Privacy Policy

This Privacy Policy applies to all visitors and users of leandrosantiago.com and has been prepared in compliance with the Brazilian General Data Protection Law (LGPD – Law No. 13.709/2018), the European Union General Data Protection Regulation (GDPR – EU Regulation 2016/679), and United States privacy laws, including the California Consumer Privacy Act (CCPA/CPRA) and the laws of the Commonwealth of Massachusetts.

By using this website, you agree to the terms of this policy.

1. Who We Are

Name: Leandro Santiago
Website: leandrosantiago.com
Email: info@leandrosantiago.com
Location: Massachusetts, USA

For GDPR purposes, Leandro Santiago acts as the Data Controller. For LGPD purposes, he acts as Operator and Controller as applicable.

2. What Data We Collect

Data you provide voluntarily:

  • Full name
  • Email address
  • Phone number
  • Messages submitted via contact form
  • Scheduling information (via Calendly)

Data collected automatically:

  • IP address
  • Browser type and device
  • Operating system
  • Pages visited and time spent on site
  • Traffic source
  • Cookies and similar identifiers

3. Why We Collect Your Data

We use your data to:

  • Respond to inquiries and contact requests
  • Confirm and manage financial consultation appointments
  • Send educational content and financial planning resources (with your consent)
  • Analyze and improve website performance
  • Comply with legal and regulatory obligations
  • Prevent fraud and ensure website security

4. Legal Basis for Processing

LGPD (Brazil):

  • Consent (Art. 7, I): for marketing communications
  • Legitimate interest (Art. 7, IX): for website analytics and improvement
  • Contract performance (Art. 7, V): for delivering requested services
  • Legal obligation (Art. 7, II): when required by law

GDPR (Europe):

  • Consent (Art. 6(1)(a)): for non-essential cookies and marketing
  • Contract performance (Art. 6(1)(b)): for service delivery
  • Legal obligation (Art. 6(1)(c)): when required by law
  • Legitimate interest (Art. 6(1)(f)): for security and analytics

U.S. Laws (Massachusetts / CCPA):

  • Processing based on declared legitimate purpose
  • Right to opt-out of data sale (we do not sell personal data)

5. Cookies and Tracking Technologies

We use essential, analytics, and marketing cookies. For full details, please review our Cookie Policy. You may manage your cookie preferences at any time through your browser settings or our consent banner.

6. How We Share Your Data

We do not sell, rent, or trade your personal information. We may share data with:

Service providers:

  • Google Analytics: website traffic analysis
  • Google Tag Manager: script and pixel management
  • Calendly: consultation scheduling
  • Hostinger: website hosting

Amazon Associates Disclosure:
This website participates in the Amazon Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by linking to Amazon.com. When you click on Amazon affiliate links on this site, Amazon may store tracking cookies on your device for commission attribution purposes. Your use of Amazon’s services is governed by Amazon’s Privacy Policy (amazon.com/privacy). We earn a small commission at no additional cost to you.

Legal authorities: when required by law, court order, or applicable regulation in the United States, Brazil, or Europe.

7. International Data Transfers

Your data may be transferred to and processed on servers located in the United States. For European (GDPR) and Brazilian (LGPD) users, we ensure that such transfers occur with adequate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission and data processing agreements with third-party providers.

8. Data Retention

  • Contact and scheduling data: up to 3 years after last interaction
  • Navigation data (Analytics): up to 26 months
  • Email marketing data: until you unsubscribe
  • Legally required data: as required by applicable law

9. Your Privacy Rights

LGPD (Brazil) — Art. 18:

  • Confirmation of data processing
  • Access, correction, and deletion of data
  • Data portability and consent withdrawal
  • Information about data sharing

GDPR (Europe) — Arts. 15–22:

  • Right of access, rectification, and erasure
  • Right to data portability and restriction of processing
  • Right to object and rights related to automated decisions

CCPA/CPRA (California/USA):

  • Right to know what personal data is collected
  • Right to delete personal data
  • Right to opt-out of data sale (we do not sell data)
  • Right to non-discrimination for exercising privacy rights

To exercise any of these rights, contact us at info@leandrosantiago.com. We will respond within 30 days (GDPR/LGPD) or 45 days (CCPA).

10. Data Security

  • Active SSL certificate (HTTPS) across the entire website
  • Secure server hosting (Hostinger)
  • Security monitoring and firewall
  • Regular backups and access controls

In the event of a data breach, we will notify the relevant authorities and affected users within 72 hours as required by LGPD and GDPR.

11. Children’s Privacy

This website is not directed to children under 13 (USA), 16 (GDPR), or 18 (LGPD where applicable). We do not knowingly collect personal data from minors. If we become aware that a minor’s data has been collected, we will delete it immediately.

12. Data Protection Officer (DPO)

Name: Leandro Santiago
Email: info@leandrosantiago.com

You also have the right to file a complaint with the relevant data protection authority:

  • Brazil: National Data Protection Authority (ANPD) — gov.br/anpd
  • Europe: Data protection authority in your country of residence
  • USA: Federal Trade Commission (FTC) — ftc.gov

13. Third-Party Links and Affiliate Disclosure

This website may contain links to external websites, including affiliate links. We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policy of every website you visit. Affiliate links are clearly identified and clicking them may result in a commission for us at no additional cost to you.

14. Changes to This Policy

This Privacy Policy may be updated periodically. Significant changes will be communicated via email (when applicable) or through a prominent notice on the website. The “Last Updated” date at the top of this page will always reflect the most recent revision.

15. Contact Us

For questions, requests, or to exercise your privacy rights:

Email: info@leandrosantiago.com

Last updated: June, 2026