Privacy Policy

Last Updated: March 10, 2026

The Caxiason portal establishes this Privacy Policy with the purpose of reaffirming its commitment to security, transparency, and respect in the processing of user data. This document details how data is processed, in strict compliance with the Brazilian General Data Protection Law (Law No. 13.709/18 – LGPD) and the global Google Publisher Policies guidelines.

1. TRANSPARENCY: WHO IS RESPONSIBLE FOR THIS PORTAL?

1.1. Identification of the Data Controller

This financial news and education portal is owned and operated by SPUN MIDIA LTDA, registered under CNPJ No. 43.629.487/0001-89, with administrative headquarters in Rio Grande do Sul, Brazil. For legal purposes, this company is the “Data Controller” of the collected data.

1.2. Communication Channel (DPO)

In compliance with Article 41 of the LGPD, we have appointed a Data Protection Officer (DPO) to serve as the communication channel between the portal, users, and the Brazilian National Data Protection Authority (ANPD). Requests may be sent to: [email protected]

2. TARGET AUDIENCE AND AGE RESTRICTION

2.1. Scope

This Privacy Policy applies to all individuals who access any website, portal, or digital platform owned by SPUN MIDIA LTDA or companies belonging to its holding and economic group.

2.2. Adults Only

The financial education and news content on this portal is designed and intended exclusively for individuals over 18 (eighteen) years of age.

2.3. Protection of Minors

We do not intentionally collect or request data from children or minors. If the system identifies the registration of a minor, all associated data will be immediately deleted from our databases, without prior notice, in order to guarantee the best interests of the minor in accordance with Article 14 of the LGPD.

3. DATA CATEGORIES AND PURPOSES OF PROCESSING

We process only the data strictly necessary for the operation of the portal, divided as follows:

3.1. Personal Data Provided by Users

Data:

  • Full name; and

  • Email address.

Purpose: Registration in our mailing list for newsletters, market alerts, educational materials, and email marketing in general.

Legal Basis: Free and Explicit Consent (Art. 7, I, LGPD).

3.2. Automatically Collected Data

  • IP address

  • Browser used

  • Operating system

  • Pages accessed

  • Time spent on the website

  • Website interactions

  • Cookie information and online identifiers

Purpose: Identification of access for cybersecurity purposes, fraud prevention, and compliance with legal obligations regarding log retention.

Legal Basis: Legal Obligation (Art. 15 of the Brazilian Internet Civil Framework) and Fraud Prevention (Art. 11, II, “g” of the LGPD).

3.3. Browsing and Profiling Data (Cookies)

Data:

  • Page view history;

  • Banner interactions; and

  • Time spent on the website.

Purpose: Statistical audience analysis and advertising personalization through interest-based segmentation.

Legal Basis: Legitimate Interest (Art. 7, IX, LGPD).

4. ADVERTISING, GOOGLE ADS, AND THIRD PARTIES

To ensure free access to our content, we use third-party advertising technologies.

4.1. Third-Party Providers

Google, as an advertising provider, uses cookies to display advertisements on our portal based on previous visits by users.

4.2. Advertising Cookies

The use of these cookies allows Google and its partners to display relevant advertisements based on your interests and browsing history.

4.3. User Control

You have the right to disable personalized advertising by accessing Google Ads Settings.

5. DATA SHARING WITH THIRD PARTIES AND COLLABORATORS

5.1. Employees and Collaborators

Access to your information is restricted to collaborators and employees of the Data Controller who have a legitimate need to access it in order to perform their technical and administrative duties. All collaborators are subject to strict confidentiality clauses and data protection training.

5.2. Limitation of Use

We require all service providers to use shared data exclusively for the purposes described in this Privacy Policy, and the use of such information for their own purposes or its sale to third parties is prohibited.

5.3. Judicial Requests

We reserve the right to share data with police, judicial, or administrative authorities if required by law or by a specific court order.

6. DATA RETENTION PERIOD AND DATA LIFECYCLE

We respect the principle of necessity, retaining data only for as long as necessary.

6.1. Personal Data

Name and email remain in our active database for as long as the user remains interested in our content. Deletion occurs after an opt-out or deletion request, processed as quickly as possible.

6.2. Connection Logs

Stored strictly for at least 06 (six) months, as required by the Brazilian Internet Civil Framework.

6.3. Tracking Data

Cookies may have varying durations and may remain active for up to 24 months.

6.4. Exceptional Retention

We may retain information beyond the periods mentioned above solely to comply with legal obligations, court orders, or defense in administrative proceedings.

7. INTERNATIONAL TRANSFER AND SECURITY

7.1. Global Infrastructure

As we use international cloud services and analytics tools (such as Google servers), your personal data may be processed outside Brazilian territory. We ensure that these providers follow international privacy and security standards.

7.2. Security Protocols

We implement robust technical measures, including HTTPS (SSL/TLS) encryption protocols, to ensure that communications between your device and our servers remain private and secure.

8. DISCLAIMER AND AFFILIATE LINKS

8.1. External Navigation

Our portal is educational and informational. By clicking on links to banks or financial institutions, you may be redirected to external websites.

8.2. Limitation of Liability

We have no control over the privacy practices of third-party websites. Once the user leaves our domain, responsibility for data processing belongs exclusively to the destination website. We recommend that users always review the Privacy Policies of the websites they visit.

9. DATA SUBJECT RIGHTS

In accordance with Article 18 of the LGPD, users (or their legal representatives) have the following rights:

  • Confirmation and Access: Know which data we process and request a copy of it.

  • Correction: Request updates to incomplete or inaccurate information.

  • Deletion: Request deletion of data collected under consent.

  • Withdrawal of Consent: Cancel authorization for email marketing at any time.

To exercise any of these rights, please use the official DPO contact channel: [email protected]

To revoke consent, users may also use the opt-out option available in our emails.