IN MY PRAY PRIVACY POLICY
At In My Pray, privacy and security are priorities and we are committed to transparency in the processing of personal data of our users/customers. Therefore, this Privacy Policy establishes how the collection, use and transfer of information from customers or other people who access or use our website is done.
By using our services, you understand that we will collect and use your personal information in the ways described in this Policy, which is governed by standards established around the world, since our services are being provided in various countries.
Thus, we reinforce our commitment to adopt security measures and good practices compatible with Brazilian legislation and with data protection standards existing in the world.
In this way, In My Pray, hereinafter simply referred to as IN MY PRAY, registered with CNPJ/MF under nº 63.534.059/0001-80, in the role of Data Controller, is bound by the provisions of this Privacy Policy.
1. BASIC CONCEPTS
To simplify your reading of this document, we present below some definitions useful for your interpretation:
| Term | Definition |
|---|---|
| Personal Data | It is information related to a natural person and that is capable of identifying the person or making their identification possible. Examples of personal data that may allow your identification: Name, CPF, phone, passport number, Identity Card, email, license plate of your vehicle etc. |
| Processing | It is any form of use that we can make of your Personal Data, including, but not limited to the following activities: collection, storage, consultation, use, sharing, transmission, classification, reproduction, deletion and evaluation. |
| Data Subject | It is you, the natural person to whom the Personal Data refers. |
| Policy | This Privacy Policy. |
| General Data Protection Law (LGPD) | Law that regulates the processing of personal data of Brazilian citizens carried out by natural or legal person of public or private law, covering operations carried out in manual or digital media, whether inside or outside Brazil. |
2. WHAT TYPES OF PERSONAL DATA DO WE COLLECT?
The types of Personal Data and how we collect them depend on how you relate to us and why. For example, the Personal Data collected will be different if you are a customer or a user of our website.
We list below some situations in which we may process your Personal Data in the context of your relationship with us:
- Identification: full name, CPF, RG, passport number, date of birth, marital status, gender, nationality, place of birth.
- Contact: address, phone, email, social networks.
- Banking Data: bank account information.
- Health: medical history, medical prescriptions, medical conditions.
- Education: school history, diplomas, certificates, qualifications.
- Professional: employment information, history of previous jobs, resume, work performance.
- Biometric data: fingerprints, facial recognition, voice data.
- Geolocation data: location data, IP address, location history.
- Criminal: criminal records, judicial processes, convictions.
- Marketing: marketing information.
- Image: photos, videos, voice recordings.
- Personal interests: hobbies, personal interests.
Sector: Administrative
Data: Name, RG, CPF, email, address.
Purpose: we process this data to ensure the execution of contracts with our customers, creating internal records and ensuring the organization and agility of our services, as well as complying with legal obligations.
Sector: Human Resources
Data: full name, CPF, RG, passport number, date of birth, marital status, gender, nationality, place of birth, address, phone, email, social networks, banking data, medical history, medical prescriptions, medical conditions, school history, diplomas, certificates, qualifications, employment information, history of previous jobs, resume, work performance, fingerprints, facial recognition, voice data, location data, IP address, location history, criminal records, judicial processes, convictions, photos, videos, voice recordings, personal interests.
Purpose: we process this data to ensure the execution of the employment contract with our employees, creating internal records and ensuring the organization and agility of our services, as well as complying with legal obligations.
Sector: Marketing
Data: Name, CPF, Identity Card, email, address, location data.
Purpose: we process this data to bring to new customers the services of In My Pray.
Sector: Security
Data: photos, videos, voice recordings.
Purpose: we process this data to ensure the security of the company and employees.
On social networks, instant messaging apps and emails, we can collect data such as name, email address, phone, profession and residential or commercial address, to facilitate our communication and send related and interesting content, provided you have given your consent previously or, if we have received your data in another legitimate way, you may revoke its use.
We may collect personal data from representatives and employees of companies, whether customers or partners, for issuing invoices, access control and registration updates, data such as name, email address, CPF, phone and business address.
3. LEGAL BASES FOR COLLECTION
To ensure compliance with applicable data protection legislation, we use the following legal bases for processing your personal information:
Consent
When you voluntarily provide us with information, such as when signing up for our services.
Contract execution
When processing is necessary for the execution of a contract of which you are a party.
Compliance with legal obligations
When we need to comply with a legal obligation.
Legitimate interests
When we have a legitimate interest in processing your information, provided that your rights and interests do not prevail over this interest.
Applicable Legislation
The legislation that supports our processing of personal data includes, but is not limited to:
BRAZIL: 1988 Federal Constitution, LGPD (Federal Law 13.709/2018), Consumer Defense Code (Federal Law 8.078/1990) and other applicable standards.
MEXICO: Federal Law on Protection of Personal Data Held by Private Parties.
CHILE: Law Nº 19.628.
COSTA RICA: Law on Protection of the Person regarding the processing of their personal data nº 8968.
USA: American Data Privacy and Protection Act - ADPPA.
EUROPEAN UNION: Regulation (EU) 2016/679 (GDPR).
JAPAN: APPI - Act on the Protection of Personal Information.
AUSTRALIA: Privacy Act 1988.
Other relevant local legislation.
4. INTERNATIONAL DATA TRANSFER
We use Microsoft CLOUD, which has its hardware base for such operation in the United States, therefore we inform that in our contracts users agree that the personal data collected and processed may be transferred internationally for cloud backup purposes with a cloud service provider located outside the national territory.
5. COOKIES
We use Cookies, which are text files sent by the website to your computer and that are stored on it and contain information related to website navigation. In summary, Cookies are used to enhance your experience on our website.
By accessing our website and consenting to the use of Cookies, you acknowledge and accept the use of a navigation data collection system using Cookies on your device.
On the website, we only use Essential Cookies, those necessary for navigation, that is, cookies that allow essential functionalities, such as security, identity verification and network management. In this case, no personal data is collected. These cookies cannot be disabled.
To manage your browser cookies, simply do so directly in the browser settings, in the Cookie management area.
6. WHAT ARE YOUR RIGHTS AS A PERSONAL DATA SUBJECT?
LGPD is mainly based on the consent of data subjects, requiring that they provide proper authorization before data collection and processing, except for the exceptions of the law. Consent must always be explicit and unambiguous, that is, it must be required from the subject in a place where they will have easy access to information about data collection and processing (principles of purpose, free access and transparency) and with a specific field for confirmation of their consent. Likewise, the subject may revoke consent at any time, regardless of changes in information and/or purposes regarding data processing.
Personal Data is yours and Brazilian law guarantees you a series of rights related to them. We are committed to complying with these rights and, in this section, we will explain what these rights are and how you can exercise them. See below:
| Your Rights | Explanation |
|---|---|
| Confirmation and Access | The data subject has the right to confirmation regarding the processing or not of their data and the number of processing operations, as well as must have facilitated access to all related data. |
| Correction | The subject can demand the correction of their outdated personal data, incomplete or inaccurate. |
| Anonymization, blocking or deletion | The subject can request (a) the anonymization of their Personal Data, so that they can no longer be related to the subject; (b) the blocking of Personal Data; and (c) the deletion of Personal Data, in which case we must delete all Personal Data without possibility of reversal. |
| Portability | The subject can request that we provide their Personal Data to a third party, provided that such transfer does not violate intellectual property or confidential information. |
| Information about sharing | The subject must have access to information about sharing their data with public and private entities. Depending on the case, we may limit the information provided if its disclosure may violate intellectual property or confidential information. |
| Information about the possibility of not consenting | The subject has the right to receive clear and complete information about the possibility and consequences of not providing consent, when it is requested by us. |
| Revocation of consent | The subject can withdraw their consent at any time. The revocation does not affect the legality of Processing carried out previously. |
| Opposition | When we process data without consent, the subject can present opposition, requesting the interruption of processing if they do not agree with the purpose. |
7. IMPORTANT NOTICES
Identity Verification
For your security, whenever you present a request to exercise your rights, we may request some information and/or additional documents so that we can prove your identity, seeking to prevent fraud.
Legitimate Reasons
In some cases, we may have legitimate reasons to fail to comply with a request to exercise rights. These situations include cases of protection of intellectual property or confidential information, as well as data retention obligations.
Response Time
Some requests may not be answered immediately, but we commit to answering all requests within a reasonable time and always in compliance with applicable legislation.
Questions?
If you have any questions about these issues or about how you can exercise your rights, feel free to contact us through the channels informed at the end of this Policy.
8. HOW DO WE PROTECT YOUR PERSONAL DATA?
Our responsibility is to take care of your Personal Data and use it only for the purposes described in this Policy. To ensure your privacy and protection of your Personal Data, we adopt advanced technological resources to ensure the security of all data processed by us. Among the security measures implemented are: machines protected with Total Security systems (including antivirus, firewall, antimalware, among others), encrypted clouds, processing policies and information management and risk management.
Security Measures Implemented
- Access Control Policies
- Password Policies
- Clean Desk Policy
- Bring Your Own Device (BYOD) Policy
- Software Policy
- Backup Policies
- Mobile Device Management (MDM) Policy
- Information Security Policy
Security Limitations
We strive to protect the privacy of your Personal Data, but unfortunately we cannot guarantee total security. Unauthorized entries and uses by third parties with your information, hardware or software failures that are not under our control and other external factors may compromise the security of your Personal Data.
If you identify or become aware of any factor that compromises the security of your data in your relationship with us, please contact us through the contact information indicated below.
9. HOW TO TALK ABOUT PERSONAL DATA?
Contact Us
If you believe that your Personal Data has been processed in a manner incompatible with this Policy or with your choices as a Personal Data Subject, or, if you have questions, comments or suggestions related to this Policy and the way we process your Personal Data, contact us.
10. CHANGES TO THE PRIVACY POLICY
As we are always seeking to improve our services and the way we operate, this Privacy Policy may be updated to reflect the improvements made. Therefore, we recommend periodic visits to this page so that you are aware of the modifications made.
Last update: November 19, 2025