By Victoria Goldenfum and Layon Lopes*
With the growth of the technology market in Brazil, app developers had to adapt the contracting costumes with their customers, also known as platform users. And for that, the Terms of Use and Privacy Policy became the main documents used to formalize the app commercial relationships in Brazil.
In order to understand the Terms of Use and Privacy Policy for apps in Brazil, we must clarify that such documents are considered, through the legal perspective, as usual contracts between the application developers and their respective customers.
One of its main characteristic, however, lies in the fact that the Terms of Use and Privacy Policy for apps in Brazil are recognized as adhesion contracts, that is, the user must accept the conditions as they are expressed in the document, otherwise, if you do not accept those terms and conditions, your application access will not be conceded.
The document structure was created to effectively preclude contractual conditions’ discussions. Other great examples of adhesion contracts are the ones used in the banking segment by the financial institutions, which do not allow the regular customer to discuss or negotiate the contract clauses.
The Terms of Use for apps in Brazil usually establishes who the application provider is, which are the platform’s rules, the contracted features description, the good coexistence rules, conditions for users exclusion from the platform in case of contractual breaches, as well as other related obligations and duties.
The Privacy Policy, on the other hand, will establish the rules, conditions and information about the data processing operation performed on the app, as well as information regarding the data generated through the app interactions.
Regarding the data protection regulation for apps, the entrepreneur must promote with emphasis and clarity, what will be the data processing operation used, especially if the data collected is to be considered as the personal data category, the one that identifies a natural person.
Personal data are protected by a special Brazilian legislation, called the LGPD (General Data Protection Law, as translated from Portuguese). The LGPD is similar to the European and American personal data protection laws.
Through the Privacy Policy for apps in Brazil, the app developer needs to collect the user’s authorization to process their personal data. Such authorization must follow some important principles established by law in order to become a valid one.
Among the required prerequisites for obtaining a valid personal data processing authorization are, for example: the necessity of expressing a clear and transparent description of the personal data processing purpose, that is, for what purposes the personal data is to be processed, who will be the company’s suppliers that will, eventually, have contact with the personal data collected through the platform; and for how long the personal data will be processed.
All authorizations required by the LGPD will be captured through the acceptance of Terms of Use and Privacy Policies. For this reason, such documents have a great relevance for the app developer, as it may become the sole formal contract that regulates the conditions with their customers, and the only instrument that can be used in an eventual defense on the edge of a lawsuit.
Therefore, it is of great importance that the application developer seeks strategic legal advice to carry out the construction of these documents, according to their operation and according to the type of data that will be processed through the app’s use.
If you have any need for more information regarding understanding the terms of use and privacy policy for apps, please contact our strategic legal team.
* Layon Lopes is the CEO of Silva | Lopes and Victoria Goldenfum is a member of the Silva | Lopes team.