Privacy notice

Last updated: 2026-05-25

How we collect, use and protect the personal data we process while operating Voilatier.

Identification of the controller
What data we collect
What we use it for
Who we share it with
Retention and deletion
Your rights as a data subject
International transfers
Technical security
Cookies and similar technologies
Minimum age
Changes to this notice
DPO contact

1. Identification of the controller

Voilatier Inc. (hereinafter "Voilatier", "we" or "the platform") is a company that operates a SaaS loyalty, customer relationship management (CRM) and customer data platform (CDP) aimed at retail merchants in Latin America. Our main operating address is published at /contact.

For the purposes of this notice, we process personal data in two capacities:

Data controller: the data we collect directly from visitors to our public site and from users of our administration panel (merchant administrators).
Data processor: the end-customer data that our merchants upload to the platform. In that case, the merchant is the controller and this notice is complemented by the Data Processing Agreement (DPA).

2. What data we collect

2.1 From visitors to the public site

Technical data: IP address, user agent, referring page, cookie identifiers (where applicable).
Contact data: if you complete a form, we collect your name, email address, company, number of locations, message and the intent of the contact (demo, sales, trial, etc.).

2.2 From panel users (merchant staff)

Identification data: name, corporate email address, password in encrypted form (bcrypt).
Authentication data: 2FA TOTP codes, trusted devices, access IPs, sign-in timestamps.
Activity log: actions performed in the panel, associated with the user, timestamp and IP, in accordance with our audit policy (Spatie ActivityLog).

2.3 From the merchant's end customers

Merchants upload their customers' data to operate their loyalty programs. This includes: name, phone, email, date of birth (optional), channel preferences, transaction history, accrued points, tier/segment. This data is stored encrypted at the column level (PII) and accessed via a deterministic hash (HMAC-SHA256) for O(1) identification without decrypting records in bulk.

3. What we use it for

Operate the service: authenticate users, run earning rules, send campaigns, display analytics.
Support and onboarding: answer queries, send transactional emails (welcome, password recovery, team invitations).
Security: detect abuse, prevent fraud, maintain the audit log.
Legal compliance: respond to legitimate requests from competent authorities.
Product improvement: aggregated and anonymized panel usage metrics (which features are adopted, where there is friction). We never use identifiable personal data for internal analysis.

We never sell personal data or use it for advertising profiling outside the platform.

4. Who we share it with

We work with a limited set of subprocessors to operate the service. Each is contractually bound to meet standards equivalent to this notice (appropriate technical and organizational measures, confidentiality, breach notification).

Resend — sending transactional and marketing emails.
LabsMobile — sending SMS messages.
Meta Platforms — sending WhatsApp messages via the Cloud API.
Cloudflare — CDN, CAPTCHA (Turnstile) and DDoS protection.
AWS / DigitalOcean — infrastructure hosting and data storage.
Stripe — processing the merchant's subscription payments (does not process end-customer data).
Anthropic — language models for optional assisted-writing features; prompts do not persist identifiable personal data.

An up-to-date list is available upon request by writing to [email protected].

5. Retention and deletion

Public-site lead data: 24 months from the last contact, unless the lead requests deletion sooner.
Panel data: while the merchant account is active, plus 90 days after cancellation to allow recovery. After that it is deleted or anonymized.
End-customer data: in accordance with the merchant's instructions (configurable per tenant). We support soft anonymization that preserves aggregates without PII (the anonymized_at field) and full deletion upon a verified request.
Audit logs: 12 months by default, with the option to extend up to 36 months on an enterprise plan.
Billing accounting records: 7 years per tax obligation (Panama).

6. Your rights as a data subject

Under the GDPR (EU), LGPD (Brazil) and local Latin American laws, you have the right to:

Access: know what data of yours we process.
Rectification: correct inaccurate or outdated data.
Erasure: request the deletion of your data.
Portability: receive your data in a structured format (CSV).
Objection: object to processing based on legitimate interest.
Restriction: restrict processing in specific scenarios.
Not be subject to individual automated decisions with significant legal effects.

To exercise any of these rights, write to [email protected]. We respond within a maximum of 30 calendar days. If your request requires action by the merchant that operates your account (for example, deleting all your data from its loyalty program), we will guide you on how to channel it.

7. International transfers

Due to the nature of our subprocessors, some of your data may be processed in jurisdictions outside Latin America, mainly the United States and the European Union. All transfers are protected by the European Commission's standard contractual clauses (SCCs) or by equivalent mechanisms recognized by local data protection authorities.

8. Technical security

Encryption in transit: TLS 1.2+ mandatory on all public and API endpoints.
Encryption at rest: PII (phone, email) encrypted at the column level; the rest at the disk level (LUKS / volume encryption).
Password hashing: bcrypt with a configurable cost factor (minimum 10).
Two-factor authentication: mandatory for administrative roles (standard TOTP).
Audit log: every significant action is recorded with the user, IP and timestamp.
Tenant isolation: strict logical separation at the application level; no query can cross company_id without going through an explicit exception.
Backups: daily, retained for 30 days, encrypted.
Testing: annual third-party penetration tests (starting in 2027).

9. Cookies and similar technologies

We use cookies that are strictly necessary for the site to work (session, CSRF, language preferences) and anonymized analytics cookies to understand which pages are visited most. We do not use third-party advertising cookies. You can disable analytics cookies from your browser without affecting the site's functionality.

10. Minimum age

Voilatier is a platform aimed at merchants and professionals. We do not knowingly collect data from people under 18 years of age. If you believe a minor has provided personal data, write to us so we can delete it.

11. Changes to this notice

We may update this notice from time to time. The "Last updated" date at the top reflects the current version. For material changes we will notify each account's administrators by email at least 15 days in advance.

12. DPO contact

For any privacy or data protection matter:

Email: [email protected]
Suggested subject: [Privacy] followed by your request.

If you are not satisfied with our response, you may file a complaint with the data protection authority in your jurisdiction.