1. Who we are

Dibs Solutions is a technology agency based in Natal — RN, Brazil. Our institutional website presents our services and captures contacts from potential clients to respond to quote and partnership requests.

Data controller: Rafael Mendonça — rafael@dibs.solutions

2. Data we collect

We exclusively collect data voluntarily provided by you through the contact form:

We do not collect sensitive data (racial origin, religious belief, health, biometric data, etc.). We do not collect data from minors.

Legal basis: Your explicit consent (Art. 7, I of LGPD) by checking the checkbox on the contact form.

• Full name
• Company name
• Email address
• Phone number (optional)
• Service of interest
• Descriptive project message

3. Cookies

We use essential cookies for the website's operation. No tracking, advertising or third-party cookies are used.

Cookies used:

You may refuse non-essential cookies and manage preferences at any time in your browser settings. At any time you may revoke your consent by contacting us.

• theme — Stores your theme preference (light/dark). Duration: 1 year.
• cookie-consent — Records your choice regarding the cookie notice. Duration: 1 year.

4. Purpose of processing

Your data is used exclusively for:

We do not use your data for unsolicited marketing. We do not perform automated decisions based on your data (profiling).

• Responding to your contact and quote request
• Sending information about the service you are interested in
• Improving our communication and service

5. Data sharing

We do not share your data with third parties. Your data is accessible only by the controller (Rafael Mendonça) and, when necessary, by Dibs Solutions' AI agents who exclusively work on responding to your contact.

We do not transfer data internationally. All data remains within Brazilian territory.

We do not sell your data under any circumstances.

6. Storage and retention

Your data is stored in a password-protected email account with two-factor authentication and in a local spreadsheet in a secure environment. We retain your data for the period necessary to fulfill your request and for up to 12 months after the last contact for commercial record purposes.

After this period, data is permanently deleted or anonymized.

7. Your rights (LGPD — Law 13.709/2018)

You have the right to:

To exercise any of these rights, contact: rafael@dibs.solutions. We will respond within 15 business days as provided by LGPD.

• Confirmation and access — Know whether we process your data and access it
• Correction — Request correction of incomplete or outdated data
• Deletion — Request deletion of your data at any time
• Portability — Request transfer of data to another provider
• Consent withdrawal — Withdraw your consent at any time
• Opposition — Object to processing for specific purposes
• Information — Know about data sharing and the purpose of data use

8. Security

We adopt technical and organizational security measures to protect your data against unauthorized access, destruction, loss or alteration:

• HTTPS connection with TLS 1.3 encryption
• Security headers (CSP, HSTS, X-Frame-Options, X-Content-Type-Options)
• Restricted data access only to the controller
• Two-factor authentication on access accounts
• Periodic data backup in an isolated environment

9. Changes to this policy

This policy may be updated periodically. We recommend reviewing it on each visit. Significant changes will be communicated through a notice on the website. Version history is available upon request.

10. Contact the officer (DPO)

For data protection-related questions, contact our officer:

Rafael Mendonça
rafael@dibs.solutions
Natal — RN, Brazil