Privacy Policy

Last updated: March 2026

1. Introduction

Engagetrix ("we", "our", "us") is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR) and the Brazilian Lei Geral de Proteção de Dados (LGPD). This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform.

2. Data We Collect

  • Account data: name, work email address, job title
  • Organization data: company name, department structure, org hierarchy
  • Survey responses: collected anonymously — individual responses are never linked to a specific person (anonymity threshold enforced)
  • Usage data: page views, feature usage, error logs
  • Billing data: handled by Stripe (international) or Asaas (Brazil) — we do not store full payment card details

3. Legal Basis for Processing

  • Contract performance: to deliver the service you subscribed to
  • Legitimate interest: platform security, fraud prevention, product improvement
  • Legal obligation: compliance with applicable law
  • Consent: for optional analytics cookies (you may withdraw at any time)

4. Data Retention

We retain account data for as long as your account is active and for up to 90 days after deletion. Survey response data (aggregated) may be retained for analytical purposes in anonymised form. You may request deletion at any time via your account settings.

5. Your Rights

Under GDPR and LGPD you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to processing or request restriction
  • Data portability (receive your data in a structured format)

To exercise these rights, use the Profile → Export my data or Delete account options in your account settings, or email us at privacy@engagetrix.com.

6. Cookies

We use strictly necessary cookies (session, authentication, locale preference) and optional analytics cookies. You can manage your cookie preferences via the cookie banner shown on your first visit.

7. Third-Party Services

  • Resend — transactional email delivery
  • Stripe — payment processing (international)
  • Asaas — payment processing (Brazil)
  • Supabase — database hosting (EU region available)
  • Upstash — Redis cache

8. Contact

If you have questions about this policy, contact our Data Protection Officer at privacy@engagetrix.com.