Welcome to the Privacy Policy of CNPJA TECNOLOGIA LTDA (“CNPJá” or “we”), registered under CNPJ No. 37.335.118/0001-80, which describes how we collect, use, store, and protect personal data when you (“user” or “you”) access our CNPJ query platform, comprising the web panel, API, Excel add-in, and other functionalities (“Platform” or “Services”). By using our Services, you acknowledge that you have read, understood, and agree with the terms described herein.
When you register using a password, we collect your email address. If you choose to register via social media, we collect your name, email, and profile picture. To process subscriptions and billing, we also request your CPF or CNPJ and address. This data is necessary for identification, authentication, issuing invoices, and generating payment slips or PIX.
When browsing the Platform or performing queries, your IP address and user-agent information may be recorded. We also use analytics tools (such as Google Ads and Google Analytics) that may generate navigation cookies for statistical and advertising purposes. Session cookies are also used to authenticate and maintain your access.
We do not collect credit card data, as credit card payments are intermediated by PayPal, subject to PayPal’s own privacy policy. For payments via bank slip (boleto) or PIX, we collect CPF or CNPJ and address for issuing bills and invoices, as required by tax legislation.
CNPJá integrates information about companies (CNPJ and, when available, details of partners and directors) sourced from official databases (Federal Revenue Service, among others). This data is cached in our system and displayed on the Platform for query purposes.
We process personal data to enable the creation and maintenance of user accounts, provide access to the Platform, offer CNPJ queries, make the API and Excel add-in available, and to process and finalize payments and subscriptions.
We rely on consent to send newsletters, informational materials, and promotional offers via email. The user may opt out of receiving these at any time through the site’s preference settings or the unsubscribe link in the email footer.
Certain processing activities are based on legitimate interest, for example, to improve the user experience, maintain access logs, carry out occasional commercial communications, and reinforce the Platform’s security. We always respect the fundamental rights and freedoms of data subjects.
We comply with legal obligations related to invoice issuance, which requires the collection and retention of registration data (CPF, CNPJ, address) for tax purposes.
The Platform uses session cookies to authenticate and keep your account logged in, as well as cookies generated by analytics tools, such as Google Analytics, which collect information about how you browse and interact with the website. If you prefer, you can adjust your browser settings to block or alert you about cookies. However, some functionalities may be limited if you do so.
Third-party services like Google Ads may generate advertising cookies to display more relevant ads. We also use internal tools (Prometheus, Grafana, Sentry) to monitor performance and detect errors, but they do not aim to personally identify the user, focusing instead on infrastructure and performance metrics.
In order to enable payments, invoice issuance, and user authentication, we share personal data with partners:
Data may be processed or stored outside of Brazil, such as in the United States, using top-tier cloud infrastructure. We adopt security and data protection practices in compliance with applicable legislation for these transfers.
Registration data (name, email, CPF or CNPJ, address) remain stored as long as the account is active. Access logs (queries on the Platform, API) are retained for 45 days for security and auditing purposes.
If you request your account to be deleted, access is immediately revoked. Registration data is kept for up to 30 days, after which it is permanently erased from our systems, except where there is a legal obligation to maintain specific information.
Invoices issued by CNPJá cannot be deleted, as tax legislation requires their retention for an indefinite period or as stipulated by law.
You may access, update, or delete your personal data through the settings panel on the website or by contacting our DPO directly. In situations where legal or contractual obligations require retention, certain information may not be immediately deleted.
You may request the portability of your data in a structured, commonly used format. At any time, consent for receiving newsletters can be withdrawn, either via the system itself or by using the link in the footer of the emails.
CNPJá implements security procedures such as daily backups, the use of firewalls, and restricted access control for the IT leadership, to prevent unauthorized access, alteration, or disclosure of stored personal data.
In the event of significant incidents that may pose risks to data subjects, we will notify the competent authorities, including the Brazilian National Data Protection Authority (ANPD), as well as the users themselves, in accordance with legal requirements.
The Platform displays information about companies, such as CNPJ and partner data, obtained from public databases and cached. Users must use this information in compliance with the LGPD and other applicable laws. The use of such data for commercial prospecting or any other purpose involving direct contact with third parties is the sole responsibility of the user.
There is no age restriction for using the Platform. However, given the nature of the Services and the requirement to provide data such as CPF or CNPJ, the expectation is that the user has full legal capacity. If minors choose to use the Platform, supervision by a guardian is recommended.
CNPJá may update this Privacy Policy at any time, whether to comply with legal changes or to reflect improvements and updates to our Services. We will notify you of significant changes through the Platform itself, by email, or other channels. Continued use after these changes are made public indicates acceptance of the new terms.
If you have any questions, requests, or complaints regarding this Privacy Policy or the processing of your personal data, you can contact our Data Protection Officer (DPO) at dpo@cnpja.com .
By using our Services, you confirm that you have read, understood, and agree with this Privacy Policy.