1Data We Collect
When you register and use ClubRaíz we collect the following information:
- •Identity data: full name, company name or legal business name
- •Contact data: email address, phone number
- •Account data: encrypted password, user role, timezone, country
- •Project data: information about real estate projects you publish on the Platform
- •Lead data: information about prospects interacting with your microsites (name, email, phone, country, purchasing preferences)
- •Usage data: pages visited, clicks, session time, IP address, device and browser type
- •Payment data: processed directly by Paddle; ClubRaíz does not store credit card data
2How We Use Your Data
We use your personal data to:
- •Provide and maintain the Platform and its features
- •Process payments and manage your subscription through Paddle
- •Send important notifications about your account, service changes, and security alerts
- •Generate performance analytics for your projects and leads (accessible only to you)
- •Improve the Platform through aggregated, anonymized usage analysis
- •Respond to technical support requests and business inquiries
- •Comply with applicable legal and regulatory obligations
3We Don't Sell Your Data
ClubRaíz does not sell, rent, or trade your personal data or your leads' data to third parties under any circumstances. Your prospects' data is your exclusive property. You retain all rights over the information you enter on the Platform.
4Third Parties and Providers
To operate the Platform we work with the following trusted providers, who may have limited access to your data only to the extent necessary to provide their services:
- •Paddle.com Market Limited — payment processing and tax compliance
- •Calendly — appointment and video call scheduling
- •WhatsApp Business (Meta) — notifications and lead communication
- •Vercel Inc. — hosting and deployment infrastructure
- •Neon Database — secure cloud data storage (PostgreSQL)
- •Cloudinary — project image storage and optimization
- •Anthropic / OpenAI — processing of Sofia chatbot messages (messages are processed but not stored in identifiable form)
All our providers are subject to data processing agreements and are required to protect your information.
5Your Rights
You have the following rights over your personal data:
- •Access: request a copy of the personal data we hold about you
- •Rectification: correct inaccurate or incomplete data
- •Erasure: request deletion of your data ("right to be forgotten")
- •Portability: receive your data in a structured, machine-readable format
- •Objection: object to processing of your data for marketing purposes
- •Restriction: request that we restrict the processing of your data
To exercise any of these rights, write to gerencia@clubraiz.com. We will respond within 30 business days of receiving your request.
6Security
We implement multiple layers of security to protect your data:
- •TLS 1.3 encryption on all communications between your browser and our servers
- •Passwords stored with bcrypt hashing (cost factor 12)
- •Database access restricted by private network and least-privilege roles
- •Encrypted, automatic backups performed daily
- •24/7 security monitoring and alerts for unauthorized access
- •Periodic security reviews of code and infrastructure
Despite these measures, no system is 100% foolproof. In the event of a security breach affecting your data, we will notify you within 72 hours of detection.
7Contact
To exercise your rights, report a security incident, or ask questions about this Policy: