Privacy Policy

Your privacy is part of the contract.

This policy explains how Bizware Soluções em Informatica LTDA collects, uses, shares and protects personal data from website visitors, leads, candidates and commercial contacts, in compliance with Brazil's General Data Protection Law (Law 13.709/2018 — LGPD) and aligned with GDPR for EU data subjects.

Last updated: May 16, 2026

1. Controller

Who is responsible for processing your data.

Bizware Soluções em Informatica LTDA is the Controller of personal data collected through partenero.com and associated commercial channels. When customer companies use our platform to process data from their own end users, Partenero acts as Processor — that scenario is detailed in our LGPD page.

Legal entity

Bizware Soluções em Informatica LTDA

Headquarters

Av. Pres. Juscelino Kubitschek, 2.041 · Torre B · São Paulo, SP · 04543-011 · Brazil

Data Protection Officer

contato@partenero.com

Phone

+55 11 91756-2742

2. Applicability

When this policy applies to you.

This Privacy Policy describes the processing of personal data in the following contexts:

  • Browsing partenero.com and its subpages.
  • Filling contact, demo, newsletter, gated content and survey forms.
  • Attending events, webinars and marketing actions hosted by Partenero.
  • Applying to open positions at Partenero (resumes, profiles and recruiting communications).
  • Commercial communications and pre-contractual relationships with leads and prospects.

Important: Data that Partenero customers insert into the platform to manage their own end users is NOT covered by this policy — it is governed by the contract between the customer (Controller) and Partenero (Processor) and by the LGPD page. See LGPD page →

3. Data collected

What we collect about you.

We only collect what is necessary for the stated purposes. Collection happens in three ways: data you provide, data generated by site usage, and data obtained from legitimate third parties.

Data you provide

  • Identification and contact: name, business email, phone, company, role.
  • Form content: subject, message, segment, company size, request context.
  • Job applications: resume, professional profile (LinkedIn), history, screening answers.
  • Communication preferences: language, preferred channels, newsletter opt-in.

Data collected automatically

  • Technical identifiers: IP address, session identifier, user agent, operating system.
  • Browsing behavior: pages visited, time on page, referrer, aggregated clicks.
  • Device: type (desktop/mobile), resolution, browser language.
  • Cookies and similar technologies as described in section 6 and the Cookie Policy.

Third-party data

  • Public professional data from B2B databases (LinkedIn, company directories) for qualified commercial contact, always based on legitimate interest and with easy opt-out.
  • Data enriched by providers such as Apollo.io and ZoomInfo, restricted to professional context (role, segment, company size).
  • Referrals made by customers or partners, with source identification.

What we do NOT collect

  • We do not request sensitive personal data (racial origin, religion, health, sexual orientation, etc.) via the site. If we receive it inadvertently in free-form fields, we delete it.
  • We do not sell, rent or share your data with third parties for marketing purposes unrelated to Partenero.
  • We do not perform automated profiling with legal or discriminatory effects.
4. Purposes and legal bases

Why we use your data.

Each purpose has an explicit legal basis under Art. 7 LGPD (and Art. 6 GDPR, when applicable). You can ask the DPO for the specific basis applied to any processing.

PurposeLegal basis
Respond to contact requests, demos and commercial proposalsPre-contractual measures (Art. 7, V)
Send gated content, newsletter and event invitationsConsent (Art. 7, I) — revocable any time via link in each email
B2B prospecting and enrichment of professional contactsLegitimate interest (Art. 7, IX), documented balancing test and right to object
Analyze site usage and improve the experience (analytics)Consent (Art. 7, I) for non-essential cookies; legitimate interest for aggregated metrics
Screen candidates and run hiring processesPre-contractual measures (Art. 7, V)
Comply with legal, tax and accounting obligationsLegal or regulatory compliance (Art. 7, II)
Prevent fraud, abuse and ensure information securityLegitimate interest (Art. 7, IX) with technical safeguards
Defend rights in judicial, administrative or arbitration proceedingsRegular exercise of rights (Art. 7, VI)
5. Sharing

Who we share data with.

We share personal data only with third parties strictly necessary to deliver our services, under data protection agreements, and as legally required.

Cloud and infrastructure providers

Amazon Web Services (sa-east-1 primary), Cloudflare (CDN, WAF, DDoS) — hosting, edge security and content delivery.

Communication and marketing platforms

SendGrid (transactional email), Twilio (SMS/voice), Meta WhatsApp Business API. Newsletters via specialized provider, always with opt-out.

Commercial tools and CRM

Internal relationship and prospecting systems (including Apollo.io and similar), restricted to commercial purposes.

Professional partners

Accountants, lawyers, auditors and consultants under NDA, when required for legal compliance or exercise of rights.

Public authorities

When required by law, court order or formal request from ANPD, Federal Police, IRS-equivalent, etc. We evaluate each request before complying.

Corporate events

In case of merger, acquisition, corporate reorganization or asset sale, data may be transferred as part of the operation, with prior notice to data subjects.

Commitment: In no case do we sell, rent or share your data with third parties for marketing purposes unrelated to Partenero.

6. Cookies

Cookies, analytics and similar technologies.

We use essential cookies (necessary for site operation) and analytics cookies (with consent) to understand, in aggregate, how content is navigated.

Essential

Ensure login, language preferences, security and basic functioning. No consent required.

Analytics

Aggregated usage metrics (Google Analytics with anonymized IP). Loaded only after consent.

Marketing

Remarketing pixels and tags load only after explicit consent. You can review at any time.

7. International transfer

Where your data lives.

By default, data collected through this site resides in Brazil (AWS sa-east-1, São Paulo). Encrypted backups may be replicated to other regions for resilience, always under adequate protection guarantees.

Primary residency

São Paulo, Brazil (AWS sa-east-1).

Backups

Replication to us-east-1 (Virginia, USA), with encryption at rest (AES-256) and in transit (TLS 1.3).

Global subprocessors

Providers such as Cloudflare, SendGrid and Google operate globally. We adopt standard contractual clauses (SCCs) aligned with ANPD recommendations and GDPR.

8. Retention

How long we keep your data.

We keep personal data only for as long as needed for the stated purposes or while there is a legal retention obligation. After that, we delete or anonymize.

PeriodPurpose
Up to 24 monthsLeads and commercial contacts with no interaction. After that we anonymize or delete.
Duration of relationshipActive customers: contact data and commercial context kept during the contractual relationship.
Up to 5 yearsTax and accounting documents, per applicable tax and civil law.
Up to 6 monthsResumes of non-selected candidates, except with express consent for talent pool (up to 24 months).
Up to 12 monthsSecurity and audit logs of the site.
ImmediatelyUpon revocation of consent, except where another legal basis requires retention.
9. Security

How we protect your data.

Encryption

TLS 1.3 in transit and AES-256 at rest, with key management via AWS KMS.

Access control

Need-to-know access, MFA mandatory for admins, auditable records.

Audit

Immutable logs of access, change and export, kept for incident detection.

People

Mandatory annual LGPD and security training, NDA for all staff, principle of least privilege.

Formal program

SOC 2 Type II underway (2026 completion), ISO 27001 underway, annual independent pentest.

Incident response

Formal plan, communication to affected data subjects within 72 hours, notification to ANPD within timeframes of Resolution CD/ANPD No. 15/2024.

10. Your rights

Data subject rights under LGPD.

You can exercise any of the rights below by writing to contato@partenero.com. Our DPO responds within 15 days (Art. 19, LGPD), free of charge.

1

Confirmation of processing

Know whether we process any personal data about you.

2

Access

Obtain a copy of the personal data we hold about you.

3

Correction

Request correction of incomplete, inaccurate or outdated data.

4

Anonymization or deletion

Request anonymization, blocking or deletion of unnecessary or non-compliant data.

5

Portability

Receive your data in structured format (CSV or JSON) or have it sent to another vendor.

6

Sharing information

Know with which public and private entities your data was shared.

7

Information on non-consent

Know the consequences of not granting consent, when applicable.

8

Consent revocation

Withdraw any granted consent at any time, free of charge.

9

Objection

Object to processing carried out under legitimate interest.

10

Review of automated decisions

Request human review of decisions made solely by automated systems that affect your interests.

11. Children and minors

We do not target users under 18.

Partenero is a B2B platform; the site and channels are not directed at children or adolescents. We do not knowingly collect data from minors under 18. If we identify inadvertent collection, we delete the data immediately. If you are a legal guardian and suspect a minor under your care has sent us data, please write to contato@partenero.com so we can remove it.

12. Changes

How this policy evolves.

We update this policy whenever we change relevant practices or in response to legal changes. Material changes are communicated 30 days in advance by email to registered contacts and via on-site notice. Previous versions remain available upon request to the DPO.

13. Contact

Talk to our DPO.

Questions, rights requests or complaints can be sent directly to Partenero's Data Protection Officer. We do not use intermediate forms: you write, a person responds.

SLA

Reply within 15 days (Art. 19, LGPD).

Postal address

Bizware Soluções em Informatica LTDA · Av. Pres. Juscelino Kubitschek, 2.041 · Torre B · São Paulo, SP · 04543-011 · Brazil

ANPD: You may also file a complaint with Brazil's National Data Protection Authority (ANPD): www.gov.br/anpd.

trust by design

Want to see privacy applied in the product?

30 minutes with a specialist, with a tour of privacy and audit controls. No generic demo.