Privacy Policy

2026-06-12

This policy transparently describes what data this site collects, why, who it is shared with, and your rights, in compliance with the Brazilian General Data Protection Law (LGPD — Law 13,709/2018).

1. Controller

The data controller is Matheus Lucas (individual), reachable at [email protected]. This is also the channel to exercise any of the rights described in section 7.

2. What data is collected

Data	When	Purpose	Legal basis (LGPD)
Name, email, subject and message	When you submit the contact form	Replying to your message	Preliminary procedures at the data subject’s request (art. 7, V)
Page visited, title, referrer, campaign parameters (UTM) and a pseudonymized identifier derived from the IP	While browsing, only after your consent in the banner	Audience measurement (visits, most accessed pages and links)	Consent (art. 7, I)
IP address and technical request data (logs)	Automatically, by the server	Security, abuse prevention and troubleshooting	Legitimate interest (art. 7, IX)

What does “pseudonymized identifier” mean? Your IP is never stored. It goes through an irreversible cryptographic function combined with a secret that changes every day. This lets us count unique visitors within a day, but it is technically impossible to reconstruct your IP or follow the same visitor across days.

3. What we do NOT do

No tracking cookies, no cross-site tracking.
No selling or sharing data with third parties for advertising.
No third-party analytics (Google Analytics, Meta Pixel, etc.).
Fonts and libraries are served by this site itself — your IP is not exposed to external CDNs while browsing.

4. Local storage

The site stores in your browser only: your consent choice (lgpd_consent) and, on the article reading page, any annotations you make (kept on your device only, never sent to the server).

Service	What it receives	Why	Notes
Resend (USA)	Name, email and message from the contact form	Email delivery to the site owner	International transfer (art. 33); acts as processor
Hosting provider	Technical logs (IP, user agent)	Infrastructure operation	Acts as processor
Google (optional)	Only if you choose to use “Sign in with Google” on the form	Auto-fill name/email	Fully optional; subject to Google’s policy

6. Retention

Contact messages: kept as long as needed to handle the conversation.
Audience events: automatically deleted after 1 year.
Server logs: kept for up to 30 days.

7. Your rights (LGPD art. 18)

You may request at any time: confirmation of processing; access; correction; anonymization, blocking or deletion; portability; information about sharing; and withdrawal of consent (just decline/clear the banner or contact us). To exercise any right, write to [email protected].

8. Security

We apply measures proportional to the risk: encrypted transport (HTTPS), identifier pseudonymization, data minimization, admin access control and rate limiting against abuse.

9. Changes

This policy may be updated to reflect site changes. The last revision date appears at the top of the page.