USP Logo
DATE Logo

Privacy Policy

Last updated: May 15, 2025

DATE ("we," "us," or "our") is committed to protecting your privacy. This privacy policy governs the way we collect and use your information both online and onsite, including at date.edu.br and its subdomains, websites, and social media platforms accessed through your mobile devices as well as downloadable mobile applications. Collectively, we refer to our websites, apps, social media pages, emails, and offline business interactions, including onsite interactions, as the "Services." A link to this policy is included in the footer information on every page of our websites.

Personal Information

How We Collect and Use the Information You Provide

We collect personal information that you voluntarily provide to us when you register on our Services, express interest in obtaining information about us or our products and Services, participate in activities on our Services, or otherwise contact us.

In accordance with the Lei Geral de Proteção de Dados (LGPD) - Brazil's General Data Protection Law, we process your personal data based on one or more of the following legal bases:

  • Your consent
  • Fulfillment of a contract with you
  • Compliance with legal obligations
  • Legitimate interests
  • Protection of credit (when applicable)
  • Research by study entities, ensuring whenever possible the anonymization of personal data

When You Register

When you create an account on our Services, we collect your name, email address, and password. We may also collect additional information such as your academic institution, field of study, and professional title. We use this information to:

  • Create and manage your account
  • Provide you with access to our Services
  • Communicate with you about your account and our Services
  • Personalize your experience

Educational Data Collection

As an educational data platform, DATE collects and processes information about postgraduate programs, affirmative action policies, and educational institutions. This data is primarily collected from public sources and official institutional websites. We process this data to:

  • Create a comprehensive database of postgraduate programs
  • Analyze trends in affirmative action policies
  • Generate insights about access to higher education
  • Provide transparency about educational opportunities
  • Support research on educational equity and inclusion

This institutional data is generally not considered personal data under LGPD as it does not identify individuals. However, we apply the same high standards of data protection to all information we process.

Email Communication

If you choose to receive email communications from us, we will collect your email address and may track whether you have opened our emails and clicked on links. You can opt out of receiving marketing emails from us at any time by clicking the "unsubscribe" link in any email or by contacting us at privacy@date.edu.br.

Third-Party Service Providers

We may share your information with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf. These third parties have access to your personal information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Our primary data storage provider is Supabase, which helps us maintain a secure and reliable database. We also use Vercel for hosting our platform. Both services comply with international data protection standards and have implemented appropriate technical and organizational measures to protect your data.

Integrated Third-Party Tools

Our Services may include integrated tools and social sharing features. By accessing these integrated tools and features, you agree to be bound by the third party's terms of service.

Other Information

Cookies and Pixel Tags

We use cookies and similar technologies to enhance your experience on our Services. Cookies are small text files that are stored on your device when you visit our websites. We use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your device until you delete them).

You can control cookies through your browser settings and other tools. However, if you block certain cookies, you may not be able to register, login, or access certain parts or make full use of the Services.

Analytics

We use analytics services such as Google Analytics to collect and analyze information about how users use our Services. These services may collect information about your device, your IP address, your browsing actions, and the pages you visit on our Services.

The analytics data helps us understand how our platform is used, which features are most valuable, and how we can improve the user experience. This information is processed in an aggregated and anonymized form whenever possible.

Third-Party Advertising

We do not currently use third-party advertising on our Services. If this changes in the future, we will update this Privacy Policy accordingly.

Third-Party Payment Service

If we offer paid services in the future, we may use third-party payment processors to handle payment transactions. These processors will collect and process your payment information according to their own privacy policies.

Academic Research and Data Sharing

As an educational research platform, DATE may share anonymized and aggregated data with academic researchers, educational institutions, and policy makers. This data sharing is conducted in accordance with LGPD provisions for research purposes and is subject to appropriate safeguards.

When we share data for research purposes, we ensure that:

  • Personal data is anonymized or pseudonymized whenever possible
  • Recipients agree to use the data only for specified research purposes
  • Appropriate data protection agreements are in place
  • The research serves the public interest

If you have questions about our data sharing practices for research, please contact our Data Protection Officer at dpo@date.edu.br.

Children Under Thirteen Years of Age

Our Services are not directed to children under 13 years of age, and we do not knowingly collect personal information from children under 13. In accordance with both US COPPA regulations and Brazil's LGPD, if we learn that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to remove that information from our servers.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us at privacy@date.edu.br.

Your Rights Under LGPD

Under Brazil's LGPD, you have the following rights regarding your personal data:

  • Confirmation: The right to confirm the existence of the processing of your personal data
  • Access: The right to access your personal data
  • Correction: The right to request the correction of incomplete, inaccurate, or outdated data
  • Anonymization, Blocking, or Deletion: The right to request the anonymization, blocking, or deletion of unnecessary or excessive data
  • Portability: The right to request the portability of your data to another service or product provider
  • Deletion: The right to request the deletion of your personal data processed with your consent
  • Information: The right to be informed about the public and private entities with which we have shared your data
  • Revocation of Consent: The right to revoke your consent at any time

To exercise any of these rights, please contact our Data Protection Officer at dpo@date.edu.br.

We will respond to your request within 15 days, as required by LGPD. In some cases, we may need additional information to verify your identity before processing your request.

International Data Transfers

Our servers are located in Brazil. If you are accessing our Services from outside Brazil, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal information, in Brazil and other countries.

If we transfer your personal data to countries outside Brazil, we will ensure that an adequate level of protection is afforded to the data as required by the LGPD, including through standard contractual clauses or certification mechanisms.

Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure.

Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication requirements
  • Regular security training for our team
  • Monitoring for suspicious activities

In the event of a data breach that may result in a high risk to your rights and freedoms, we will notify you and the Brazilian National Data Protection Authority (ANPD) within a reasonable timeframe, in accordance with LGPD requirements.

Data Retention

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it.

For user accounts, we typically retain personal data for as long as the account is active, plus a reasonable period thereafter to handle any account closure issues. Educational and institutional data may be retained for longer periods for historical and research purposes, in accordance with LGPD provisions for academic research.

Changes to the Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes.

For significant changes to this Privacy Policy, we will make reasonable efforts to provide notification through our Services or by email.

Data Protection Officer

In compliance with the LGPD, we have appointed a Data Protection Officer (DPO) who is responsible for overseeing our data protection strategy and implementation to ensure compliance with LGPD requirements.

You can contact our DPO at dpo@date.edu.br for any questions or concerns regarding your personal data.

Contact Us

If you have any questions about this Privacy Policy, please contact us at:

DATE - Data for Access to Education

Email: privacy@date.edu.br

Address: Av. Paulista, 1000, São Paulo - SP, Brazil

Phone: +55 (11) 1234-5678