Loudd

Privacy Policy

Effective date: March 10, 2026 · Last updated: March 10, 2026

Loudd (“we,” “us,” or “our”) operates the platform available at loudd.app and related services (collectively, the “Service”). This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our Service.

We are committed to complying with the Brazilian General Data Protection Law (Lei Geral de Proteção de Dados — LGPD, Law No. 13.709/2018) and other applicable data protection regulations.

1. Data We Collect

1.1 Information You Provide

  • Account information: name, email address, and password when you create an account.
  • Profile information: company name, brand details, or ambassador bio, depending on your account type.
  • Payment information: billing details processed securely through Stripe. We do not store credit card numbers on our servers.
  • Communications: messages, support requests, and other content you send to us.

1.2 Information from Social Media Platforms

When you connect your Instagram or TikTok account, we collect data made available through their APIs, including:

  • Username and profile picture
  • Follower and following counts
  • Public profile information
  • Account type (personal, creator, or business)

We only access data you explicitly authorize through the OAuth consent flow. We do not access your private messages or post on your behalf without your permission.

1.3 Automatically Collected Data

  • Usage data: pages visited, features used, clicks, and session duration.
  • Device data: browser type, operating system, device identifiers, and IP address.
  • Cookies and similar technologies: see Section 8 below.

2. How We Use Your Data

We process your personal data for the following purposes:

  • Service delivery: creating and managing your account, matching brands with ambassadors, and processing transactions.
  • Ambassador verification: confirming social media account ownership and follower metrics.
  • Commission calculation: tracking coupon usage and calculating ambassador commissions.
  • Analytics and improvement: understanding how users interact with our Service to improve functionality and user experience.
  • Communication: sending transactional emails, service updates, and (with your consent) marketing communications.
  • Legal compliance: fulfilling legal obligations, resolving disputes, and enforcing our terms.

3. Legal Basis for Processing

Under the LGPD, we process your data based on the following legal grounds:

  • Consent: for connecting social media accounts and receiving marketing communications.
  • Contractual necessity: for providing the Service as agreed in our Terms of Service.
  • Legitimate interest: for analytics, fraud prevention, and platform security.
  • Legal obligation: for complying with applicable laws and regulations.

4. Third-Party Services

We share data with the following third-party service providers, each bound by their own privacy policies:

  • Supabase: authentication and database infrastructure.
  • Stripe: payment processing and subscription management.
  • Instagram (Meta) API: social media account verification and profile data retrieval.
  • TikTok API: social media account verification and profile data retrieval.

We do not sell your personal data to third parties. We only share data as necessary to operate the Service or as required by law.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. After account deletion or termination:

  • Account and profile data is deleted within 30 days.
  • Transaction and commission records may be retained for up to 5 years to comply with tax and financial regulations.
  • Anonymized, aggregated data may be retained indefinitely for analytics purposes.

6. Your Rights Under the LGPD

As a data subject, you have the following rights under the LGPD:

  • Access: request a copy of the personal data we hold about you.
  • Correction: request correction of incomplete, inaccurate, or outdated data.
  • Deletion: request deletion of your personal data, subject to legal retention requirements.
  • Portability: request transfer of your data to another service provider.
  • Revocation of consent: withdraw previously granted consent at any time.
  • Information: request information about the entities with whom your data has been shared.
  • Opposition: object to processing carried out on grounds other than consent, if applicable.

To exercise any of these rights, please contact us at privacy@loudd.app or use the Data Deletion Request page.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of sensitive data at rest
  • Row-level security policies on our database
  • Regular security audits and access reviews
  • Principle of least privilege for internal access

8. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

  • Essential cookies: required for authentication, session management, and security.
  • Analytics cookies: help us understand usage patterns and improve the Service.
  • Preference cookies: remember your settings, such as theme preference.

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may affect Service functionality.

9. International Data Transfers

Your data may be processed in countries other than Brazil, including the United States, where our infrastructure providers operate. When transferring data internationally, we ensure appropriate safeguards are in place, consistent with LGPD requirements.

10. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided data to us, please contact us so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and, where appropriate, by email. Your continued use of the Service after changes take effect constitutes your acceptance of the revised policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us: