Privacy policy
Last updated: June 22, 2026
Your privacy matters. This policy explains plainly what data Blense collects, how we use it, who we share it with, and what your rights are — in accordance with Brazil’s General Data Protection Law (Lei nº 13.709/2018, LGPD).
What we collect and why
We collect only what is needed to run the site:
- Email (newsletter). When you subscribe to our newsletter. Legal basis: consent (LGPD, Art. 7, I). You may withdraw consent at any time.
- IP address. Collected automatically by the Ciel assistant solely to limit abuse (up to 10 requests per 60 minutes per IP). Legal basis: legitimate interest in security and service availability (LGPD, Art. 7, IX). The IP is held in temporary memory (a 60-minute sliding window) and discarded automatically.
- Questions sent to Ciel. When you type a question in the Ciel assistant, it is transmitted to third-party AI services to generate a response. Blense does not store your chat history. Legal basis: legitimate interest in providing the requested feature (LGPD, Art. 7, IX).
- Essential cookies. We use cookies and local storage to remember your theme and language preferences. No identifiable data is collected. Legal basis: legitimate interest (LGPD, Art. 7, IX).
- Anonymous access statistics. Aggregated metrics to understand which content is most useful. No individual profile is created. Legal basis: legitimate interest (LGPD, Art. 7, IX).
Sharing and sub-processors
We do not sell personal data. We share data only with the vendors below, strictly for the purposes described:
- Google (Gemini API). Receives questions sent to Ciel for processing by the Gemini language model. We use the free tier of Google AI Studio. Important: under Google AI Studio’s free-tier terms, data submitted may be used by Google to improve its models. We therefore recommend not entering sensitive personal data in the Ciel chat. See the Google AI Studio terms for details.
- Kilo (api.kilo.ai). Fallback AI service activated automatically when Google Gemini is unavailable. Also receives questions sent to Ciel, subject to Kilo’s own privacy policy.
- Upstash Redis. Temporarily stores IP addresses for Ciel abuse control. Data is discarded after the 60-minute window.
- Resend. Platform where your email is stored as a contact and from which the newsletter is sent.
- Supabase. Database hosting the site’s content (articles and materials). It does not store readers’ personal data.
International data transfers
Google Gemini, Kilo, Upstash, Resend, and Supabase are based in or process data in the United States. This constitutes an international transfer of personal data, governed by Art. 33 of the LGPD and Resolution CD/ANPD No. 19/2024. We rely on contractual guarantees equivalent to the standard clauses recognized by the ANPD, choosing vendors with a track record of compliance with data protection laws (GDPR, CCPA). For more information, write to contato.blense@gmail.com.
Cookies and local storage
We use local storage (localStorage) in your browser to remember your theme preference (light/dark). This data never leaves your device and does not identify you. Legal basis: legitimate interest (LGPD, Art. 7, IX).
In addition, Blense loads two third-party services that set their own cookies in your browser: Google AdSense (ads; advertising consent is handled by Google) and Microsoft Clarity (usage analytics — aggregated heatmaps and sessions; cookies _clck and _clsk). Blense does not control or have direct access to these cookies. Details, legal bases, and how to manage each are in the Cookie policy.
Retention and disposal
- Newsletter email: kept while your subscription is active. On cancellation, the email is marked as unsubscribed and you stop receiving the newsletter; full deletion can be requested at any time.
- IP for abuse control: automatically discarded at the end of the 60-minute window.
- Ciel questions: not stored by Blense; retention on the AI vendors’ side follows their own policies.
- Local cookies: remain until you clear them in your browser.
Security
We adopt reasonable technical measures to protect the data we process (HTTPS connections, restricted access to credentials, certified vendors). No system is 100% secure; in the event of a relevant incident, we will notify affected users and the ANPD as required by Art. 48 of the LGPD.
Your rights (LGPD, Art. 18)
As a data subject, you have the right to:
- Confirm the existence of processing and access your data;
- Correct incomplete, inaccurate, or outdated data;
- Request anonymization, blocking, or deletion of unnecessary data or data processed in violation of the LGPD;
- Obtain information about sharing with third parties;
- Withdraw consent at any time (e.g., cancel the newsletter);
- Request portability of your data.
To exercise any of these rights, write to contato.blense@gmail.com with the subject “Data Rights.” We will respond within 15 days.
Changes
We may update this policy when there are changes to the data we process, our vendors, or applicable law. Relevant changes will be flagged on this page with a revised date.
Governing law
This policy is governed by the laws of Brazil, in particular the General Data Protection Law (Lei nº 13.709/2018, LGPD).
Contact and Data Protection Officer
Questions about privacy? Write to contato.blense@gmail.com. This is also the contact channel for our data protection officer (DPO) as required by Art. 41 of the LGPD.