COD Connect Privacy Policy
Last updated: July 13, 2025
Your privacy and that of your customers is our priority. This Privacy Policy details how COD Connect ('we', 'our') collects, uses, processes and protects information in the context of our WhatsApp automation platform. By using our service, you ('User') agree to the practices described in this policy.
1. Information We Collect
We collect information necessary to operate our services:
Your Account Data:
• Name and contact information
• Email address for authentication
• Payment information
• Platform usage history
E-commerce Integration Data:
• Order information (status, products, values)
• Customer data (name, phone, address)
• Store settings
• Automatic synchronization events
Technical Data:
• Access and activity logs
• Performance metrics
• Device and browser information
• Location data (IP)
Your Account Data:
• Name and contact information
• Email address for authentication
• Payment information
• Platform usage history
E-commerce Integration Data:
• Order information (status, products, values)
• Customer data (name, phone, address)
• Store settings
• Automatic synchronization events
Technical Data:
• Access and activity logs
• Performance metrics
• Device and browser information
• Location data (IP)
2. Our Role in Data Protection
Role Definition (LGPD/GDPR):
You are the Data Controller:
• Own and control your customers' data
• Define processing purposes
• Example: 'send paid order notification'
• Responsible for obtaining consents
We are the Data Processor:
• Process data under your instructions
• Access only data necessary for automations
• Follow your settings and rules
• Protect data with adequate technical measures
Shared Responsibility:
• You: compliance with local laws
• We: technical security and adequate processing
You are the Data Controller:
• Own and control your customers' data
• Define processing purposes
• Example: 'send paid order notification'
• Responsible for obtaining consents
We are the Data Processor:
• Process data under your instructions
• Access only data necessary for automations
• Follow your settings and rules
• Protect data with adequate technical measures
Shared Responsibility:
• You: compliance with local laws
• We: technical security and adequate processing
3. How We Use Information
We use your information exclusively for:
Service Operation:
• Provide WhatsApp automations
• Process and deliver messages
• Synchronize order data
• Maintain platform functionality
Business Management:
• Process payments and subscriptions
• Issue invoices and receipts
• Manage plans and permissions
• Access control
Support and Improvement:
• Provide technical support
• Resolve problems and bugs
• Improve performance
• Develop new features
Security and Compliance:
• Monitor usage to prevent abuse
• Detect suspicious activities
• Ensure policy compliance
• Protect platform integrity
Service Operation:
• Provide WhatsApp automations
• Process and deliver messages
• Synchronize order data
• Maintain platform functionality
Business Management:
• Process payments and subscriptions
• Issue invoices and receipts
• Manage plans and permissions
• Access control
Support and Improvement:
• Provide technical support
• Resolve problems and bugs
• Improve performance
• Develop new features
Security and Compliance:
• Monitor usage to prevent abuse
• Detect suspicious activities
• Ensure policy compliance
• Protect platform integrity
4. Third-Party Sharing
We do not sell your data.
We share only with essential service providers:
E-commerce Platforms:
• Official integrations for order data collection
• Secure authentication via OAuth
• Compliance with platform policies
Messaging Services:
• Official APIs for message delivery
• Compliance with usage policies
• Encryption in all communications
Infrastructure:
• Hosting and database providers
• Backup and security services
• Payment processing
All providers are required to:
• Maintain data confidentiality
• Implement adequate security measures
• Process data only according to instructions
• Notify about security incidents
We share only with essential service providers:
E-commerce Platforms:
• Official integrations for order data collection
• Secure authentication via OAuth
• Compliance with platform policies
Messaging Services:
• Official APIs for message delivery
• Compliance with usage policies
• Encryption in all communications
Infrastructure:
• Hosting and database providers
• Backup and security services
• Payment processing
All providers are required to:
• Maintain data confidentiality
• Implement adequate security measures
• Process data only according to instructions
• Notify about security incidents
5. Data Retention and Deletion
Retention Policy:
During Active Use:
• Data maintained while account is active
• Real-time processing as needed
• Backups for recovery for limited period
• Security logs for determined time
Automatic Deletion:
• Automatic deletion when requested by integrated platforms
• Transparent process according to policies
• No manual request needed
Manual Deletion:
• Request via privacy@codconnect.app
• Processing within 30 days
• Email confirmation
• Retention only of legally required data
Legal Retention:
• Tax data: according to Brazilian legislation
• Security logs: minimum legal period
• Payment data: according to regulations
During Active Use:
• Data maintained while account is active
• Real-time processing as needed
• Backups for recovery for limited period
• Security logs for determined time
Automatic Deletion:
• Automatic deletion when requested by integrated platforms
• Transparent process according to policies
• No manual request needed
Manual Deletion:
• Request via privacy@codconnect.app
• Processing within 30 days
• Email confirmation
• Retention only of legally required data
Legal Retention:
• Tax data: according to Brazilian legislation
• Security logs: minimum legal period
• Payment data: according to regulations
6. Your Privacy Rights
Guaranteed Rights (LGPD/GDPR):
Access and Portability:
• Request copy of all your data
• Structured and readable format
• Transfer to another provider
Correction and Update:
• Correct incorrect data
• Update outdated information
• Complete incomplete data
Deletion and Forgetting:
• Request complete deletion
• Record anonymization
• Right to be forgotten
Limitation and Opposition:
• Restrict specific processing
• Object to marketing use
• Revoke consents
How to Exercise Your Rights:
• Email: privacy@codconnect.app
• Response within 15 business days
• Free and transparent process
• Identity confirmation required
Access and Portability:
• Request copy of all your data
• Structured and readable format
• Transfer to another provider
Correction and Update:
• Correct incorrect data
• Update outdated information
• Complete incomplete data
Deletion and Forgetting:
• Request complete deletion
• Record anonymization
• Right to be forgotten
Limitation and Opposition:
• Restrict specific processing
• Object to marketing use
• Revoke consents
How to Exercise Your Rights:
• Email: privacy@codconnect.app
• Response within 15 business days
• Free and transparent process
• Identity confirmation required
7. Data Security
Protection Measures:
Encryption:
• Data encrypted in transit and at rest
• Industry standard security protocols
• Secure backup
• Key rotation
Access Control:
• Secure authentication
• Principle of least privilege
• Audit logs
• Periodic permission review
Monitoring:
• Suspicious activity detection
• Security alerts
• Automated backup
• Recovery plan
Compliance:
• LGPD/GDPR compliance
• Security policies
• Team training
Encryption:
• Data encrypted in transit and at rest
• Industry standard security protocols
• Secure backup
• Key rotation
Access Control:
• Secure authentication
• Principle of least privilege
• Audit logs
• Periodic permission review
Monitoring:
• Suspicious activity detection
• Security alerts
• Automated backup
• Recovery plan
Compliance:
• LGPD/GDPR compliance
• Security policies
• Team training
8. Contact
Our Commitment to Transparency:
We are available to clarify questions about privacy and data protection.
Data Protection Officer (DPO):
• Email: privacy@codconnect.app
• Hours: Monday to Friday, 9am to 6pm
• Response: Within 48h on business days
Competent Authorities:
• Brazil: ANPD (National Authority)
• Europe: Local GDPR authorities
• Right to complaint always guaranteed
We are available to clarify questions about privacy and data protection.
Data Protection Officer (DPO):
• Email: privacy@codconnect.app
• Hours: Monday to Friday, 9am to 6pm
• Response: Within 48h on business days
Competent Authorities:
• Brazil: ANPD (National Authority)
• Europe: Local GDPR authorities
• Right to complaint always guaranteed