Privacy Policy - Brazil
Legal Privacy Policy - Brazil

Privacy Policy - Brazil

Last updated: June 04, 2026

INITIAL PRIVACY AND PERSONAL DATA PROTECTION AREA

At SmartFastPay, we are committed to Privacy and Data Protection. We are committed to Privacy and Data Protection! Therefore, we are dedicated to acting ethically and legally, adhering to the best guidelines for Information Security and respecting the Brazilian General Data Protection Law (LGPD).

Our priority is to ensure that all customers, partners, and third parties who engage with SmartFastPay feel secure.

To achieve this, we have various Data Privacy and Compliance Policies, and we invest in training our employees, aiming to create a high-quality and efficient organizational structure.

We want to offer you the best possible service while responsibly protecting your personal data.

We understand that Privacy is a fundamental issue, and we take it seriously. We want you to feel secure and confident when interacting with us, knowing that your data is protected and that we are committed to maintaining a relationship of mutual trust. We are here to take the best possible care of your personal data.

WHOSE PERSONAL DATA DOES SMARTFASTPAY HOLD?

We hold personal information from three main data subjects: Customers, Agents (note that, in the case of a legal entity, we are referring to the personal data of the legal representative and Ultimate Beneficial Owners), and Users (our Clients' customers).

If you are already our customer, a customer of one of our clients, or an agent, please also access our PRIVACY NOTICE.

WHY DOES SMARTFASTPAY USE PERSONAL DATA?

We need the personal data of our customers and agents to formalize our relationship, consolidate contracts, and send promotional and advertising materials to those who wish to receive them, as well as to respond to and maintain contact with individuals who reach out to us via our website or social media.

For this reason, we work day and night to offer you the best product and service experience, to ensure complete satisfaction.

When we talk about privacy protection, this involves a commitment to the security of your data and respect for your privacy, but also our commitment to ensuring you are in control of your personal information.

WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?

At SmartFastPay, your rights are fully guaranteed! In accordance with the General Data Protection Law (LGPD), data subjects can request a series of information.

To ensure your rights are protected, we have created the email dpo@smartfastpay.com, so you can contact our person in charge of personal data processing!

Additionally, you can request information and exercise your rights directly through our Data Subject Request Form.

GET IN TOUCH WITH US!

Getting in touch with a SmartFastPay representative is simple. Just contact us directly through the customer service channel listed on our website or reach out to our privacy leader (Data Protection Officer - DPO), Rodinei Teixeira, at rodinei.teixeira@smartfastpay.com

SMARTFASTPAY PRIVACY NOTICE

WHO WE ARE

We, at SmartFastPay, are a Brazilian company that offers local payment methods for both domestic and international websites. We process payments in local currency or provide specific solutions for each market.

To make this possible, we handle some personal information, and we need to ensure your privacy and protect your data!

Therefore, it is very important that you carefully read our Privacy Notice, so you can know and understand the purpose and use of the personal information collected.

We would like to remind you that:

  • SmartFastPay simplifies access to reliable, local payment methods, enabling merchants worldwide to leverage their businesses in Latin America.
  • At SmartFastPay, we believe that with technology and commitment, we can bring financial services to anyone, whether they are included in the banking system or not, and regardless of their financial status. We aim to meet daily payment needs by providing access to the services and products of major companies.

OUR COMMITMENT

The protection of your personal data is our priority, and we will do everything within our power to keep it secure, preserving your privacy and trust.

Therefore, it's important that you know exactly how your information will be used. This is why we have prepared this Privacy Notice in a clear and direct manner, designed specifically for you, just like our services.

Our clients are our "legitimate interest," which is to say, our reason for being. All the work we do is aimed at ensuring the best service and conditions for our services.

However, to make this possible, we need to collect and use some personal information. Rest assured that we guarantee we adopt all the necessary rights and security measures to protect your information.

DEFINITIONS

To help you understand this Privacy Notice, we will explain the main concepts used in this document:

PERSONAL DATA: Any information that can directly or indirectly lead to the identification of a natural person ("Data Subject").

SENSITIVE PERSONAL DATA: Any personal data concerning racial or ethnic origin, religious belief, political opinion, trade union membership or membership of a religious, philosophical or political organization, data relating to health or sexual life, or genetic or biometric data, when linked to a natural person.

DATA PROCESSING: Any and all operations performed with Personal Data, from its collection to its deletion, such as those related to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination, or extraction.

DATA SUBJECT: A natural person to whom the personal data refers.

CONTROLLER: A natural or legal person that makes the decisions regarding the Processing of Personal Data.

PROCESSOR: A natural or legal person who performs the processing on behalf of the Controller.

LGPD or GENERAL DATA PROTECTION LAW: Brazilian legislation (Law No. 13,709/2018) that provides for the processing of personal data, including by digital means, by a natural person or a legal entity, with the objective of protecting the fundamental rights of freedom and privacy.

PLATFORM: A tool developed and marketed by SmartFastPay.

AGENT: A legal entity with which SmartFastPay has an established commercial partnership relationship.

LEAD: Representatives of companies that fill out the demo request form on the website.

CLIENTS: Regardless of whether written in the plural or singular, this refers to a legal entity that acts as a contractor of SmartFastPay, using its services.

USERS: A natural person who has a relationship with SmartFastPay's Client.

COMPANY'S LEGAL REPRESENTATIVES: Or simply "Company Representative(s)," these are the natural persons nominated by the company to make contacts, receive relevant usage notifications, negotiate new conditions, manage the available clients, among other activities related to SmartFastPay's service.

LEGAL BASES: For the processing of personal data to comply with the LGPD, it must respect at least one of the ten legal bases (hypotheses) provided by the law, from which we highlight the main ones in our relationships below:

CONSENT: This is the most common legal basis, when the data subject provides their data for processing through their consent, which must be collected freely, informed, and unequivocally.

PERFORMANCE OF CONTRACTS OR PRE-CONTRACTUAL PROCEDURES: When data processing involves the formalization, or pre-formalization, of the contractual relationship between the parties.

CREDIT PROTECTION: Aims at processing that seeks to reduce the financial risks of the controller and the processor, including risk analysis, credit granting, collection, and credit protection.

COMPLIANCE WITH A LEGAL OBLIGATION: When the processing is foreseen and required by other laws or regulations.

LEGITIMATE INTEREST: For processing that aims at supporting and promoting the controller's activities.

WHAT PERSONAL DATA WE COLLECT AND FROM WHOM

All the information mentioned will be collected, processed, stored, handled, and made available for consultation by SmartFastPay whenever relevant or whenever its use is permitted and necessary, or when requested by the personal data subject to fulfill legal obligations.

CLIENTS (Legal Representatives, Ultimate Beneficial Owners, and Directors): Name, Email, Phone Number, Personal Document, CPF/RG, Passport, and Address.

AGENTS (Legal Representatives, Ultimate Beneficial Owners, and Directors): Name, Email, Phone Number, Personal Document, CPF/RG, Passport, and Address.

USERS (CLIENTS' CUSTOMERS): Name, Email, CPF, and Financial Data (PIX Key).

LEADS: Name, email, and information related to their professional activity.

HOW WE COLLECT PERSONAL DATA

We need personal data to provide the best service and the most appropriate support for our stakeholders, ensuring security and transparency with full respect for the principles set forth by the General Data Protection Law (LGPD) and other legal provisions.

As such, we present below how we collect data from each of the data subjects with whom we engage:

CLIENTS (Legal Representatives, Ultimate Beneficial Owners, and Directors): Information contained in contracts, public data, and form submissions.

AGENTS (Legal Representatives, Ultimate Beneficial Owners, and Directors): Information contained in contracts, public data, and form submissions.

USERS: Information passed on by Clients or directly by users for support purposes.

LEADS: Form submissions on our website or landing pages.

In its existing relationships, SmartFastPay predominantly acts as a data processor. This means that we handle personal data on behalf of our clients and contractors (the controllers), strictly following their instructions.

The client acknowledges that, according to the concepts of the LGPD, they will act as a controller in relation to the personal data transmitted to and processed by SmartFastPay

FOR WHAT PURPOSES WE COLLECT PERSONAL DATA

The personal data collected will only be processed as long as there is a purpose that justifies this processing. Therefore, to use it for any other activities not mentioned in this Notice, we will always request your consent, unless there is another legal basis that justifies it.

To offer our services, we use legal bases such as consent, the contractual relationship with clients and partners, legal or regulatory obligation, credit protection, and legitimate interest. However, we always respect the rights of data subjects and maintain full transparency in our operations.

You already know that we use personal data to provide our best services, but we also use data to communicate with you, personalize your experience, fulfill our legal obligations, and ensure your security.

Below are the main data processing activities carried out, along with their respective purposes and the legal bases that justify them:

External Communication: To provide our services, communication with clients, agents, and competent authorities is necessary through notices and informative materials.

Legal Basis: Contractual relationship and/or legitimate interest and/or legal or regulatory obligation.

Client Due Diligence: With the goal of ensuring the security and compliance of our services, an in-depth due diligence is performed on clients and their entire corporate chain.

Legal Basis: Contractual relationship and/or legal or regulatory obligation.

User Due Diligence (KYC): For the security and compliance of our services, due diligence is performed on users (clients' customers), as well as the monitoring of financial transactions.

Legal Basis: Contractual relationship and/or legal or regulatory obligation.

Formalizing Contracts and Terms: Personal data is used to formalize contracts between the parties, as well as other terms necessary for the execution of the services, such as terms of use and licensing agreements.

Legal Basis: Contractual relationship and/or legal or regulatory obligation.

Financial Transactions: Personal data is used for processing payments and financial transactions.

Legal Basis: Credit protection, legitimate interest, and contract performance.

Registration Information: Personal data is used for the registration and maintenance of client and user records.

Legal Basis: Credit protection, legitimate interest, and contract performance.

a. WITH WHOM WE SHARE PERSONAL DATA

We would like to emphasize that we work with the best partners and representatives in the market. As such, we share personal data with them, as reasonably necessary for the purposes of this policy or to fulfill legal/contractual obligations. This sharing is done with due respect for the necessity and purpose of the data. The main instances of sharing are:

Clients: We share personal data for the provision of our services.

Judicial and/or Regulatory Bodies: In cases of regulatory audits, legal proceedings, to exercise, defend, or establish our own rights or those of third parties, or to comply with an order issued by a competent authority.

Platforms: For the provision of our services, we use the following platforms: Google Cloud Platform (GCP), DocSign, Google Drive, Microsoft Office, Sumsub, Trello, and WhatsApp.

b. INTERNATIONAL DATA TRANSFER

SmartFastPay clarifies that it may send or process any information outside of the national territory.

In cases of sending or processing information outside the national territory, SmartFastPay guarantees that such countries have and comply with data protection measures that are at least at the same level as the country of origin.

c. STORAGE DURATION

As a processor, we store personal data only for the period strictly necessary to provide the services to the controllers, to comply with a law or regulation, to comply with a court order, or a request from a competent authority.

Personal data and other information processed for any of the purposes mentioned in this Notice will not be kept for longer than is strictly necessary for the conclusion of their intended purposes, except when supported by Articles 12 and 16 of the LGPD.

Electronic data and documents containing personal data may be retained for longer than necessary for their purposes in cases of: legal or regulatory obligation, reduction of fraud risk, or the full exercise of the right of defense.

HOW WE ENSURE YOUR PRIVACY

SmartFastPay will use its best efforts to respect and protect personal data and information against loss, theft, or any form of misuse, as well as against unauthorized access, disclosure, alteration, and destruction.

SmartFastPay employees are prohibited from reproducing or sharing any content in SmartFastPay possession without authorization from SmartFastPay, through any means of communication and/or reproduction.

Additionally, we have contractual stipulations and require our agents and clients to adopt security, technical, and administrative measures capable of protecting personal data from unauthorized access and from accidental or unlawful destruction, loss, alteration, communication, or any form of improper or illegal processing.

All information or personal data entered into the digital environment or converted from physical to virtual will be encrypted by SmartFastPay, when necessary.

SmartFastPay guarantees that only the employees or partners necessary to process specific data and/or information will be granted credentials for such functions.

Anyone who has access credentials for the personal data and information covered by this policy and/or treated as confidential will be responsible for the proper care and use of their access credentials and may be held personally liable for the misuse of their credentials.

RESPONSIBILITIES

Clients and representatives commit to the truthfulness of the information provided, being held responsible in case of any illegality committed through the provision of false and/or unauthorized information.

The client, holding the position of controller, shall make all decisions regarding personal data and transmit the relevant instructions for its processing.

Just like SmartFastPay, the client declares that they comply with all Brazilian legislation on privacy, including the Federal Constitution, the Consumer Protection Code, the Civil Code, the Internet Civil Framework (Federal Law no. 12,965/2014), as well as the LGPD, expressing their commitment to process personal data related to the provision of Services with special attention to the principles of purpose, good faith, and public interest that justify the availability of the information collected.

SmartFastPay is not responsible for any data breach, disclosure, or improper data handling that did not occur due to its direct or indirect responsibility.

CHECK YOUR RIGHTS

In compliance with the LGPD, you, as a Data Subject, can exercise the following rights:

Confirmation of Processing: You can confirm if we process your personal data and, if so, request access to the data we hold about you.

Update and Correction: You have the right to update and correct your incomplete, inaccurate, or outdated personal data that we hold.

Anonymization, Blocking, and Erasure: You can request the anonymization, blocking, and erasure of unnecessary data or data processed in non-compliance with the LGPD.

Data Portability: You have the right to data portability, subject to applicable regulations and commercial and industrial secrets.

Information: You can request information about the sharing of personal data by the Controller with public and private entities.

Consent / Revocation: You have the right to question the provision of consent when requested, as well as the consequences of not providing it. Furthermore, you can revoke any given consent at any time, in an express and cost-free manner.

Data Erasure: You can request the erasure of personal data that is processed exclusively with your consent, except when keeping the data is necessary or permitted by law.

Right to Object: You have the right to object to processing performed based on other legal bases, in case of non-compliance with the LGPD.

Review of Decisions: You can request a review of decisions that affect you and are based on the automated processing of personal data, such as credit decisions.

Cancellation of Marketing Communications: You have the right to request the cancellation of directed offers for SmartFastPay products and services, either through our customer service channels or through the opt-outs available in our emails and other forms of communication.

EFFECTIVE DATE

SmartFastPay always seeks to improve its operations to ensure quality services and protections. Consequently, this Privacy Notice may be updated or unilaterally changed by SmartFastPay at any time.

We are always improving our Privacy Notice, and changes will be reflected on this page. So, before you use one of our Services, please take a look here.

When we publish changes to the Notice, we will update the date on which the last change was published.

Remember: By continuing to access the Services after such changes become effective, you agree to be bound by the new version of the Notice.

Any changes to this Notice will take effect 01 (one) day after publication on the official website.

CONTACT US

Data subjects can exercise all rights provided for in Article 18 of Law No. 13,709/2018 by making a request or through direct access, always accompanied by proof of identity. Simply contact our DPO via email at dpo@smartfastpay.com.

Please note that we may request some additional information to verify your identity, as a measure to prevent fraud.

If you need any support or have any questions, requests, or suggestions regarding this Notice or other privacy matters, we are always at your disposal. Simply contact our support center or speak directly with our privacy leader (Data Protection Officer - DPO), Rodinei Teixeira, at dpo@smartfastpay.com.

end-section
Message icon

Top questions answered

FAQ Portal
What does SmartFastPay do? Toggle content

SmartFastPay Technology and Services is a Brazilian company that offers local payment methods for national or international websites. We process payments in local currency or market-specific solutions. To use our services, you must be registered on the partner Sites to whom we offer the services.


As SmartFastPay is a payment and technology company, we do not have the autonomy to cancel and/or decide any internal processes of our partners. Therefore, all information about delivery, tracking, refunds, and other details of your purchase should be requested directly from your shopping site.

How long does it take to confirm my payment? Toggle content

The payment processing time may vary according to the payment method used.


We do not have autonomy over the processing time since we depend on the settlement/confirmation of the bank. When we receive the payment confirmation from the bank, the transaction is automatically approved, and the credit is sent to the purchase site.


If the indicated processing time has exceeded the expected period, we ask that you contact the purchase site sending the payment voucher.


  • PIX: Instantaneous or up to 11 minutes
  • Traditional Boleto: Between 24h to 72h
  • Credit Card: Instantaneous
  • Debit Card: Instantaneous
  • TED Bank Transfer: If made within business hours, TED transfers can take up to 2 hours to be identified by the receiving bank and compensated in your contact's account. However, if transfers are made outside business hours or on weekends, they will be scheduled for the next business day.
  • DOC Bank Transfer: an option for transfers from one bank to another, when performed until 9:59 PM on a business day, the operation is compensated on the next business day. After this time and on weekends and holidays, the credit only occurs on the second business day.

Didn't find your question?

Didn't find your question?

Talk to our support

News, product updates and insights straight to your inbox.