Privacy Policy

Last updated: March 18, 2026

1. Introduction

Nextool Soluções em TI LTDA ("Nextool Solutions", "we" or "our") respects the privacy of users who access the website nextoolsolutions.ai. This Privacy Policy describes what personal data we collect, how we use it, with whom we share it, and what your rights are as a data subject, in compliance with the LGPD (Brazilian General Data Protection Law – Law No. 13,709/2018).

By using our website, you acknowledge that you have read and understood this Policy. If you do not agree with any of the terms described herein, we recommend that you do not use the website.

2. Data We Collect

2.1 Personal data provided by you

When you fill out the contact form on our website, we collect the following information:

  • Full name
  • Email address
  • Phone number
  • Message subject
  • Message content

2.2 Technical data collected automatically

During browsing, our servers may automatically log technical information, including:

  • IP address
  • User-Agent (browser and operating system identification)
  • Browser type and version
  • Pages accessed and access timestamps

3. How We Use Your Data

The data collected is used exclusively for the following purposes:

  • Create a support ticket in our management system (GLPI), so we can respond to your request
  • Contact you to answer questions, requests, or business proposals
  • Improve the browsing experience and website performance
  • Ensure the security and integrity of the website against unauthorized access

4. Legal Basis for Processing (LGPD)

The processing of your personal data is based on the following legal grounds provided by the LGPD:

  • Consent (Art. 7, I): by submitting the contact form, you consent to the processing of the provided data for the purpose of customer service.
  • Legitimate interest (Art. 7, IX): for recording security logs (IP address, user-agent) aimed at protecting the website against attacks and fraud.
  • Contract performance or pre-contractual steps (Art. 7, V): when the contact aims at contracting our consulting, plugin, or infrastructure services.

5. Cookies and Similar Technologies

Our website uses local storage technologies and third-party cookies as described below:

5.1 Necessary storage

  • Theme preference (localStorage): we store your choice between light and dark mode locally in your browser. No data is sent to external servers.

5.2 Functional third-party cookies

  • Giscus (GitHub): blog commenting system based on GitHub Discussions. It does not use its own cookies. If you sign in via GitHub to comment, session cookies are managed directly by GitHub according to its privacy policy.
  • Cloudflare Turnstile: used as a CAPTCHA verification mechanism on the contact form, to protect against automated submissions. It may store cookies required for validation. See Cloudflare's privacy policy at cloudflare.com/privacypolicy.

We currently do not use third-party tracking or analytics cookies. Should this change in the future, this Policy will be updated.

6. Sharing with Third Parties

Your data may be processed by the following third-party services, exclusively for the purposes described:

  • Cloudflare: provides CDN (content delivery network) and security protection for the website. Technical access data (IP, HTTP headers) may be processed by Cloudflare in accordance with its privacy policy.
  • GitHub (Giscus): platform used for the blog commenting system via GitHub Discussions. When commenting, your data is processed by GitHub in accordance with its privacy policy at github.com/privacy.
  • GLPI (self-hosted): ticket management system used internally. Data from the contact form is sent to our own GLPI instance, hosted on infrastructure controlled by us. There is no transfer to third-party servers.

7. Data Retention

The retention periods for your data follow these criteria:

  • Contact form data: retained in the GLPI system while the support ticket is active or while there is a legitimate need to maintain records for contractual or legal purposes.
  • Access logs (IP, user-agent): retained for a limited period for security and technical diagnostic purposes, in accordance with the requirements of the Brazilian Internet Civil Framework (Law No. 12,965/2014).

8. Your Rights (Art. 18 of the LGPD)

As a data subject, you have the following rights, which may be exercised at any time:

  • Confirm the existence of data processing and access your personal data
  • Request the correction of incomplete, inaccurate, or outdated data
  • Request the deletion of personal data processed based on consent
  • Request the portability of your data to another service provider
  • Obtain information about which entities your data has been shared with
  • Revoke consent at any time, without affecting the lawfulness of processing carried out previously
  • Object to processing based on legitimate interest, where applicable

To exercise any of these rights, send an email to the address indicated in the contact section below, identifying yourself and detailing your request. We will respond within the timeframe prescribed by law.

9. Security Measures

We adopt technical and organizational measures to protect your personal data, including:

  • HTTPS connection with SSL/TLS certificate on all website pages
  • Data storage on servers with encryption and access controls
  • Restriction of access to personal data to authorized personnel only
  • Regular security updates across the entire infrastructure

10. Changes to This Policy

We reserve the right to update this Privacy Policy at any time. In the event of significant changes, the "last updated" date at the top of this page will be revised. We recommend that you check this page periodically.

11. Contact

For questions related to this Privacy Policy, personal data processing, or exercising your rights as a data subject, please contact us:

Email: contato@nextoolsolutions.ai

Need help?