← Back

Privacy Policy

PT

Last updated: 2026-05-08

1. Data we collect

Business owner data

  • Name, email, phone (sign-up)
  • Business name, segment, address, tax ID (optional)
  • Profile picture (optional, upload)
  • Payment data (card tokenized by payment gateway — full card number is never stored)

End-customer data (your business’s customers)

  • Name, phone, email (provided by the owner or captured in WhatsApp/Telegram conversations via bot)
  • National ID, date of birth (optional)
  • Chatbot conversation history (text messages, voice notes, images, videos)
  • Appointment, payment and loyalty data

Google account data (only if you connect — opt-in)

When you connect Google Calendar in Settings → Integrations, we access with your explicit consent:

  • Your Google account’s primary email
  • List of calendars available in your account
  • Events from calendars you specifically map (title, description, start/end date and time, attendees, location, recurrence)

We do not access: Gmail, Google Drive, Contacts, Photos, Tasks, Maps, or any other Google product outside of Google Calendar.

2. How we use the data

Operating Kontato

  • AI bot replies to end-customers via WhatsApp/Telegram
  • Calendar, billing, loyalty and reporting management
  • Notifications to the owner (push, email)

About Google data specifically

  • Bidirectional sync: events created/updated/deleted in Kontato are reflected in the selected Google Calendar, and vice versa
  • Conflict detection: events created outside Kontato are imported as inert entries (origin google_import) only to avoid scheduling at a busy slot
  • Identification: your Google account email is used only to display which account is connected on the integrations screen

We do NOT use Google data for

  • Training AI models (our own or third-party)
  • Marketing, advertising or behavioral profiling
  • Selling, renting or transferring to any partner
  • Any purpose outside of explicit Google Calendar synchronization

3. Storage and security

Infrastructure

  • Managed database, São Paulo region
  • Application hosted on Google Cloud (us-central1 region)
  • Daily automatic backups, 30-day retention

Encryption

  • In transit: TLS 1.3 on all client↔server and server↔external service connections
  • At rest: native AES-256 from managed PostgreSQL
  • Google OAuth tokens stored encrypted, accessible only by the authenticated backend

Access control

  • Per-business Row-Level Security (RLS): each account only accesses its own data
  • Public endpoints require JWT authentication
  • Administrative endpoints restricted to pre-approved emails
  • Service Worker does not cache personal data or tokens
  • Application logs do not contain end-customer PII

4. Sharing with third parties

We do not sell personal data. Subprocessors below receive only what is strictly necessary for their function:

Infrastructure and support

  • Managed database provider (all data)
  • Application hosting provider
  • CDN and transactional email proxy provider

Payments

  • Payment gateway — billing processing. Receives: name, tax ID, email, charge amount. Does not receive conversation history.

Communication

  • Transactional email provider (receives recipient’s email and content)
  • WhatsApp HTTP API provider (receives messages exchanged in the owner’s WhatsApp channel)
  • Telegram Bot API (receives messages exchanged in Telegram channel, when the owner uses Telegram)

Artificial intelligence

  • Natural Language Processing provider (LLM): receives conversation content to generate response. Does not receive personal data unrelated to the conversation.
  • Audio transcription provider: receives audio file sent by end-customer via bot. Audio is deleted after transcription.

Providers are contracted under data protection agreements (DPAs) and follow security requirements equivalent to Kontato’s.

Google account data — special policy

Data accessed via Google Calendar API is not shared with any of the subprocessors above. It remains exclusively in Kontato’s database and Kontato’s server, and is used only for bidirectional synchronization with the user’s own Google Calendar.

Legal requests

We may disclose data upon valid court order, warrant or legal request.

5. Google Calendar integration — details

When you choose to connect your Google account to Kontato in Settings → Integrations, we request the following OAuth scopes:

  • https://www.googleapis.com/auth/calendar (view and manage Google Calendar agendas)
  • https://www.googleapis.com/auth/calendar.events (view and manage Google Calendar events)
  • https://www.googleapis.com/auth/userinfo.email (view the account’s primary email)

Data Accessed

  • Google account’s primary email (only the address, no personal name or photo)
  • List of calendar IDs and names from your account (so you can choose which to sync)
  • Events from explicitly mapped calendars: title, description, start/end time, attendees, location

Data Usage

  • Automatic bidirectional synchronization: create/update/delete events in both directions
  • Schedule conflict detection
  • Visual identification of the connected account on the integrations screen

We do not use Google data to train models, advertise, profile, or for any purpose unrelated to synchronization.

Data Sharing

Data accessed via Google Calendar API is not shared with third parties, except for Google Calendar itself (synchronization operation). It remains in Kontato’s database.

Data Storage & Protection

  • access_token and refresh_token: stored encrypted in PostgreSQL with encryption-at-rest
  • Imported events (origin google_import): stored in Kontato’s database with the same protection as other data
  • Token access only via authenticated backend (service role)

Data Retention & Deletion

  • Google tokens: retained while the integration is active. When you click “Disconnect Google” in Settings → Integrations, or revoke at myaccount.google.com/permissions, tokens are deleted immediately from our database
  • Synchronized events: remain on both sides (Google Calendar and Kontato) after disconnection. You can manually delete them if you wish
  • Kontato account cancellation: when you delete your account, all Google data is deleted within 30 days

Limited Use of Google data

Kontato’s use and transfer of information received from Google APIs adheres to Google API Services User Data Policy, including the Limited Use requirements.

6. Data retention by category

  • Active owner account: as long as the account exists
  • Cancelled account: soft-delete for 30 days, then full deletion
  • Active conversations: archived after 30 days from closing
  • Messages of archived conversations: 1 year
  • Google OAuth tokens: while integration is active, deleted upon disconnect
  • Backups: 30 days
  • Application logs: 90 days

7. Your rights (LGPD + GDPR)

You have the right to:

  • Access: request a copy of your personal data
  • Correction: correct incorrect data via app settings
  • Deletion: request full deletion
  • Portability: export your data in structured format
  • Consent revocation: disconnect integrations at any time

How to exercise

  • For Google integration: Settings → Integrations → Disconnect (automatic, immediate process)
  • To delete your entire account: email contato@themagicbox.app (up to 30 days)
  • For other requests: email contato@themagicbox.app (up to 15 days for replies, 30 days for actions)

8. Contact and Data Protection Officer (DPO)

The Magic Box (TMB)

Data Protection Officer (DPO): contato@themagicbox.app

Requests email: contato@themagicbox.app

Brazil

In compliance with Brazilian LGPD (Law 13.709/2018) and GDPR principles.