KineoPass
Sign inSign up
Privacy · updated 05/27/2026

Privacy Policy

v1.0· In force since 05/27/2026

Version 1.0 — effective from May 27, 2026.

Document under legal review. Subject to change.

Everything to ensure your peace of mind

KINEOPASS cares deeply about your privacy — we want you to have only positive experiences when accessing our platform (kineopass.com.br). To ensure your peace of mind, we have established this Privacy Policy that clarifies how we use the data you provide and emphasizes our commitment to the Brazilian General Data Protection Law (LGPD — Law No. 13,709/2018).

1. Registration and information provided by you

When registering with KINEOPASS, you must complete a registration containing personal information necessary for us to identify you and to process future registration charges.

The information collected at registration is:

  • Full name;
  • Nationality;
  • Identification document (CPF in Brazil or passport);
  • Date of birth (minimum 14 years old to use the platform; minors require registration by parents or legal guardians);
  • Phone number;
  • Gender (optional field — including "prefer not to say");
  • Email;
  • Preferred language (pt-br, es, or en).

In these cases, KINEOPASS acts as the controller of personal data — defining how and why such data is used.

1.1. Information provided for registration purposes

In addition to registration, you may need to complete a registration form prepared by the ORGANIZER of the event you intend to participate in. With respect to this information ("information provided for registration purposes"), KINEOPASS acts as the processor — handling data on behalf of the Organizers, according to their instructions. KINEOPASS solely provides the technological infrastructure necessary for the execution of registrations and event management, and is not responsible for the data processing practices adopted by Organizers outside the platform's features.

This information:

  • a) Is chosen at the sole and exclusive discretion of the ORGANIZER, who is solely responsible for preparing the registration form and may include, but is not limited to:
    • data related to health, such as proof, certificates, medical requests, or clearance documents, when necessary for participation in certain events;
    • data of the registration acquired, photo (selfie), product specifications (e.g., t-shirt size, windbreaker size, or similar);
  • b) Will be stored on KINEOPASS servers for the period determined in contract with the ORGANIZER, and may be deleted at the end of service provision if requested;
  • c) May be used by KINEOPASS as set forth in this Policy;
  • d) May be accessed, used, and copied by the event ORGANIZER.

The event ORGANIZER is an independent agent from KINEOPASS, being responsible for how it will use this data. By registering for an event, you acknowledge that KINEOPASS bears no responsibility for how the ORGANIZER will use your data.

Organizers, as controllers of registration data, may use participant data to make event-related communications, such as sending operational information, updates, important notices, or content related to the execution of the event.

Organizers may also have access to:

  • interactions with the event page, such as clicks and views;
  • number of registrations started and completed;
  • registration data and information provided by participants at the time of registration.

1.2. Registration on behalf of third parties

If you register for a third party, we will request the third party's data. In this case, you must have their authorization and be responsible for ensuring that the third party is aware of and agrees with our Terms of Use and Privacy Policy.

1.3. Minors

It is possible that, as a parent or legal guardian of a minor, you may register them on the platform for participation in an event. With respect to data of minors:

  • a) It may only be entered on the platform by parents or legal guardians, at the time of registration for events.
  • b) The minor's registration will always be linked to the registration of the respective guardian.
  • c) This information is used solely to enable the registration and participation of the minor in the event. KINEOPASS does not use data of minors for marketing purposes, targeted advertising, or other purposes unrelated to managing the registration.
  • d) You declare that you are aware of and accept that event ORGANIZERS may have access to the information necessary for registration and event operations. The legal guardian who provides the minor's data declares that they are authorized to do so and assumes responsibility for the accuracy of the information.
  • e) The legal guardian may, at any time, request the update or deletion of the minor's data, provided the minor is not registered in an event that has not yet taken place — to avoid jeopardizing the registration already made.
  • f) For questions about the treatment of data of minors or the exercise of rights related to data protection, contact us through the channels indicated in this Policy.

1.4. Payments

For payment purposes for the registration amount, you must provide your financial data (bank data for Pix; card data for credit card; transaction ID). This data is automatically routed to Asaas — partner payment institution that follows its own rigorous privacy policy. Sensitive financial data (full card numbers, CVV) is NOT processed nor stored on KINEOPASS servers.

If you use a credit card or bank data of a third party, we will request the third party's data. In this case, you must have their authorization and be responsible for ensuring that the third party is aware of and agrees with our Terms of Use and Privacy Policy.

2. Information collected automatically

KINEOPASS uses cookies and similar technologies to collect information about users' navigation on the platform. These technologies allow for analysis of site usage, measurement of campaign results, and personalization of the user experience. Third-party tools and services may be used for these purposes (such as providers of analytics, anti-bot, and transactional messaging).

Technology typePurpose
Log filesRecord usage data (IP, browser, operating system, dates, accesses, errors) for diagnostics, failure prevention, and security.
Navigation and event dataPage views, clicks on "Register," payment confirmation — to track the user's journey.
Essential cookiesSession, authentication, persistence of preferences (language, active role in multi-role case).
Protection cookies (Cloudflare Turnstile)Anti-bot on registration, login, and password recovery — to prevent automated abuse of the platform.
Analytics cookies(When authorized by the user) — aggregate usage measurement, product optimization.
Marketing cookies(When authorized by the user) — personalized communication and remarketing.

You may manage your cookie preferences via the consent banner presented when accessing the platform (where applicable). Essential cookies cannot be disabled as they are necessary for the service to function.

3. How we use your information

The processing of personal data occurs based on the following legal bases provided for in the LGPD:

Applicable especially for:

  • use of marketing cookies, ad personalization, and sending promotional communications;
  • receiving the KINEOPASS event calendar;
  • receiving communications from partners.

When processing depends on consent, the user may withdraw it at any time through the settings available on the Settings → Privacy page of the athlete panel, or through the contact channels indicated in this Policy.

3.2. Legitimate interest of KINEOPASS

For purposes of analyzing platform usage, system improvements, security, fraud prevention, and improvement of the user experience.

3.3. Contract performance

When data processing is necessary to enable the use and operation of the platform, including:

  • creating and managing user accounts;
  • enabling login, authentication, and access recovery;
  • processing event registrations;
  • managing transactions and payment statuses (without storing sensitive financial data);
  • displaying event information, registrations, and acquired products;
  • transmitting information to the ORGANIZER, under the terms of item 1;
  • sending technical notices, updates, security alerts, information about changes to our policies, support and administrative messages;
  • responding to your requests and providing support.

3.4. Transactional messages

Regardless of acceptance to receive marketing communications, once an order has been placed for one of the platform's events, we will send email messages related to your order — such as purchase confirmation, cancellation, relevant communications until the event takes place, and subsequent disclosure of results/certificates, where applicable.

All communication that KINEOPASS needs to make with you will be done by email (and, occasionally, by SMS when authorized and provided by the ORGANIZER). It is important that your email is always kept up to date. If you use anti-spam filters, please authorize the receipt of all messages from the kineopass.com.br domain.

3.5. Surveys

We may occasionally conduct surveys with our users — always with authorization and clearly identifying the sender. Survey results will always be anonymized and, after anonymization, may be disclosed to partners and the press.

3.6. Aggregated and anonymized data

KINEOPASS may also obtain non-personal information and data about user activities on the platform. This information may be aggregated and used to provide information to ORGANIZERS, understand which parts of the platform generate the greatest interest, and support product decision-making. Aggregated and anonymized data is considered non-personal information for purposes of this Policy and does not allow the direct identification of users.

4. Information security

The KINEOPASS Technology team implements technical and organizational measures to protect personal data from unauthorized access, leaks, and misuse. This includes:

  • profile-based access control (Athlete, Organizer, Admin), with Row-Level Security active in the database;
  • encryption of data in transit (TLS) and at rest (provider's disk layer);
  • monitoring of accesses and suspicious activity;
  • anti-bot protection via Cloudflare Turnstile on authentication routes;
  • mandatory two-factor authentication (TOTP) for administrators;
  • audit and traceability of relevant operations;
  • segregation of data between KINEOPASS and Organizers, respecting the controller and processor roles provided for by the LGPD.

4.1. International data transfer

Part of KINEOPASS's infrastructure is operated by service providers based outside Brazil. As such, some personal data may be processed or stored abroad — for example, in application hosting, database, observability (error logging), and messaging services. Whenever possible, we prioritize processing in Brazilian regions (transactional email delivery and file hosting take place in a region in Brazil) and keep payment data within the country.

These international transfers comply with the bases provided for in arts. 33 to 36 of the LGPD, relying on contractual data protection clauses signed with the providers and on the informed consent of the data subject. Analytics tools, in particular, are only activated upon your consent in the cookie banner. The detailed list of providers and their respective safeguards is kept internally and made available upon request to the Data Protection Officer.

5. Rights of the data subject

You may exercise your rights provided for in art. 18 of the LGPD at any time, including:

  • Confirmation and access — know which personal data of yours KINEOPASS processes and obtain a copy of it;
  • Rectification — correct incomplete, inaccurate, or outdated data (via profile edit in the athlete panel);
  • Portability — receive your data in a structured, interoperable format (JSON), through the "Export my data" function under Settings → Privacy;
  • Withdrawal of consent — disable marketing opt-ins at any time, in Settings → Privacy;
  • Erasure — request the deletion of your account in Settings → Privacy. KINEOPASS performs account anonymization while preserving, by legal and fiscal imposition, minimum records about registrations and payments already made (with no identifiable PII);
  • Information about sharing — know which public or private entities KINEOPASS shared your data with.

To exercise these rights, use the Settings → Privacy area of the athlete panel or contact us by email at privacidade@kineopass.com.br.

5.1. Governance and compliance

Technology acts together with business areas to ensure that the use of data is aligned with the LGPD. This includes:

  • implementation of consent mechanisms (cookie banner, marketing opt-ins);
  • support for the deletion, anonymization, and updating of data;
  • segregation of data between KINEOPASS and ORGANIZERS;
  • execution of ORGANIZERS' instructions when we act as processor.

KINEOPASS has appointed a Data Protection Officer (DPO), responsible for handling data subject requests and acting as the communication channel with the National Data Protection Authority (ANPD). You can reach them at dpo@kineopass.com.br.

By using the platform, the user declares that they are aware of and agree with the terms of this Privacy Policy and with the processing of personal data carried out as described in this document.

If the user registers or provides personal data on behalf of another person, they declare, under their sole responsibility, that they have the free, informed, and unequivocal consent of the data subject for providing and processing such information under the terms of this Policy. If the user does not have the authorization of the data subject, they must not proceed with the registration or with providing the information.

8. Updates to this Policy

KINEOPASS may update this Privacy Policy periodically to reflect changes in its personal data processing practices, changes in applicable legislation, or updates to its services and features.

Whenever there are relevant changes, users will be informed through the platform, by email, or through other available communication channels. The most up-to-date version of this Policy will always be available on the platform, indicating the date of its last update.

9. Contact

If you have questions or concerns about this Policy, our data practices, or our compliance with applicable legislation, please contact KINEOPASS:

2026 · KineoPass Tecnologia Ltda · CNPJ 67.067.308/0001-25
Back to siteSee previous versions
Cookies to improve your experience
We use essential cookies to run the site and optional ones (analytics) with your consent. See our Privacy Policy.