Privacy Policy

Anna Seguros
Version 1.0 — Effective as of May 11, 2026
Last updated: May 11, 2026

1. Welcome

This Privacy Policy describes how Anna Seguros ("Anna", "we", "us") handles the personal data of anyone who uses our app and our website. We recommend reading it carefully so you understand exactly what we collect, why, how we protect it, and what your rights are as the subject of that data.

Before getting into the technical detail, we want to state three commitments up front:

Anna is the digital vault for your insurance policies, not a broker. We have no commercial relationship with insurers. We do not receive commissions to recommend products. We do not send your policies to any insurer.
We do not sell your data. To anyone. Not to marketing partners, not to brokerages, not to risk-analysis companies.
You are in charge of your data. At any time you can export, correct, or delete everything we hold.

In plain words
Anna keeps your policies in one place so you can look them up and understand what you have. It is not a brokerage. It does not sell your data. Everything in here stays yours.

2. Definitions

To make this easier to read, here are some terms from Brazil's General Data Protection Law (LGPD) that appear throughout this document:

Term	What it means
Personal data	Any information that identifies or could identify a person (name, ID number, email, a policy number tied to you).
Sensitive personal data	A special category protected more strictly: health data, biometrics, racial origin, religion, sexual orientation, among others.
Data subject	The person the data refers to. When you use Anna, you are the subject of your data.
Processing	Any operation performed with personal data: collection, storage, use, sharing, deletion, etc.
Controller	Whoever makes the decisions about the processing. Anna is the controller of most of the data covered by this Policy.
Processor	Whoever processes data on the controller's behalf, following its instructions. The infrastructure providers Anna contracts are processors.
Legal basis	The legal justification the LGPD requires for each instance of personal-data processing.
Data Protection Officer (DPO)	The person responsible for the communication channel between you, Anna, and the ANPD (Brazil's National Data Protection Authority).
Anonymization	The process that makes data stop being personal, removing any possibility of association with the person.

In plain words
These are the technical words the law uses. No need to memorize them — whenever they show up in the text, just come back here if you want a refresher.

3. Who we are and what our role is

Anna is operated by [Anna Seguros legal entity], registered under company number [company number], with its head office at [full address].

In relation to your personal data, Anna acts as the controller — Anna decides which data is collected, for which purposes, and for how long. Any technology providers Anna contracts (cloud, authentication, usage analytics, artificial-intelligence models) act as processors, meaning they handle your data only following Anna's instructions.

Anna does not act as an insurance broker, is not a representative of insurers, and has no commission arrangement with any insurer. Its only function is to organize and add intelligence to policies that are already yours.

In plain words
Anna is responsible for what happens to your data in here. The companies Anna contracts (like the cloud that stores the files) follow Anna's orders and cannot use your data for anything else.

4. What data we collect

The data Anna handles varies with how you use the app. We group it by category to make it clear what each part of the product collects.

4.1. Account data

Collected when you create an Anna account:

Full name
Email
Mobile phone number
ID number
Date of birth
Password (stored encrypted — not even the Anna team can see it)
Profile photo, if you choose to add one

4.2. Your policy data

Collected when you add a policy to your portfolio:

The policy file (PDF, image, or photo)
Data extracted automatically by our reading technology: insurer name, policy number, coverage dates, coverages, insured amounts, deductibles, beneficiaries, details of the insured asset (vehicle, property, etc.)
Payment receipts, when you add them
Claims history, when you add it
Personal notes and tags you create

Some policies (life, health, travel) may contain sensitive personal data — for example, health information, biometrics, or medical history. When this kind of data appears, Anna handles it with additional safeguards, described in section 13.

4.3. Data of people you add to your portfolio

Anna lets you include family members and dependents in your portfolio (for example, a spouse insured under a health plan, children on the auto policy, parents on the life policy). For that, we collect:

The family member's full name
ID number
Date of birth
Relationship
Link to each policy

The handling of this data has its own rules, detailed in section 8.

4.4. App usage data

To understand how the app is performing and to improve the product, we collect:

Device identifier (anonymous, not tied to your ID number)
Device model, operating system, and version
Screens visited and actions taken in the app
Time spent in each area
Errors and crashes (crash reports)
Language and time zone

4.5. Website usage data

When you visit anna.com.br, we collect via cookies and analytics tools:

IP address
Browser and device
Pages visited and time on each
Visit source (link, search, ad)
Browsing behavior (clicks, scrolling)

Details in section 10.

4.6. Conversations with the Anna assistant (AI chat)

When you ask Anna questions about your policies, we collect:

The text of your questions
The generated answers
Feedback reactions (like, dislike, report answer)

How this processing works and its limits are detailed in section 7.

4.7. Support data

When you talk to the support team (by email, chat, or another channel), we collect the conversation, attachments, and the history of interactions.

In plain words
Anna keeps: your account info, the policies you upload, the data the AI extracts from them, who you add as a dependent, how you use the app and the site, your conversations with the assistant, and your contacts with support. That's it. No real-time location, no phone contacts, no microphone or camera beyond what you choose to use.

5. Where your data comes from

Anna collects data from three sources:

Directly from you — when you sign up, upload policies, add dependents, talk to the assistant, contact support.
Automatically, from usage — app telemetry, website cookies, data extracted by AI from the documents you upload.
From authorized external providers — if you choose to log in with Google or Apple (SSO), we receive from the chosen platform only your name, email, and profile photo.

Anna does not buy lists, does not scrape data from other public sources, and does not look you up on social media.

In plain words
The data comes from you, from normal use of the app, and from Google/Apple if you log in that way. Nothing beyond that.

6. What we use your data for

The LGPD requires every instance of personal-data processing to have a legal justification (legal basis). Below is the table of Anna's main purposes:

Purpose	Description	LGPD legal basis	Data categories
Account creation and authentication	Let you sign up, log in, and access your policies	Performance of a contract (Art. 7, V)	Account
Storing and organizing policies	Securely keep the policies you upload and display them organized	Performance of a contract (Art. 7, V)	Policies, dependents
Automated data extraction	Read the PDFs/images you upload and turn them into structured fields (validity, coverages, amounts)	Performance of a contract (Art. 7, V)	Policies
Anna assistant (AI chat)	Answer your questions about your own policies	Performance of a contract (Art. 7, V)	Policies, AI conversations
Alerts and notifications	Notify you about expirations, renewals, important dates	Performance of a contract (Art. 7, V)	Account, policies
Customer support	Answer your questions and resolve issues	Performance of a contract (Art. 7, V)	Account, support
Security and fraud prevention	Detect unauthorized access, intrusion attempts, and malicious use	Legitimate interest (Art. 7, IX)	App usage, account
Product improvement	Understand which features are used and how to improve the experience	Legitimate interest (Art. 7, IX)	App usage, website usage (aggregated/anonymized where possible)
Marketing communications	Send news, content, and tips (email, push, in-app)	Consent (Art. 7, I)	Account
Compliance with legal obligations	Meet tax, regulatory, and judicial requirements	Legal obligation (Art. 7, II)	As required
Defense in proceedings	Defend Anna's rights in administrative or judicial proceedings	Regular exercise of rights (Art. 7, VI)	As needed

For processing sensitive personal data (such as health information that may appear in life or health policies), Anna relies on:

Specific, highlighted consent (Art. 11, I) — when you voluntarily upload a policy that contains this kind of data, you are consenting to the processing strictly necessary to keep and organize that policy.
Regular exercise of rights in proceedings (Art. 11, II, "d"), where applicable.

In plain words
Most uses are simple: we process your data to make Anna work. To send you marketing, we need you to say "yes" first. To comply with the law (e.g., the tax authority requesting a record), we comply, but we tell you whenever possible.

7. Automated processing by artificial intelligence

Anna uses AI models in two main situations. This section explains what happens, what does not happen, and what your rights are.

7.1. Extracting data from your policies

When you upload a policy (PDF, photo, or image), an AI model reads the document and automatically extracts the structured fields: policy number, validity, coverages, amounts, beneficiaries, etc. This saves you from typing everything manually.

What Anna guarantees:

The model reads only the document you uploaded, at the moment you submit it.
The content of your policies is not used to train Anna's models or third-party models.
The model providers Anna may use (described in section 9) operate under contracts with an explicit no-retention and no-training clause for your data.
Extraction can contain errors. You can always review and manually correct each extracted field.

7.2. Anna assistant (chat about your policies)

When you ask a question about your policies, Anna uses an AI model that receives only the data of the policies you hold, together with your question, to generate a personalized answer.

What Anna guarantees:

The model has no access to other users' data.
The question and answer are stored associated with your account so you can revisit the history.
Your conversations are not used to train models.
In specific cases, Anna may review conversations in an anonymized way to diagnose failures and improve answer quality. This process never exposes your identity.

7.3. Limits of the AI

The Anna assistant does not replace legal, financial, or brokerage advice. Answers are based on the content of your policies and may contain errors. If you have doubts about rights, payouts, or important decisions, Anna recommends consulting the insurer directly or a qualified professional.

7.4. Your right to human review

Under Art. 20 of the LGPD, you have the right to request review by a human being of any decision made solely by automated means that affects your interests. To exercise this right, just get in touch via the channel listed in section 16.

In plain words
Anna's AI reads your documents and answers questions about them. But: 1) it only sees your data, never anyone else's; 2) your data doesn't train any model; 3) it can be wrong, so double-check; 4) if something automated bothers you, ask for human review — it's your right by law.

8. Data of people added to your portfolio

Anna lets you include family members and dependents so you can manage all the family's policies in one place. This feature requires specific care:

8.1. Your responsibility when adding third parties

When you add a person to your portfolio, you declare that:

You have that person's authorization to include their data in Anna, OR
You are that person's legal guardian (in the case of children under 18 or people under your guardianship/curatorship).

Anna relies on this declaration and has no way to verify each case individually. You are responsible for ensuring the inclusion is legitimate.

8.2. How Anna handles this data

Your dependents' data stays linked to your account and visible only to you.
Anna does not send marketing communications to people added as dependents (unless they create their own account and consent).
For minors, Anna processes the data strictly for the declared purpose (building the family's set of policies).

8.3. Rights of the people added

Anyone whose data is in Anna (even if added by a third party) has the right to:

Request access to their own data
Request correction or deletion
Know who added them

To exercise these rights, just get in touch via the channel in section 16, and Anna will process the request, possibly needing to verify the requester's identity.

8.4. Sensitive data of third parties

Health, life, or travel policies may contain sensitive data about dependents. You take on the responsibility of only uploading those policies if you have the person's authorization (or if you are their legal guardian).

In plain words
When you add your spouse, child, or parent to Anna, you're saying you have permission. That data stays only in your account — Anna doesn't send them promotions. They can ask to see or delete their own data at any time.

9. Who we share with (and who we don't)

9.1. Who Anna does NOT share with

To be absolutely clear:

❌ Insurers — Anna does not send your policies, data, or history to any insurer.
❌ Insurance brokers or brokerages — even if you have a broker, Anna shares nothing.
❌ Advertisers — Anna does not sell ad space targeted by personal data.
❌ Credit or risk bureaus — Anna does not consult or feed those systems.
❌ Other users — your portfolio is private and individual.

9.2. Who Anna shares with (data processors)

Anna relies on specialized third-party companies to operate. Each one processes personal data on Anna's behalf, under a contract with confidentiality, security, and data-protection clauses. The main categories:

Vendor category	What it's for	Examples
Cloud infrastructure	Hosting the app, database, storage of policy files	Amazon Web Services, Google Cloud
AI models	Extracting data from documents, assistant chat	Anthropic, OpenAI (under a no-retention and no-training clause)
Usage analytics (product)	Understanding how the app is used in order to improve it	Mixpanel, PostHog
Usage analytics (website)	Metrics for the marketing site	Google Analytics
Push notifications and email	Sending alerts and communications to you	Firebase Cloud Messaging, transactional email provider
Authentication	Login with Google/Apple, if you choose	Google Sign-In, Sign in with Apple
Customer support	Answering your questions	Help-desk platform
Error monitoring	Detecting and fixing bugs in the app	Sentry or similar

The list of specific vendors may change as Anna evolves. The always-current version is available on request via the channel in section 16.

9.3. Sharing due to legal obligation

Anna may share personal data when:

There is a court order or request from a competent authority (police, prosecutors, tax authority, etc.), following the legal requirements.
It is necessary to defend Anna's rights in administrative, arbitration, or judicial proceedings.
It is necessary to protect the life or physical safety of you or third parties.

Whenever legally possible, Anna notifies the data subject before complying with these requests.

9.4. In case the company is sold

If Anna is sold, merged, or acquired by another company, your data may be transferred as part of the operation. In that case:

You will be notified with reasonable advance notice.
The acquiring company is bound to follow, at a minimum, the same standards as this Policy.
You can exercise your rights (including deleting your account) before the transfer.

In plain words
Anna does NOT pass your data to insurers, brokers, advertisers, or credit bureaus. The companies Anna shares with are technical vendors (cloud, AI, analytics) that sign a contract to take good care of your data. If a court requests it, we comply — but we tell you when we can.

10. Cookies and similar technologies on the website

This section applies to the marketing website (anna.com.br). Inside the app we don't use cookies — we use device identifiers and equivalent SDKs, described in section 4.4.

10.1. What cookies are

Cookies are small files the website stores in your browser to recognize your preferences, remember your progress, or measure how the site is being used.

10.2. Which cookies we use

Category	Purpose	Can it be disabled?	Example tools
Essential	Keep the site working, remember consents, basic security	No (without them the site doesn't work)	Anna's own cookies
Performance	Understand how visitors use the site in order to improve it	Yes	Mixpanel, PostHog, Google Analytics
Marketing	Measure campaign effectiveness and show relevant ads on other platforms	Yes	Meta Pixel, Google Ads (where applicable)

10.3. How to manage cookies

On your first visit to the site, you get a banner to choose which categories to accept. You can change your choice at any time in the site footer, under "Cookie preferences".

You can also block or delete cookies directly in your browser settings. Note that disabling essential cookies may compromise how the site works.

In plain words
Anna's site uses cookies to work, measure traffic, and (eventually) ads. You decide which to accept on first access and can change it later. The app doesn't use cookies — it uses its own identifiers, all anonymous.

11. How long we keep your data

Anna does not keep data longer than necessary. The retention periods vary by purpose:

Type of data	Retention period
Account and policy data	While your account is active
Data after account deletion	Deleted within 30 days of the request (grace period to reverse it, in case it was accidental)
Application access logs	6 months (under Art. 15 of the Brazilian Internet Civil Framework)
Financial transaction logs (where applicable)	5 years (under tax law and the Consumer Code)
Encrypted backups	Up to 90 days after deletion, for disaster recovery
Support conversations	2 years after the last contact
Anonymized data (no possibility of identification)	Indefinitely, for statistical and improvement purposes

After the applicable period, the data is irreversibly deleted or anonymized, as the case may be.

In plain words
While your account exists, Anna keeps it. When you ask to delete it, it's gone within 30 days. Some things (logs, tax data) Anna is required by law to keep longer — that time is in the table above.

12. Where your data is stored

Anna prioritizes storage in data centers located in Brazil. In some specific situations, your data may be processed or stored outside the country:

When the cloud provider maintains data centers in other regions and this is necessary to deliver the service.
When the contracted AI model is operated by a company headquartered abroad.
When the security backup replicates data in a different geographic region to ensure continuity in case of disaster.

In those cases, Anna adopts the safeguards provided in Art. 33 of the LGPD:

Contracts with Standard Contractual Clauses approved by the ANPD or equivalent
Verification that the destination country offers an adequate level of protection
Risk assessment before each transfer

In plain words
We try to keep everything in Brazil. When it has to leave (because the technology Anna uses is abroad), we make sure by contract that it stays protected by the same LGPD rules.

13. Security of your data

Anna adopts a set of technical and organizational measures to protect your data against unauthorized access, loss, alteration, or improper disclosure. Without going into details that could compromise security, here are the main ones:

13.1. Technical measures

Encryption at rest (AES-256) for all stored data, including policy files
Encryption in transit (TLS 1.3) for all communication between the app/site and Anna's servers
Passwords stored with a hash (a modern hashing algorithm with salt), not in plain text
Two-factor authentication (MFA) available for all accounts
Short-lived session tokens with automatic renewal
Environment isolation between development, staging, and production
Audit logs for access to sensitive data
Encrypted backups with a recovery plan tested periodically

13.2. Organizational measures

Principle of least privilege: each team member has access only to the minimum needed for their role
Confidentiality agreements with the entire team and vendors
Periodic training in data protection and information security
Formal security-incident response process, with notification to the ANPD and affected data subjects within legal deadlines
Periodic review of vendors that process personal data
Code reviews with security checks before any change reaches production

13.3. Handling sensitive data

When sensitive data (health, biometrics) appears in policies, Anna applies additional layers:

Segregated storage, with separate encryption keys
Reinforced access logs
Access restricted to a small group of team members, only when strictly necessary for support

13.4. Inherent limitation

Despite every effort, no system is 100% secure. Anna commits to:

Notify you in case of an incident affecting your data, within the deadlines required by the LGPD
Cooperate with you and with the ANPD to investigate and remedy any occurrence

Your collaboration also matters: use strong passwords, enable MFA, don't share credentials, keep the app updated, and be wary of emails or messages asking for your data.

In plain words
Anna encrypts everything, controls which team members can see what, trains the team, and has a plan for when something goes wrong. You help by using a good password and turning on MFA.

14. Your rights as a data subject

The LGPD guarantees you a range of rights over your data. Anna commits to handling any request within the legal deadline (up to 15 business days from the request).

Right	What it means	How to exercise it
Confirmation of processing	Confirm whether Anna processes your data	Request to the DPO
Access	Receive a copy of the data Anna holds about you, in a readable format	Request to the DPO; some information is also available directly in the app
Correction	Correct incomplete, inaccurate, or outdated data	Directly in the app (settings) or request to the DPO
Anonymization, blocking, or deletion	Ask for unnecessary data or data processed in breach of the LGPD to be anonymized, blocked, or deleted	Request to the DPO
Portability	Receive your data in a structured, interoperable format, or ask for direct transfer to another provider (where technically feasible)	Request to the DPO
Deletion of data processed with consent	Delete data held by Anna on the basis of consent (e.g., data used for marketing)	Request to the DPO or directly in the communication settings
Information about sharing	Know which public and private entities Anna has shared your data with	Request to the DPO
Information about not consenting	Know what happens if you don't give consent (e.g., which features won't work)	This Policy already provides this information; you can also ask the DPO
Withdrawal of consent	Withdraw consent previously given, at any time	App settings or request to the DPO
Objection	Object to processing carried out on a basis other than consent, when you believe there is a breach of the LGPD	Request to the DPO
Review of an automated decision	Ask for a human being to review a decision made solely by an automated system (Art. 20)	Request to the DPO
Petition to the ANPD	File a complaint with the National Data Protection Authority	Directly at gov.br/anpd

14.1. How Anna verifies your identity

To protect your data against fraudulent requests, Anna may ask for additional confirmation before handling sensitive requests (such as deletion or portability). Typically this involves:

Confirmation via the registered email
In more sensitive cases, validation by another factor (selfie with ID, verification code on your phone)

14.2. Free of charge

Handling your rights is free. In exceptional cases of repetitive or manifestly excessive requests, Anna may justify reasonable costs, as permitted by the ANPD.

In plain words
You're in charge. You can see everything Anna holds about you, correct it, export it, or delete it — just ask. In general, the answer comes within 15 business days and is free. If you prefer, you can also talk directly to the ANPD.

15. Children and adolescents

Anna is not intended for people under 18. We do not create accounts for children or collect their data directly.

When minors' data appears in Anna, it is always because a legal guardian added them as dependents in their own portfolio (e.g., a child as a beneficiary on a life policy). In those cases:

The legal guardian declares that condition when including the minor
Anna processes the data strictly for the declared purpose (organizing the family portfolio)
We never send marketing communications to minors, under any circumstances

If you are a legal guardian and want to remove a minor's data from Anna, just ask the DPO.

If you believe a minor created an account on Anna without their guardians' consent, let us know via the channel in section 16 and we will take immediate action.

In plain words
Anna is for people 18 and over. Children only show up as dependents added by their parents. No marketing, nothing beyond organizing the family's policy.

16. Data Protection Officer (DPO) and contact

Under Art. 41 of the LGPD, Anna designates as Data Protection Officer:

Name: [Name of the responsible founder — for now, founder-DPO]
Email: privacidade@anna.com.br
Response time: up to 15 business days

To exercise any of the rights listed in section 14, ask questions about this Policy, or report a security incident, just send a message to the email above describing:

Which right you want to exercise (or your question/report)
Your full name and the email registered with Anna
Relevant details (period, specific data, etc.)

As Anna grows, the DPO role may come to be performed by a specialized professional or company. Any change will be updated in this Policy and communicated by email to data subjects.

In plain words
Want to talk to Anna about your data? privacidade@anna.com.br. We respond within 15 business days.

17. Changes to this Policy

As Anna evolves (new features, regulatory changes, new vendors), this Policy may be updated. The version in force is always available in the app and on the site.

When there is a material change (a change to the purposes, the sharing, the legal basis, or your rights), Anna notifies you at least 30 days in advance, via:

Registered email
A prominent notice in the app
A banner on the site

Formal changes (text corrections, clarity improvements, wording adjustments) are made without prior notice, but recorded in the version log below.

If you do not agree with material changes, you can close your account at any time, before or after the changes take effect, and your data will be handled as set out in section 11.

In plain words
When something important changes in the Policy, Anna gives 30 days' notice by email, app, and site. Small changes (a comma, a clearer sentence) are made quietly, but recorded in the version table.

18. Version log

Version	Date	Main changes	Responsible
1.0	05/11/2026	Initial version	Anna Seguros