. Once the need has ended, the remaining data will be securely eliminated.

If you wish to permanently delete your account and data, you may submit the request through the provided contact channels (or through a specific feature on the site, if available). We will fulfill the request respecting the deadlines and procedures provided by law – the LGPD grants us up to 15 days to respond to deletion requests, from your formal request. Upon confirming deletion, all your identifiable personal data will be removed or anonymized in our systems, except for information whose retention is required by law or justified by one of the above scenarios. You will be informed when the deletion is complete.

User Rights (Data Subject Rights)​

In accordance with the LGPD and other data protection legislation, you, as the holder of personal data, have various rights regarding your information. We at YuIA are committed to ensuring the full exercise of these rights, which include, among others:

  • Right to confirmation and access: You may request confirmation of the existence of processing of your personal data by us, and, if so, request access to the data and information about how it is used. Upon your request, we will provide a report or copy of the personal data we hold about you, in simplified format or through secure electronic means, as provided by regulation, safeguarding trade and industrial secrets.

  • Right to correction: If you identify that any of your personal data is incomplete, inaccurate, or outdated, you have the right to request the correction or supplementation of this information. For example, if you change your contact email or notice an error in your registered name, you may contact us to update the record. We will take reasonable steps to verify the authenticity of the request and make the correction as soon as possible.

  • Right to anonymization, blocking, or deletion: In cases where certain data is deemed unnecessary, excessive, or processed in non-compliance with the law, you may request that it be anonymized (so that it no longer identifies you), blocked (temporarily suspended from any processing), or deleted (permanently removed). We will analyze the relevance of the request in light of the LGPD and, if appropriate, will promptly comply, informing you of the result.

  • Right to data portability: You have the right to request that personal data you provided to YuIA be transferred to another service provider or product, if technically feasible and upon your express request. In practice, we provide you, or third parties you designate, with a copy of your data in a structured and commonly used format (for example, CSV or JSON), containing the active information you provided to us (subject to trade secrets and other legal provisions). Currently, as a security measure, we only perform portability directly to the data subject, who can then provide it to the desired new service.

  • Right to information about sharing: You may request information about which public and private entities YuIA has shared your data with, especially in cases of sharing without your consent (based on another legal basis). We will provide a listing of the organizations, companies, or bodies with which we have shared data relating to you, if any. (Note: sharing done with your express consent or through standard contracts is already described in this Policy; this right ensures additional transparency in other scenarios provided by law).

  • Right to revoke consent: If the processing of specific data is based solely on your consent, you have the right to revoke that consent at any time. For example, if you consented to receive marketing emails, you may subsequently choose to withdraw that consent, and we will stop processing your data for that purpose. It is important to note that revoking consent does not affect the legality of processing carried out previously, but may make it impossible to continue certain services or features that depend on that consent.

  • Right to deletion of data processed with consent: Related to the previous item, you may request the deletion of personal data that was collected based on consent, after revoking it. This means that, if any of your data was only collected because you agreed (and there was no other legal basis), then upon withdrawing consent you may demand the deletion of that data from our database, unless its retention is permitted by another legal basis (for example, mandatory legal retention).

  • Right to object to processing (right of objection): In situations where we process your data based on legitimate interest or other legal bases that do not require consent, you have the right to object to the processing, if you believe it infringes your fundamental rights and freedoms. We will analyze your objection and, if there is no prevailing legal basis justifying the continuation of processing, we will cease using the data for the contested purpose.

  • Right to review automated decisions: If any decision taken solely based on automated processing of personal data – that is, without human involvement – affects your interests, you may request that it be reviewed by a person. In the context of YuIA, virtually all responses provided by the AI are automated; however, these decisions (such as generating a text or response) do not produce significant legal or similar effects on you. Nevertheless, we maintain the option of human intervention in the process in cases of reviewing a result or contestation.

  • Right to file a complaint: You have the right to file a complaint before the national data protection authority (in Brazil, the ANPD) if you believe your rights have been violated and you have not obtained satisfactory resolution directly from us. We suggest that you contact us first so we can try to clarify or resolve any issue related to your data. However, this right ensures that you can appeal to competent government bodies to guarantee your rights, if you deem it necessary.

You may exercise your rights by contacting us at suporte@yuia.com.br and specifying which right you wish to exercise and providing sufficient information for us to validate your identity (for security, so that only the data subject themselves or legal representative has access to the data). We will respond to requests within a reasonable timeframe and in compliance with applicable legal deadlines (under the LGPD, we commit to responding within a maximum of 15 days, from the date of the request, for requests under Article 18 of the LGPD, but we will generally do so sooner). If any request is excessively complex or cannot be fulfilled immediately, we will communicate the status and may request additional information. If the request is denied (for example, due to conflict with legal obligations or third-party rights), we will present the justification.

Important: for some rights, especially access, portability, and data copy, we may offer direct mechanisms on the site in the future (such as profile download or privacy dashboard). In the meantime, all requests may be made through our contact channels. The exercise of these rights is free of charge for you; however, repetitive, unfounded, or excessive requests may, legally, entail a charge for an administrative cost, which will be disclosed if pertinent.

Data Security​

We adopt rigorous security measures – both technical and administrative – to protect your personal data against unauthorized access, misuse, disclosure, or improper destruction. We use recognized industry practices, including encryption of sensitive data in transit (through HTTPS/TLS protocol) and at rest whenever applicable, firewalls and restricted access controls on our servers, as well as constant monitoring for potential vulnerabilities. In other words, we implement end-to-end security measures to protect communications and the storage of your information, and we employ robust barriers to block unauthorized access attempts. Only authorized YuIA employees, contractors, and agents (who are subject to confidentiality obligations) are permitted to access personal data, and will only do so to fulfill necessary operational functions, as described in this Policy.

We also recommend that you take precautions to keep your data secure. Protect your access credentials: choose strong and unique passwords, combining uppercase and lowercase letters, numbers, and symbols, and avoid reusing the same password on other services. Do not share your password with third parties and, if you suspect it may have been compromised, change it as soon as possible and inform us so we can take additional protective measures, if necessary.

Although we strive to protect your privacy, it is important to note that no method of data transmission over the internet or electronic storage is 100% secure or immune to failures. Therefore, we cannot guarantee absolute security. In the event of a security incident that results in significant compromise of your personal data (for example, a security breach that poses a relevant risk or harm), we will inform you within an appropriate timeframe, as required by law, as well as notify the competent authorities, and will take all appropriate measures to mitigate the effects and prevent recurrence.

Changes to This Privacy Policy​

This Privacy Policy may be updated. We reserve the right to modify it at any time, particularly to adapt it to any changes in our services or to applicable data protection legislation. Whenever there is a relevant change that requires your renewed awareness, we will notify you through the provided contact channels (for example, via email) or through a prominent notice on our platform. We recommend that you periodically review this page to stay informed about our privacy practices.

For your convenience, we indicate at the top of this document the date of the last update. If you continue to use YuIA after any changes take effect, this will mean that you agree to the revised terms. If you do not agree with the modifications to the Policy, you should discontinue use of the service and may exercise your data subject rights (such as data deletion), as described above.

Contact​

If you have any remaining questions about this Privacy Policy, or if you wish to exercise any of your rights relating to your personal data, please contact us. We are available to fulfill your requests and clarify any questions. Below are our dedicated contact channels:

Upon receiving your message, we will confirm receipt and will strive to respond in the shortest possible time. If your question is specifically about data protection, you can direct it in the email subject line (for example: "Privacy – Data Access Request"), to facilitate internal forwarding to the appropriate person.

Should you wish, you may also file a complaint directly with the National Data Protection Authority (ANPD), especially if you believe we have not satisfactorily addressed any request. However, we greatly value the opportunity to resolve any issues internally and improve our processes, so please do not hesitate to contact us first.

Thank you for trusting YuIA. We are committed to protecting your personal data and offering a secure service. We hope this Policy has clarified how we handle your information. We remain at your disposal for any additional clarifications.