NA Digital HealthNA Digital Health Back to Home
Legal

Privacy Policy

Last updated: May 12, 2026

This Privacy Policy explains how NA Digital Health, operated by Nickolas Lima Andrade (CPF 119.710.076-84), collects, uses, stores, and protects your personal data. It is designed to comply with the Brazilian General Data Protection Law (LGPD — Lei nº 13.709/2018) and the EU General Data Protection Regulation (GDPR) where applicable.

1. Data Controller

Nickolas Lima Andrade — Rua Wilson Teixeira, 820, Jardim Panorama, Ipatinga-MG, 35164-246, Brazil. Contact: nickolas.andrade@hotmail.com.

2. Personal Data We Collect

  • Identification data: full name, email address, country.
  • Transaction data: products purchased, amount, date, transaction ID. Card data is processed exclusively by Stripe and never stored on our servers.
  • Account & usage data: login timestamps, IP address, browser type, device, pages viewed, in-app interactions.
  • Voluntary content: any information you provide in tracking inputs, journal entries, or support messages.

3. Legal Bases (LGPD Art. 7 / GDPR Art. 6)

  • Performance of a contract — to deliver the products you purchased.
  • Compliance with legal obligation — tax, accounting, anti-fraud.
  • Legitimate interest — to secure and improve our services.
  • Consent — for marketing emails and non-essential cookies.

4. How We Use Your Data

  • To process payments and deliver digital products.
  • To create and manage your customer account.
  • To provide customer support.
  • To send transactional emails (receipts, password resets, security alerts).
  • To send marketing communications, only with your explicit opt-in (you may unsubscribe at any time).
  • To prevent fraud and comply with applicable law.

5. Sharing With Third Parties

We do not sell personal data. We share data only with carefully selected processors who help us operate:

  • Stripe, Inc. — payment processing (PCI-DSS Level 1).
  • Cloud hosting providers — secure infrastructure for our applications.
  • Email delivery providers — transactional and (opt-in) marketing emails.
  • Analytics providers — aggregated, privacy-respecting usage analytics.
  • Public authorities — only when required by law or judicial order.

6. International Data Transfers

Some processors may be located outside Brazil or the EU. We rely on adequate safeguards such as Standard Contractual Clauses and equivalent protections recognised by the ANPD and the European Commission.

7. Data Retention

We retain your data only as long as necessary to fulfil the purposes described, comply with legal obligations (tax records retained for up to five years under Brazilian law), and resolve disputes.

8. Security

We apply technical and organisational measures including TLS 1.2+ encryption in transit, encryption at rest for sensitive fields, access controls, audit logging, and regular security reviews. No method of transmission is 100% secure; we continuously work to protect your data.

9. Your Rights

Under LGPD and GDPR you have the right to:

  • Confirm the existence of processing and access your data.
  • Correct incomplete, inaccurate or outdated data.
  • Request anonymisation, blocking, or deletion of unnecessary data.
  • Request portability to another service provider.
  • Revoke consent at any time.
  • Lodge a complaint with the ANPD (Brazil) or your local supervisory authority.

To exercise any right, email nickolas.andrade@hotmail.com. We respond within 15 days.

10. Cookies

We use strictly necessary cookies to operate our applications and, with consent, analytics cookies to understand product usage. You may disable cookies in your browser settings; some features may not work without them.

11. Children

Our products are not directed to individuals under 18. We do not knowingly collect data from minors.

12. Changes

We may update this policy. The "Last updated" date above reflects the latest revision. Material changes will be communicated by email.

13. Contact / Data Protection Officer

Nickolas Lima Andrade — nickolas.andrade@hotmail.com.