Legal · Privacy

    Your data, handled in the open.

    What we collect, why, who touches it, how long we keep it, and how to take it back.

    Last updated · May 26, 2026

    legal.englishNotice

    Article 01

    Who we are (Controller)

    The controller of personal data processed through My Perfect Movie is Murilo Souza, acting as an individual.

    Contact for any privacy matter: contact.myperfectmovie@gmail.com.

    We don't have a formally appointed Data Protection Officer. For a project of this size, requests are handled directly by the controller and answered within 15 days as required by LGPD Art. 19.

    Article 02

    What we collect

    Account. Email, display name, and an encrypted password (hashed by Supabase Auth, never stored in plain text).

    Movie data. Films you add to your Liked and Watchlist lists, your ratings, optional notes, and the dates you saved them.

    AI history. The shortlists and daily picks the AI generated for you, plus the filters you ran them with.

    Profile. Your display name and avatar (optional). If you opt into a public profile, those plus your lists become visible to anyone with your profile link.

    Consent ledger. Append-only record of which policy versions you accepted (Terms, Privacy, age confirmation), with timestamps and the browser user-agent string.

    Technical metadata. Server logs (timestamp, IP address, request path) created by Supabase when you call our API; rate-limit counters; failed-login counters. Used for security and abuse prevention.

    We don't run analytics trackers and don't display ads, so we don't collect behavioural profiles, device fingerprints, or cross-site identifiers.

    Article 03

    Why we collect it (legal basis)

    Every purpose has an explicit legal basis under GDPR Art. 6 / LGPD Art. 7:

    • Run your account (sign-in, save lists, generate the daily pick): contract performance (GDPR 6(1)(b) / LGPD 7(V)).
    • AI shortlist via DeepSeek (personalised recommendations built from your film list). Contract performance (GDPR 6(1)(b) / LGPD 7(V)): it's the core feature you signed up for. The payload carries no identifiers (film titles, years, genres, ratings and your filters only), so it isn't linkable to you.
    • Security & abuse prevention (rate limits, audit logs, failed-login counters): our legitimate interest in keeping the service available (GDPR 6(1)(f) / LGPD 7(IX)).
    • Service emails (password reset, email confirmation, retention warnings): contract performance (GDPR 6(1)(b) / LGPD 7(V)).
    • Legal compliance (responding to lawful requests): GDPR 6(1)(c) / LGPD 7(II).

    Article 04

    Who processes your data (subprocessors)

    We use a small number of vetted processors. Each is bound by their own terms and applicable data-protection commitments:

    • Supabase Inc.: database, authentication, edge functions, file storage. Hosts the bulk of personal data. supabase.com/privacy
    • DeepSeek: large language model used to build your AI shortlist. Receives only your film titles, years, ratings, notes, and the filters you set (no email, no name, no account ID). Located in China; because the payload contains no identifiers, it cannot be linked back to you.
    • The Movie Database (TMDB): public movie catalogue queried for posters, summaries and metadata. Outbound requests do not include your account identity. themoviedb.org/privacy-policy
    • Apache / Hostinger: static-site hosting for the frontend bundle. Standard HTTP access logs.

    We do not sell, rent, or trade personal data to anyone.

    Article 05

    International data transfers

    European Union / United Kingdom / United States. Supabase operates from the United States; for users in the EEA/UK the transfer relies on the EU-US Data Privacy Framework and/or Standard Contractual Clauses.

    China. The DeepSeek AI provider is established in China, which has no adequacy decision from the European Commission or the ANPD. The data we send it carries no identifiers (only film titles, years, genres, ratings and your filters), so it is not personal data that identifies you. Building the shortlist is part of the service you signed up for; if you'd rather not use it, simply don't run the AI recommendation feature.

    Brazil. Personal data of Brazilian residents is processed under LGPD. Transfers outside Brazil follow the bases described above (LGPD Art. 33).

    Article 06

    How long we keep it (retention)

    • Active accounts. Retained as long as you keep using the service.
    • Dormant accounts. If you don't sign in for 24 months, you'll see an on-site warning the next time you visit (and, if email is configured, an email warning). 30 days after the warning, if you haven't returned, the account and all linked personal data are hard-deleted automatically.
    • Consent ledger. Kept for the life of the account; erased on account deletion.
    • Security logs. Rate-limit counters and failed-login records are auto-pruned after 7 days.
    • Server access logs. Retained by Supabase per their own policy (commonly 7-30 days).
    • Backups. Database backups taken by Supabase rotate on their schedule; deleted personal data disappears from backups within that rotation window.

    Article 07

    Your rights

    Under GDPR (Arts. 15-22) and LGPD (Art. 18) you can, at any time:

    • Access a copy of everything we hold about you (JSON export available from your Profile → Settings).
    • Rectify incorrect information about you (Profile → Settings).
    • Erase your account and all linked data (Profile → Settings → Delete my account; immediate, irreversible).
    • Portability: the JSON export is machine-readable and can be carried to another controller.
    • Stop AI processing at any time: it only runs when you click Generate, so simply don't use the recommendation feature. The rest of the service works without it.
    • Object to processing based on legitimate interest, or restrict it while we evaluate.
    • Not be subject to fully automated decisions. The AI shortlist is a suggestion; it makes no legal or similarly significant decisions about you.
    • Complain to your supervisory authority, the ANPD (Brazil) or your national DPA in the EEA/UK, if you believe we mishandled your data.

    Article 08

    Security

    • Passwords are hashed (never stored in plain text) by Supabase Auth.
    • All traffic is HTTPS with HSTS enforced.
    • Row-Level Security policies on every personal-data table, so your data is invisible to other users at the database level.
    • Content Security Policy locks the page down to a small allowlist of origins.
    • API tokens (JWTs) are verified server-side on every privileged call, never trusted on decode alone.
    • We rotate access keys and review security posture periodically (most recent audit: May 2026).

    Article 09

    Minimum age

    The service is for users 16 or older. We ask you to confirm this at signup and do not knowingly collect data from anyone younger. If you believe a minor has created an account, email us and we will delete it.

    Article 10

    Cookies & tracking

    We only set essential cookies (your sign-in session, your saved filter preferences). No analytics trackers, no advertising trackers, no cross-site tracking. The full breakdown is in our Cookie Policy.

    Article 11

    Changes

    When we materially change this policy, we'll update the "Last updated" date and ask you to re-accept on your next sign-in. Older consent records remain valid for the version they were given against, so the ledger keeps an accurate history.

    Article 12

    Contact

    For any data-protection question (exercise of rights, complaint, or just a doubt), write to contact.myperfectmovie@gmail.com. We respond within 15 days (LGPD Art. 19).

    Cookies. Essential cookies keep you signed in. With your consent, we also use Microsoft Clarity to see what works and improve the site. Cookie Policy.