Back to Support

Privacy Policy

MandaZap - Data Protection and Privacy

Document Information

Last updated: November 1, 2025

Version: 3.0

Compliance: LGPD, GDPR

1. Introduction

Manda4 Tecnologia Ltda. ("Manda4", "we" or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store and protect your information when you use MandaZap.

This policy applies to all MandaZap users and complies with Brazil's General Data Protection Law (LGPD) and the European Union's General Data Protection Regulation (GDPR).

2. Information We Collect

2.1 Account Data

  • Full name and contact information
  • Email address and phone number
  • Company information (name, tax ID, address)
  • Billing and payment data

2.2 Usage Data

  • Access logs and system activity
  • IP addresses and device information
  • Browsing data and preferences
  • Usage and performance metrics

2.3 WhatsApp Business Data

  • Messages sent and received (as configured)
  • Contacts and broadcast lists
  • Shared media (images, documents, audio)
  • Conversation metadata

2.4 Integration Data

  • Information synchronized with Bitrix24
  • CRM and lead data
  • Customer interaction history

3. How We Use Your Information

3.1 Service Provision

  • Provide and maintain the MandaZap service
  • Process and manage your account
  • Facilitate communication via WhatsApp Business API
  • Synchronize data with integrated systems

3.2 Service Improvement

  • Analyze usage and performance for improvements
  • Develop new features and functionalities
  • Personalize user experience

3.3 Communication

  • Send important service notifications
  • Provide technical support
  • Inform about updates and new features

3.4 Legal Compliance

  • Comply with legal and regulatory obligations
  • Respond to requests from authorities
  • Protect Manda4's rights and property

4. Legal Basis for Processing

We process your personal data based on the following legal bases:

  • Contract performance: To provide contracted services
  • Consent: When you give us specific permission
  • Legitimate interest: To improve our services and security
  • Legal obligation: To comply with legal requirements

5. Data Sharing

5.1 We Don't Sell Your Data

Manda4 never sells, rents or commercializes your personal data to third parties.

5.2 Authorized Sharing

We may share data only in the following situations:

  • Service Providers: With partners who help us operate the service
  • Meta/WhatsApp: As necessary for WhatsApp Business API
  • Bitrix24: For integration functionalities
  • Legal Obligations: When required by law or court order

6. Data Security

Security Measures

  • ✓ End-to-end encryption for messages
  • ✓ SSL/TLS encryption for data transmission
  • ✓ Two-factor authentication (2FA)
  • ✓ Continuous security monitoring
  • ✓ Secure and redundant backups
  • ✓ Role-based access control

7. Data Retention

We keep your personal data only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law.

  • Account data: During subscription period + 5 years
  • Messages: As per user configuration (default: 1 year)
  • System logs: 2 years for security purposes
  • Financial data: 10 years (as per tax legislation)

8. Your Rights

You have the following rights regarding your personal data:

8.1 GDPR/LGPD Rights

  • Access: Request information about your data
  • Rectification: Correct incomplete or incorrect data
  • Erasure: Request removal of unnecessary data
  • Portability: Receive your data in structured format
  • Objection: Object to processing in certain situations
  • Withdrawal: Withdraw consent at any time

8.2 How to Exercise Your Rights

To exercise any of these rights, contact us at [email protected] or through the MandaZap control panel.

9. International Transfers

Some of our service providers may be located outside Brazil. When we transfer data internationally, we ensure adequate protections through:

  • Approved standard contractual clauses
  • Adequacy certifications
  • Other legally recognized safeguards

10. Cookies and Similar Technologies

MandaZap uses cookies and similar technologies to:

  • Keep you logged into the system
  • Remember your preferences
  • Analyze service usage
  • Improve security

You can control cookies through your browser settings.

11. Minors

MandaZap is not intended for individuals under 18 years old. We do not intentionally collect personal data from minors. If we become aware that we have collected data from a minor, we will take steps to delete such information.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by email or through MandaZap. We recommend that you review this policy regularly.

13. Data Protection Officer (DPO)

Our Data Protection Officer is available to clarify questions about this policy and your rights:

Data Protection Officer

Email: [email protected]

Phone: +55 (11) 3000-0000

14. Contact

For questions about this Privacy Policy or your personal data:

Manda4 Tecnologia Ltda.

Email: [email protected]

Support: [email protected]

Website: https://manda4.com.br

Address: [Company address]

Back to Support
View Terms of Use (EULA)Ver em Português