Privacy Policy
Learn how we protect your personal data and information in accordance with GDPR and LGPD.
Last updated: 2026-02-12
Privacy Policy
This Privacy Policy describes how we collect, use, store, and protect your personal data.
1. Data Controller
| Field | Value |
|---|---|
| Name | Blueprint Blog |
| contato@blueprintblog.tech | |
| Data Protection Officer (DPO) | dpo@blueprintblog.tech |
2. Data We Collect
Data provided by you:
- Email address (when creating account)
- Profile name (optional)
- Language and theme preferences
- Article comments (when implemented)
Data collected automatically:
- IP address (anonymized for analytics)
- Browser type and version
- Device type and operating system
- Pages visited and time spent
- Cookie data (see our Cookie Policy)
3. Purpose of Processing
- Providing blog services (content access)
- Continuous improvement of user experience
- Usage analysis and performance metrics
- Communication about updates and news
- Security and fraud prevention
- Compliance with legal obligations
4. Legal Basis for Processing
We process your personal data based on the following legal grounds:
Consent (GDPR Art. 6, a / LGPD Art. 7, I)
When you expressly agree to data use (e.g., newsletters, analytics cookies).
Contract Execution (GDPR Art. 6, b / LGPD Art. 7, V)
To provide services when you create an account.
Legitimate Interest (GDPR Art. 6, f / LGPD Art. 7, IX)
For usage analysis, security, and service improvement.
Legal Obligation (GDPR Art. 6, c / LGPD Art. 7, II)
For compliance with legal or regulatory obligations.
5. Data Sharing
We may share your data with:
- Supabase (hosting and database)
- Microsoft Clarity (anonymized analytics)
- Competent authorities (when legally required)
Important: We never sell your personal data to third parties.
6. Data Security
We adopt the following security measures:
- SSL/TLS encryption for data transmission
- Role-based access control (RLS)
- Continuous monitoring of suspicious activities
- Regular security updates
7. Retention Period
We retain your data for the following periods:
| Type | Period |
|---|---|
| Active accounts | As long as the account exists |
| Deleted accounts | Up to 30 days after deletion |
| Analytics data | Up to 26 months |
| Tax/commercial data | As required by law |
8. Your Rights
Under GDPR and LGPD, you have the following rights:
- Access to your personal data
- Correction of incomplete or inaccurate data
- Deletion of data (right to be forgotten)
- Portability of data
- Withdrawal of consent
- Objection to processing
To exercise your rights, contact us at dpo@blueprintblog.tech. We will respond within 15 business days.
9. International Transfers
Your data may be processed outside Brazil (USA/Europe) by our providers (Supabase, Microsoft Clarity). We ensure such transfers comply with GDPR and LGPD through adequate contractual clauses.
10. Changes to this Policy
We may update this policy periodically. We will notify you of significant changes by email or site notice.
11. Contact
If you have questions about this Privacy Policy or data processing:
- Email: contato@blueprintblog.tech
- DPO: dpo@blueprintblog.tech
© Blueprint Blog - All rights reserved.