Privacy Policy
February/2026
TUGGI Technologies values your privacy. This policy describes how we collect, use, protect, and handle your data, in strict compliance with the General Data Protection Law (LGPD - Brazil) and the General Data Protection Regulation (GDPR - European Union).
1. Data We Collect
For TUGGI to function as your cultural copilot, we collect minimal and essential information:
- Account and Authentication Data: When creating an account via email or partner providers (Google, Apple, Facebook), we receive basic profile data (Name, Email, and user ID generated by our secure Supabase infrastructure).
- Geolocation Data (GPS): TUGGI requires real-time location access (including in the background) to trigger audio exactly when you cross a Point of Interest (POI).
- Usage and Telemetry Data: We collect information about application interactions, such as which audios were played, selected languages, and system stability metrics.
2. How We Use Your Data (Anonymized Telemetry)
- Service Operation: We use your location strictly to calculate the direction vector and proximity to cultural triggers, ensuring audio delivery at the correct timing.
- Territorial Intelligence (The B2G Standard): Geolocation and audio playback data are de-linked from your personal identity (anonymized) before being stored for flow analysis. We provide aggregated reports to Governments and Rental Companies (e.g., "How many plays occurred at monument X today") without ever exposing who the user was. We track cultural flows, not individuals.
3. Data Sharing
- We do not sell your data. TUGGI does not trade Personally Identifiable Information (PII) with data brokers or ad networks.
- We share data only with infrastructure providers strictly necessary for the app to function, such as secure cloud services (e.g., Supabase for database/authentication and Google Cloud for the Text-to-Speech engine). These partners operate under strict confidentiality agreements.
4. Security and Retention
- We employ end-to-end encryption in transit and at rest. Access to corporate databases and the City OS dashboard is protected by Role-Based Access Control (RBAC), ensuring data isolation.
- We retain your personal data only for as long as necessary to provide the service. Anonymized telemetry data may be retained permanently for product improvement.
5. Your Rights (LGPD and GDPR)
You have full control over your data. At any time, you can request:
- Access, correction, or portability of your information.
- The revocation of GPS use consent (which will make the app's core functionality impossible).
- The permanent deletion of your account and personal data. To exercise this right, access our Data Deletion Page or use the native function within the app.
6. Contacting the Data Protection Officer (DPO)
If you have questions about this policy or the processing of your data, please contact our Data Protection Officer (DPO) through our Contact page, by selecting the Support option.
7. Children's Privacy
TUGGI does not knowingly collect data from children under 13 without parental consent. If we discover we have collected such data, we will take steps to delete it immediately.