Privacy Policy
6/18/2026
Privacy Policy
Last updated: June 18, 2026
CodeBazaar ("we") respects your privacy and is committed to processing personal data transparently and in accordance with the Brazilian General Data Protection Law (LGPD β Law 13.709/2018), the GDPR (where applicable) and other applicable regulations.
1. Data we collect
1.1 You provide directly
- Registration data: name, email, password (encrypted), username.
- Author data: bank details, tax ID, identity documents for KYC.
- Content: Items, descriptions, reviews, support messages.
1.2 Collected automatically
- Access logs: IP, user-agent, pages visited, session duration.
- Cookies and similar technologies (see Section 7).
- Aggregated transaction data.
1.3 From third parties
- Payment confirmation data from gateways (Stripe, Mercado Pago).
- OAuth profile data when you log in via Google/GitHub.
2. Purposes
We use the data to:
- Operate the Platform (auth, sales, payouts, support).
- Comply with tax, accounting and regulatory obligations.
- Prevent fraud, abuse and security incidents.
- Improve the product (analytics, A/B testing β always aggregated).
- Send transactional and, with consent, marketing communications.
3. Legal bases (LGPD)
- Performance of contract: account, sales, payouts, support.
- Legal obligation: invoicing, regulatory retention.
- Legitimate interest: anti-fraud, security, product improvement.
- Consent: marketing, optional cookies.
4. Sharing
We share data only with:
- Operating partners: payment gateways, infrastructure (Supabase, Cloudflare), transactional email, support tooling β bound by data-processing agreements.
- Authorities: under court order or legal obligation.
- Business succession: in case of merger, acquisition or sale of assets, with prior notice.
We do not sell personal data.
5. International transfers
Some partners are headquartered outside Brazil. We adopt safeguards (standard contractual clauses, adequacy under GDPR/LGPD) for international transfers.
6. Retention
- Active account data: while the account exists.
- Transactions: 5 years (Civil Code) and 10 years (tax law) after the event.
- Access logs: 6 months (Marco Civil da Internet).
- Support messages: 2 years after resolution.
7. Cookies
We use cookies to:
- Strictly necessary: session, anti-fraud (cannot be disabled).
- Analytics: anonymous metrics on use (optional).
- Marketing: only with consent.
Manage preferences in the cookie banner footer.
8. Your rights (LGPD Art. 18)
You may, at any time:
- Confirm processing and access data.
- Correct incomplete or outdated data.
- Anonymize, block or delete unnecessary data.
- Port data to another provider.
- Withdraw consent.
- Lodge a complaint with the National Data Protection Authority (ANPD).
To exercise: privacy@codebazaar.app (reply within 15 days).
9. Security
We adopt technical and administrative measures: encryption in transit (TLS) and at rest, RLS in the database, strict access control, periodic audits, incident response plan, anonymized backups.
In case of an incident, we notify the ANPD and affected holders within a reasonable timeframe, as required by law.
10. Minors
The Platform is not intended for those under 18. If we identify under-age accounts, we delete them immediately.
11. Changes
Material changes will be communicated 30 days in advance. The "Last updated" date at the top reflects the most recent version.
12. DPO contact
Data Protection Officer: dpo@codebazaar.app