Privacy Policy
This policy explains how Só de Praias processes personal data when you browse, search, and interact with the site. It also describes the use of third-party services (such as ads, analytics, and comments) when enabled.
Scope
This applies to your use of the site and to data processed during browsing. External content (partner sites, videos, maps, and other embeds) is governed by each provider’s own policies.
Controller and contact channel
The data controller is Só de Praias. For privacy requests (data subject rights, questions, complaints), please use the site’s contact page. (Contact)
Data we may process
- Technical and security data: IP address, user-agent, access logs, and error events (for stability and abuse prevention).
- Usage/measurement data: pages visited and aggregated events (when analytics tools are enabled).
- Advertising data: information required to display and measure ads (when ads are enabled).
- Data you provide: messages sent via the contact form; comments, if the comments area is enabled.
Legal bases (LGPD)
- Consent: when applicable (e.g., non-essential cookies, advertising/measurement, and comments, when enabled).
- Legitimate interest: for security, fraud/abuse prevention, and service improvement, with minimization and proportionality.
- Legal/regulatory obligation: when required.
Third-party services
The site may integrate third-party services for specific features. When enabled, those services may collect data and set cookies under their own policies.
- Advertising (e.g., Google AdSense).
- Analytics/measurement (e.g., Google Analytics or equivalent).
- Comments (e.g., Giscus/GitHub).
- Embeds and utilities (e.g., maps, videos, iframes), when present on specific pages.
Retention
We retain data only as long as needed for the purposes described here, respecting legal requirements and data minimization practices (e.g., limited retention for security logs).
Data subject rights
- Confirm processing and access data.
- Correct incomplete, inaccurate, or outdated data.
- Request anonymization, blocking, or deletion when applicable.
- Request portability when applicable.
- Withdraw consent when processing relies on consent.
- Information about sharing and about the option not to consent.
Security
We apply technical and organizational measures to reduce risk (e.g., data minimization, access control, and security best practices). No system is 100% secure; if you spot vulnerabilities, please contact us.
Changes to this policy
We may update this policy to reflect site changes and legal requirements. The update date will be revised on this page.