Privacy Policy – BOSQ.DEV Last updated: November 19, 2025 1. About this Policy This Privacy Policy describes how BOSQ.DEV, operated by J. V. B. Severo Software Ltda, CNPJ No. 49.391.492/0001-82, headquartered in Porto Alegre/RS, Brazil, processes personal data related to the use of the bosq.dev website. Data processing is carried out in accordance with applicable Brazilian law, in particular the Brazilian General Data Protection Law (Law No. 13.709/18 – LGPD). By using the website, visitors acknowledge that they have read and understood this Privacy Policy and the Terms of Use available at bosq.dev/termos. 2. Personal data processed 2.1. Data voluntarily provided We collect and process the personal data provided directly by visitors when they fill in contact forms or request meetings, such as: - name; - email address; - company or organization; - information freely inserted in the message or project details; - any preferred dates/times submitted for meeting scheduling. 2.2. Technical and security data To protect against spam, abuse, and automated misuse of forms, the website uses the Google reCAPTCHA service, which may automatically collect technical information such as: - IP address; - information about device and browser; - date and time of the interaction; - browsing behavior data necessary to distinguish between humans and automated scripts. These data are collected and processed primarily by Google, as the provider of the reCAPTCHA service, in accordance with its own Terms of Service and Privacy Policy. 2.3. Cookies and similar technologies The bosq.dev website uses cookies and similar technologies for the following purposes: **Essential Cookies:** Cookies strictly necessary for the operation of the website and Google reCAPTCHA may be used, with management of these technologies carried out by Google itself. **Analytics Cookies (Google Analytics):** We use Google Analytics, a web analytics service provided by Google LLC, to understand how visitors interact with our website. Google Analytics uses cookies to collect information such as: - Pages visited and time spent on each page; - Browser type, device type, and operating system; - Geographic location (city and country level); - Traffic sources (how you arrived at our website); - Anonymous user interactions and navigation patterns. Google Analytics cookies used include `_ga` and `_ga_<container-id>`, which are persistent cookies stored on your device. **IP Anonymization:** We have enabled IP anonymization in Google Analytics, which means your IP address is truncated before being stored or processed, enhancing your privacy. **Data Retention:** Analytics data collected through Google Analytics is retained for 14 months by default, after which it is automatically deleted. **Cookie Consent:** Upon your first visit to the website, you will be presented with a cookie consent banner. Analytics cookies will only be placed on your device after you provide explicit consent by clicking "Accept." You can withdraw your consent at any time by clearing your browser cookies and revisiting the site to reject analytics cookies. **Google's Privacy Policy:** The data collected by Google Analytics is processed by Google in accordance with its Privacy Policy, available at https://policies.google.com/privacy. Google may use this data for its own purposes, including improving its services. **Opt-Out Options:** You can opt out of Google Analytics tracking by: - Rejecting analytics cookies through our cookie consent banner; - Installing the Google Analytics Opt-out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout; - Adjusting your browser settings to block or delete cookies. 3. Purposes and legal bases We process personal data for the following primary purposes: - responding to contacts, questions, and requests submitted via forms; - scheduling meetings and conducting pre-contractual business discussions for consulting, custom development, integrations, or other technology services; - ensuring the security of the forms and the website, preventing fraud, spam, and automated misuse (through Google reCAPTCHA); - complying with applicable legal or regulatory obligations, including regarding the retention of minimum access records, when required. The main legal bases relied upon, in accordance with the LGPD, are: - performance of pre-contractual procedures or of a contract itself (art. 7, V); - the controller’s legitimate interest in maintaining the security of the website, preventing fraud, and conducting business discussions (art. 7, IX); - compliance with legal or regulatory obligations (art. 7, II), where applicable. 4. Data sharing We may share personal data in the following situations: - with Google, due to the use of the reCAPTCHA service and Google Analytics, which collect and process technical data for security and analytics purposes, in line with Google's Terms of Service and Privacy Policy; - with technology infrastructure providers, such as hosting, email, and other services strictly necessary for operating the website and sending/receiving messages; - with public authorities, regulators, or other third parties when necessary to comply with legal or regulatory obligations, court orders, or to exercise or defend rights. We do not sell, rent, or commercially exploit visitors' personal data. **International Data Transfers:** Google Analytics data may be transferred to and processed in the United States and other countries where Google operates. Google is committed to complying with applicable data protection laws and has implemented appropriate safeguards for international data transfers. 5. Data retention Personal data provided through contact forms are used to respond to visitors, hold meetings, and initiate commercial discussions. Information may remain stored in corporate email inboxes or communication systems used by BOSQ.DEV for as long as necessary to: - maintain a record of the business relationship; - comply with limitation periods and legal or regulatory obligations; - safeguard rights in potential administrative or judicial proceedings. When data are no longer needed for the purposes above, they may be deleted, anonymized, or have access to them restricted, subject to applicable legal requirements. 6. Information security BOSQ.DEV adopts appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or destruction. However, no digital environment is entirely immune to incidents. Visitors should therefore adopt good security practices, such as: - not sharing sensitive or confidential information beyond what is strictly necessary in the forms; - keeping devices and browsers up to date; - avoiding the use of public or untrusted networks when submitting information. 7. Digital services, SaaS, and APIs In the future, BOSQ.DEV may make services available through the website or other digital platforms, including, but not limited to, Software as a Service (SaaS) solutions, APIs for consumption, dashboards, web platforms, integrations, or other cloud applications. In such cases, specific terms of use, contracts, and privacy notices may be presented to complement this Policy and detail the processing of personal data associated with those services. 8. Contact If you have any questions about this Privacy Policy or about the processing of personal data, or if you wish to exercise your rights as a data subject, please contact BOSQ.DEV at: **contact@bosq.dev**. 9. Updates to this Policy This Privacy Policy may be updated at any time to reflect legislative, regulatory, or technological changes, or changes to the services offered by BOSQ.DEV. Visitors are encouraged to reread this page periodically so they remain informed about how their personal data are processed. In the event of discrepancies between translations, the Portuguese version of these documents shall prevail for all legal purposes.