Privacy Policy

Last updated: April 2, 2026

1. Introduction

Baila Desenvolvimento e Licenciamento de Programas de Computador Customizáveis LTDA ("Baila Tecnologia", registered under Tax ID 66.441.518/0001-79, with headquarters at Rua Carijós, 936, Vila Alzira, Santo André/SP, CEP 09180-000), as the data controller, operates the vaidebaila.app platform and the Baila mobile app. This policy describes what personal data we collect, how we use it, and your rights under Brazil's General Data Protection Law (LGPD — Law no. 13.709/2018).

2. Data We Collect

2.1 Account Data

  • Email
  • Password (stored encrypted)
  • Role (buyer, staff, or promoter)

2.2 Payment Data

  • Tax ID
  • Credit-card data (number, expiry, CVV, cardholder name)
  • Billing email and phone
  • ZIP code

Payment data is transmitted directly to the payment processor and is not stored on the device after the transaction.

2.3 Device Data

  • Unique device identifier (randomly generated UUID)
  • Push notification token
  • Platform (iOS or Android)

2.4 Ticket and Check-in Data

  • Ticket QR codes
  • Check-in history (for staff)
  • Ticket data stored locally for offline operation

2.5 Campaign Tracking (UTM)

When you visit our site through a marketing campaign link, we collect UTM parameters present in the URL to measure campaign effectiveness.

3. How We Use Your Data

  • Authentication and account management
  • Processing ticket purchases
  • Sending notifications about purchases, events, and rewards
  • Ticket validation via QR code at check-in
  • Offline app operation (local ticket storage)
  • Marketing campaign analytics

4. App Permissions

  • Camera: used solely for scanning QR codes at event check-in. The video stream is not stored.
  • Notifications: for purchase confirmations, event reminders, and reward updates. You can disable these at any time.
  • Internet: to communicate with our servers.

5. Storage and Security

Authentication tokens are stored securely using device encryption (Keychain on iOS, Keystore on Android). Ticket data for offline operation is stored in a local database (SQLite) and synchronized with the server when online.

We do not use third-party analytics services. All communication is exclusively with our own servers.

6. Data Sharing

We do not sell or share your personal data with third parties, except:

  • Payment processor for transactions
  • When required by law or court order

7. Data Retention

  • Account data: retained while the account is active
  • Payment data: not retained on the device after the transaction
  • UTM data: retained for 2 years, then anonymized
  • Offline data (tickets/check-in): synchronized and removed from the device

8. Your Rights (LGPD)

Under the LGPD, you have the right to:

  • Confirm whether data processing exists
  • Access your personal data
  • Correct incomplete or outdated data
  • Anonymize, block, or delete unnecessary data
  • Port your data
  • Delete data processed under consent
  • Withdraw consent

9. Contact

To exercise your rights or ask about this policy, contact us at: contato@vaidebaila.app

10. Changes to This Policy

We may update this policy periodically. Significant changes will be communicated by in-app notification or email. The date of the last update will always appear at the top of this page.

Privacy Policy | baila