Your Rights — LGPD

1. What is the LGPD

The General Data Protection Law (Law 13,709/2018 — LGPD) is the Brazilian legislation that regulates the processing of personal data. It guarantees you, as a data subject, a series of rights over the information that companies and organizations collect and use.

Davit is committed to full compliance with the LGPD and to transparency in the processing of your personal data.

2. Your Rights as a Data Subject

Under Art. 18 of the LGPD, you have the following rights:

• Confirmation of processing: know whether Davit processes your personal data.
• Access: obtain a copy of all personal data we hold about you.
• Correction: request the correction of incomplete, inaccurate, or outdated data.
• Anonymization, blocking, or deletion: request the processing of unnecessary, excessive, or non-compliant data under the LGPD.
• Portability: request the transfer of your data to another service provider.
• Deletion: request the deletion of personal data processed based on consent.
• Information about sharing: know which entities your data is shared with.
• Revocation of consent: revoke your consent at any time, simply and free of charge.

3. How to Exercise Your Rights

You may exercise any of the above rights by sending a request to our Data Protection Officer:

Email: davitai@davitai.com

Your request will be responded to within 15 (fifteen) business days, as required by the LGPD. We may request identity verification to ensure the security of your data.

4. Export Your Data

You can export all your data directly from the Davit dashboard. The GET /api/user/export endpoint returns all your information in JSON format, including:

• Profile data (name, email, preferences).
• Agent execution history and results.
• Credit and payment history.
• Consent settings.

5. Delete Your Account

You can delete your account at any time by accessing Settings in the Davit dashboard. The deletion is complete and cascading:

• All your personal data will be permanently removed.
• Agent execution history and generated content will be deleted.
• OAuth integration tokens will be revoked and removed.
• A confirmation email will be sent to your registered address.

Data required for compliance with legal obligations (such as tax records) may be retained for the period required by law.

6. Consent

At Davit, consent is granular and transparent. At registration, you choose individually:

• Service operation: required for use of the Platform (legal basis: contract performance).
• Marketing: optional — receive updates, tips, and offers via email.
• Analytics: optional — authorize the use of anonymized data for product improvement.

You may revoke any consent at any time in your account settings, without affecting the use of the service (except the mandatory service operation consent).

7. Data Protection Officer Contact

The Data Protection Officer (DPO) of Davit is the point of contact for all matters related to the processing of your personal data:

Email: davitai@davitai.com

You may also file a complaint with the National Data Protection Authority (ANPD) if you believe your rights have not been addressed.