Notice: This document is a translation of the original Privacy Policy written in Portuguese. In case of any divergence, ambiguity, or inconsistency between this translated version and the Portuguese original, the Portuguese version shall prevail.
Last updated: January 16, 2026
1. About this Privacy Policy
This Privacy Policy aims to inform, in an objective and transparent manner, how Miralium Research processes the personal data of data subjects who access our website and use our services.
Miralium Research is a Brazilian information technology services company, registered under the corporate name MIRALIUM SERVICOS EM TECNOLOGIA DA INFORMACAO LTDA, enrolled in the CNPJ under No. 36.099.060/0001-50.
The processing of personal data by Miralium Research is carried out in accordance with Law No. 13,709/2018 (General Personal Data Protection Law – LGPD).
2. What types of personal data do we collect?
2.1. Access data (logs)
When you access our website, certain data is automatically collected to enable the technical operation of the page. This data includes:
- IP address;
- Browser type and version;
- Operating system;
- Date and time of access;
- Pages accessed.
2.2. Analytics and performance data
With your consent, we collect data through Google Analytics for statistical analysis purposes and to improve the browsing experience.
2.3. Data provided by the data subject
When you interact with us through the contact form or the Client Portal, we may collect:
- Full name;
- CPF number;
- Address;
- Email address;
- Company;
- Phone number;
- Position or role;
- Other information you choose to provide.
3. Why and how do we process your personal data?
| Purpose | Data used | Legal basis (LGPD) |
|---|---|---|
| Ensure the technical operation of the website | Access data (logs) | Legitimate interest (art. 7, IX) |
| Analyze performance and improve the browsing experience | Data collected via Google Analytics | Consent (art. 7, I) |
| Respond to requests submitted through the contact form | Data provided by the data subject | Consent (art. 7, I) and execution of preliminary procedures at the request of the data subject (art. 7, V) |
| Manage access and process requests in the Client Portal | Data provided by the data subject | Consent (art. 7, I) and contract execution (art. 7, V) |
| Process requests related to the exercise of data subject rights | Data necessary for identification and response | Compliance with legal obligation (art. 7, II) |
4. Cookies
4.1. What are cookies?
Cookies are small text files stored on your device when you access a website. They allow the site to recognize your preferences and improve your browsing experience.
4.2. Cookies we use
| Cookie type | Purpose | Legal basis |
|---|---|---|
| Strictly necessary cookies | Store browser language preference and ensure essential website functionalities | Legitimate interest (art. 7, IX) |
| Performance and analytics cookies | Collect statistical data about browsing through Google Analytics | Consent (art. 7, I) |
4.3. Cookie management
Performance and analytics cookies are collected only with your consent, which can be provided or revoked at any time through the cookie banner displayed on our website.
You can also configure your browser to block cookies, but this may compromise some website functionalities.
5. How do we obtain your personal data?
We obtain your personal data in the following ways:
- Automatically: access data (logs) and cookies are collected during your browsing;
- Directly from you: when you fill out the contact form, create an account on the Client Portal, or send us communications by email.
6. With whom do we share your personal data?
To enable our operations, your personal data may be shared with the following third parties:
| Third party | Country of origin | Purpose |
|---|---|---|
| Cloudflare, Inc. | United States | Hosting, security, and content delivery for the website |
| Google LLC | United States | Performance analysis and access statistics (Google Analytics) |
| Teijal, Inc. (“Formcarry”) | United States | Processing of contact form submissions |
| Microsoft Corporation | United States | Receiving and managing email communications (Outlook) |
| Atlassian Corporation / Atlassian Pty Ltd | United States / Australia | Client Portal management (Jira Service Management) |
These service providers operate global infrastructure and may process your personal data on servers located outside Brazil. For information about the privacy practices and data location of each provider, please consult their respective privacy policies.
When sharing personal data with third parties, we require that they be processed in accordance with our instructions, with the LGPD, and with appropriate security standards.
7. International data transfers
As indicated in the previous section, some of our service providers operate global infrastructure, which may involve international transfer of personal data.
These transfers are carried out in accordance with art. 33 of the LGPD, based on one or more of the following legal grounds:
- Transfer to countries or international organizations that provide a level of personal data protection adequate to that provided for in the LGPD (art. 33, I);
- Guarantees of compliance with the principles and rights provided for in the LGPD offered by the controller, including specific contractual clauses, standard contractual clauses, binding corporate rules, or seals, certificates, and codes of conduct regularly issued (art. 33, II);
- Specific and prominent consent provided by the data subject for the transfer, with prior information about the international nature of the operation (art. 33, VIII);
- Necessity for the execution of a contract or preliminary procedures related to a contract of which the data subject is a party, at their request (art. 33, IX, in conjunction with art. 7, V);
- Other grounds authorized by applicable legislation.
For more information about the privacy practices of our service providers, please consult their respective privacy policies.
8. How do we store your personal data?
Your personal data is stored on secure technological infrastructure, using the services of the providers indicated in Section 6, in accordance with applicable security standards and in a manner that facilitates the exercise of your rights under the LGPD.
9. How long do we retain your personal data?
Your personal data will be retained for the period necessary to fulfill the purposes for which it was collected, observing legal retention obligations and the rules for termination of processing, deletion, and retention of data provided for in articles 15 and 16 of the LGPD.
10. How do we protect your personal data?
We adopt appropriate technical and organizational measures to protect your personal data against unauthorized access, destruction, loss, alteration, or any form of inadequate or unlawful processing.
These measures include, as applicable: encryption, access controls, firewalls, and security monitoring.
11. Your rights as a personal data subject
Under the LGPD, you have the following rights regarding your personal data:
- Confirmation of the existence of processing;
- Access to data;
- Correction of incomplete, inaccurate, or outdated data;
- Anonymization, blocking, or deletion of unnecessary or excessive data, or data processed in non-compliance with the LGPD;
- Portability of data to another service or product provider;
- Deletion of data processed based on consent, when applicable;
- Information about public and private entities with whom we share your data;
- Information about the possibility of not providing consent and about the consequences of refusal;
- Revocation of consent, when applicable.
To exercise your rights, please contact our Data Protection Officer (DPO) through the channel indicated in Section 12.
The exercise of your rights is free of charge. Miralium Research will evaluate your request and respond within the legal timeframe, informing the measures adopted or the reasons that prevent immediate compliance.
12. Contact and Data Protection Officer (DPO)
For questions, requests, or to exercise your rights as a personal data subject, please contact our Data Protection Officer:
Data Protection Officer (DPO): Rodrigo Ferreira Menezes dos Santos
Email: dpo@miralium.re
13. General provisions
When you submit a request to exercise any of your rights as a data subject, Miralium Research will use your personal data to process the request and provide an appropriate response.
Miralium Research may establish specific notices or privacy policies applicable to certain services, platforms, or situations, which will supplement or, when applicable, prevail over this Privacy Policy.