AutomaBotHub
Last updated: May 18, 2026
Legal name: [PJ-PENDING-RAZAO-SOCIAL] CNPJ: [PJ-PENDING-CNPJ] Address: [PJ-PENDING-ENDERECO] DPO: [email protected] (more at /dpo) Legal email: [email protected] AutomaBotHub acts as controller of account and billing data (LGPD Art. 5, VI) and as processor of the data you handle inside your instances (Art. 5, VII). The Portuguese version is the legally binding one; this translation is provided as a courtesy.
AutomaBotHub acts as data controller for your personal data (LGPD Art. 5, VI) and as data processor for the data you process within your instances (LGPD Art. 5, VII). This policy describes how we collect, use, store, and protect your information in compliance with the Brazilian General Data Protection Law (Law 13.709/2018) and the Internet Civil Framework (Law 12.965/2014). The Brazilian Portuguese version is legally binding; this translation is provided for convenience.
We collect only what is necessary (necessity principle, Art. 6, III). Categories: identification (full name, email), payment (processed via Stripe — we do not store card numbers), usage (access logs, IPs, platform events), and content of your instances (which you control; we are processors of this content).
Each purpose is supported by a specific legal basis under LGPD Art. 7:
We use your data to provide and improve contracted services, process payments, send service communications, deliver technical support when requested, and produce aggregate analytics (without personal identification). We never use the content of your instances to train AI models.
We do not sell your data. We share with specialized processors (subprocessors) needed to operate. The full, up-to-date list with each subprocessor's location is at /subprocessors. We notify B2B customers by email 30 days in advance before adding any new subprocessor.
Some subprocessors process data outside Brazil (United States, European Union, global infrastructure). These transfers are covered by Standard Contractual Clauses (SCC) or other safeguards under LGPD Art. 33. Per-subprocessor details are at /subprocessors.
We apply retention periods proportional to the purpose (LGPD Arts. 15 and 16):
Upon request, you have the right to:
Email [email protected] with subject "LGPD — [desired right]". We respond within 15 days (Art. 19 §1). The service is free. If you are not satisfied with our response, you can complain directly to the Brazilian Data Protection Authority (ANPD) at gov.br/anpd.
We use automated analysis to detect abuse (cryptocurrency mining, spam, suspicious activity) — legal basis: legitimate interest. Decisions that may suspend your instance are reviewed by a human before execution. You have the right to request review (LGPD Art. 20). For detailed information about the algorithm, write to [email protected].
The platform is intended for commercial and professional use. We do not intentionally collect data from minors under 18. If we discover that we have collected data from a minor without guardian consent, we delete it immediately. Parents or guardians who identify improper collection should write to [email protected].
We apply technical and administrative measures (LGPD Art. 46): encryption in transit (TLS 1.3) and at rest for sensitive data, Firebase authentication with 2FA available, per-customer Docker network isolation, regular security audits, and access logs to internal systems. In the event of an incident, we notify ANPD and affected data subjects within 3 business days (Resolution CD/ANPD 15/2024) — public history at /incidents.
We use essential cookies for authentication and interface preferences. Analytical cookies require your consent and can be disabled at any time. Details in the Cookie Policy at /cookies.
Data Protection Officer (LGPD Art. 41): [email protected]. More about the DPO's role and scope at /dpo. For non-privacy legal matters: [email protected].