Sprita iT

Privacy Policy

Sprita iT, LLC
Effective Date: October 10, 2025
Last Updated: October 10, 2025

  1. Introduction

Sprita iT, LLC ("we," "us," "our," or "Company"), a Puerto Rico limited liability company, is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, website, and applications.

This policy applies to all users globally and complies with applicable data protection laws, including:

  • Puerto Rico Law 81-2019 (Data Protection Act)
  • U.S. federal laws and state privacy regulations
  • Brazil's Lei Geral de Proteção de Dados (LGPD)
  • European Union's General Data Protection Regulation (GDPR)
  • Latin American data protection frameworks

Contact Information:
Email: [email protected]
Address: Sprita iT, LLC, Puerto Rico

  1. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Identity Data: Name, username, date of birth, government-issued ID numbers
  • Contact Data: Email address, telephone number, physical address
  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Information about how you use our services, products, and website
  • Financial Data: Payment card details, billing information, transaction history
  • Profile Data: Preferences, feedback, survey responses, account settings
  • Communications Data: Your communications with us, including emails and chat messages

2.2 Sensitive Personal Information

We may collect sensitive data only with your explicit consent or where legally required, including:

  • Biometric data (if applicable to our services)
  • Health information (if relevant to service provision)
  • Racial or ethnic origin, political opinions, religious beliefs (only when necessary and permitted by law)

2.3 Automatically Collected Information

We automatically collect certain information through cookies and similar technologies:

  • Log files and analytics data
  • Device identifiers and network information
  • Location data (with your permission)
  • Cookies and tracking technologies
  1. Legal Basis for Processing (GDPR & LGPD)

We process your personal data based on the following legal grounds:

  • Consent: You have given explicit consent for specific purposes
  • Contract Performance: Processing is necessary to fulfill our contractual obligations
  • Legal Obligation: We must process data to comply with legal requirements
  • Legitimate Interests: Processing is necessary for our legitimate business interests, provided your rights don't override these interests
  • Vital Interests: Processing is necessary to protect someone's life or physical integrity
  1. How We Use Your Information

We use your personal information for the following purposes:

4.1 Service Provision

  • Deliver and maintain our services
  • Process transactions and manage accounts
  • Provide customer support and respond to inquiries
  • Authenticate users and prevent fraud

4.2 Business Operations

  • Improve and optimize our services
  • Conduct analytics and research
  • Develop new products and features
  • Ensure security and prevent abuse

4.3 Communications

  • Send administrative information and service updates
  • Provide marketing communications (with your consent)
  • Respond to your requests and questions

4.4 Legal Compliance

  • Comply with legal obligations and regulatory requirements
  • Enforce our terms and policies
  • Protect our rights and those of our users
  • Respond to legal requests and prevent harm
  1. Data Sharing and Disclosure

We may share your personal information in the following circumstances:

5.1 Service Providers

We share data with third-party vendors who perform services on our behalf:

  • Cloud hosting providers
  • Payment processors
  • Analytics providers
  • Customer support platforms
  • Marketing and communication tools

All service providers are contractually obligated to protect your data and use it only for specified purposes.

5.2 Business Transfers

In connection with mergers, acquisitions, or asset sales, your information may be transferred to the acquiring entity.

5.3 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes, court orders, or government requests
  • Enforce our agreements and policies
  • Protect the rights, property, or safety of Sprita iT, our users, or others
  • Detect, prevent, or address fraud or security issues

5.4 With Your Consent

We may share information for purposes not described in this policy with your explicit consent.

5.5 International Transfers

Your data may be transferred to and processed in countries other than your country of residence, including the United States and other jurisdictions. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions recognized by relevant authorities
  • Other legally approved transfer mechanisms
  1. Your Privacy Rights

Depending on your jurisdiction, you have the following rights:

6.1 GDPR Rights (European Union)

  • Right to Access: Obtain confirmation of data processing and access to your data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Restrict processing in certain circumstances
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time
  • Right to Lodge a Complaint: File a complaint with a supervisory authority

6.2 LGPD Rights (Brazil)

  • Confirmation of processing and access to data
  • Correction of incomplete, inaccurate, or outdated data
  • Anonymization, blocking, or deletion of data
  • Portability of data to another service provider
  • Information about public and private entities with which data is shared
  • Information about the possibility of denying consent
  • Revocation of consent

6.3 Puerto Rico Law 81-2019 Rights

  • Access to personal information held by the Company
  • Correction of inaccurate data
  • Deletion of data when no longer necessary
  • Opposition to processing in certain circumstances
  • Request information about data collection and use practices

6.4 U.S. State Privacy Rights

For residents of California, Virginia, Colorado, Connecticut, and other states with privacy laws:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale or sharing of personal information
  • Right to correct inaccurate information
  • Right to non-discrimination for exercising privacy rights

6.5 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within the timeframe required by applicable law (typically 30 days, extendable to 60 days for complex requests).

  1. Data Retention

We retain personal information for as long as necessary to:

  • Fulfill the purposes described in this policy
  • Comply with legal, accounting, or reporting requirements
  • Resolve disputes and enforce agreements
  • Maintain security and prevent fraud

Retention periods vary based on:

  • The nature and sensitivity of the information
  • Legal or regulatory requirements
  • The purposes for which we process the data
  • Whether legal claims may arise

When data is no longer needed, we will securely delete or anonymize it.

  1. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and audits
  • Employee training on data protection
  • Incident response and breach notification procedures

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

  1. Children's Privacy

Our services are not directed to individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we learn we have collected data from a child without proper consent, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at [email protected].

  1. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and preferences
  • Analyze site usage and improve performance
  • Provide personalized content and advertising
  • Enhance security and prevent fraud

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our services.

Types of Cookies We Use:

  • Essential Cookies: Required for basic functionality
  • Performance Cookies: Help us understand how visitors interact with our site
  • Functional Cookies: Remember your preferences and settings
  • Targeting/Advertising Cookies: Deliver relevant advertisements
  1. Third-Party Links and Services

Our services may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

  1. Marketing Communications

With your consent, we may send you marketing communications about our products, services, and promotions. You can opt-out at any time by:

  • Clicking the "unsubscribe" link in our emails
  • Adjusting your account preferences
  • Contacting us at [email protected]

Even if you opt-out of marketing, we may still send you transactional or service-related communications.

  1. Data Protection Officer and Representatives

For questions about this Privacy Policy or to exercise your rights, contact us at:

EU Representative

For GDPR-related matters, our EU representative can be contacted at the email address above.

Brazil LGPD Representative

For LGPD-related matters, our Brazil representative can be contacted at the email address above.

  1. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date
  • Sending an email notification (for significant changes)
  • Obtaining your consent where required by law

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

  1. Supervisory Authorities

You have the right to lodge a complaint with a data protection supervisory authority in your jurisdiction:

European Union

Contact your local Data Protection Authority (DPA) or the lead supervisory authority where our EU establishment is located.

Brazil

Autoridade Nacional de Proteção de Dados (ANPD)
Website: www.gov.br/anpd

Puerto Rico

Office of the Chief Information Officer
Commonwealth of Puerto Rico

United States

Federal Trade Commission (FTC)
State Attorneys General (for state-specific privacy laws)

  1. Additional Jurisdiction-Specific Information

16.1 California Residents (CCPA/CPRA)

California residents have specific rights under the California Consumer Privacy Act, including:

  • Categories of personal information collected and disclosed
  • Right to opt-out of sale of personal information (we do not sell personal information)
  • Right to limit use of sensitive personal information

16.2 Nevada Residents

Nevada residents may opt-out of the sale of covered personal information. We do not currently sell personal information as defined by Nevada law.

16.3 Brazil (LGPD)

We process data in accordance with LGPD principles: purpose, adequacy, necessity, free access, data quality, transparency, security, prevention, non-discrimination, and accountability.

16.4 Argentina

We comply with Law 25,326 on Personal Data Protection and its regulations.

16.5 Mexico

We comply with the Federal Law on Protection of Personal Data Held by Private Parties.

  1. Do Not Track Signals

Some browsers offer "Do Not Track" (DNT) signals. We do not currently respond to DNT signals, but we provide you with choices about data collection and use as described in this policy.

  1. Automated Decision-Making

We may use automated decision-making, including profiling, to:

  • Prevent fraud and enhance security
  • Personalize user experience
  • Improve our services

You have the right to object to automated decision-making and request human review of decisions that significantly affect you.

  1. Contact Us

For questions, concerns, or to exercise your privacy rights, please contact us:

Sprita iT, LLC
Email: [email protected]
Subject: Privacy Inquiry

We will respond to your inquiry within 30 days or as required by applicable law.

Acknowledgment: By using our services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.