Privacy Policy
Last updated: April 2025
Who We Are
hiSofi provides a technological platform that connects creditors and users for the purposes of communication, negotiation and payment of debts.
In the context of providing its services, hiSofi may act:
- as Controller, in the processing of personal data arising from navigation and direct use of the portal; and
- as Processor, when processing personal data on behalf of contracting creditors, in accordance with their instructions and under applicable law.
What Data We Process
We may process personal data such as:
- full name;
- national ID (CPF);
- date of birth;
- contact details (phone, email);
- address;
- information related to financial obligations;
- browsing data (IP, logs, device).
Data is received directly from the user, from partner creditors (Controllers) and from public sources or third parties authorized by law.
hiSofi does not intentionally collect sensitive personal data.
Purposes of Processing
Personal data may be processed to:
- enable communication about debts;
- allow negotiation and payment;
- authentication and fraud prevention;
- compliance with legal and regulatory obligations;
- regular exercise of rights in legal proceedings;
- service improvement and technological development.
Legal Bases
The processing of personal data may occur based on:
- performance of a contract or preliminary procedures;
- compliance with a legal or regulatory obligation;
- regular exercise of rights;
- legitimate interest;
- credit protection.
Sharing
Personal data may be shared with:
- partner creditors;
- service providers;
- public authorities, when required by law.
International Transfer
Personal data may be stored or processed on servers located in Brazil or abroad, subject to applicable legal safeguards.
Security
hiSofi adopts adequate technical and administrative measures to protect personal data against unauthorized access and security incidents.
Retention
Personal data will be kept for as long as necessary for:
- compliance with legal obligations;
- regular exercise of rights;
- fraud prevention;
- audits and compliance.
Data Subject's Rights
Under applicable data protection law, the data subject may request:
- confirmation of processing;
- access;
- correction;
- anonymization or deletion;
- portability;
- information about sharing.
Requests can be made by email: contato@hisofi.com
Updates
This Policy may be updated at any time upon publication on the portal.
Applicable Law
This Policy shall be interpreted in accordance with Brazilian law, with the courts of the District of São Paulo/SP elected to resolve any disputes.
Requests can be made by email: contato@hisofi.com.
