Solu
Talk to Solu
Legal document

Privacy Policy

Updated on March 9, 2026

This site is maintained and operated by Solu Recrutamento e Seleção LTDA. ("we"). We collect and use some personal data belonging to those who use our site. In doing so, we act as data controllers and are subject to Brazilian Federal Law No. 13,709/2018 (the General Personal Data Protection Law — "LGPD").

To ensure responsible use and protection of your personal data, we provide this Privacy Policy with important information about who should use the site, what data we collect, your rights regarding the data, and how to contact us.

1. Who should use our site

Our site is intended only for individuals over the age of 18 ("Users"). Children and adolescents should not use it.

2. Data we collect and reasons for collection

2.1 Personal data provided expressly by the User

We collect personal data the User provides expressly and voluntarily:

  • Name
  • Phone number
  • Email address
  • CPF (Brazilian tax ID)
  • Professional history and/or résumé
  • Salary expectations

This data is collected when the User voluntarily registers in site forms, for the following purposes:

  • Identify opportunities aligned with your skills and include you in compatible hiring screenings;
  • Allow us (or our partners) to contact you when those opportunities arise;
  • Prevent duplicated data or impersonation attempts.

2.2 Sensitive data

We do not collect sensitive personal data from Users, as defined in art. 11 et seq. of the LGPD.

2.3 Personal-data collection through Artificial Intelligence

We use artificial intelligence (Sol) to process Users' personal data in a conversation that generates a report for recruiters, including information such as name, role, current company, salary, and other data relevant to the hiring process.

We seek to ensure data security and protection by following the principles of transparency, purpose, adequacy, necessity, free access, data quality, security, prevention, non-discrimination, and accountability, in line with the LGPD.

The use of AI does not eliminate the need for human review throughout the hiring process. Under art. 20 of the LGPD, the data subject has the right to request review of decisions taken solely based on automated processing.

2.4 Background Check

Due to our activity, we may carry out or coordinate checks on candidates' personal and professional history ("Background Check"), based on legitimate interest and on preliminary procedures to a contract. Checks may include criminal and civil background, professional and academic references, financial restrictions (when justified), and confirmation of résumé data.

3. Sharing personal data with third parties

Some collected personal data may be shared with partner companies that are running or about to run hiring processes. Access is controlled and follows the "need-to-know" principle.

3.1 International transfers

Because we use cloud services, data may be transferred to countries or international organizations outside Brazil. We ensure such transfers comply with arts. 33 to 36 of the LGPD.

4. How long your data is stored

  • Data for active recruiting: 24 months, renewable upon new consent;
  • Data of candidates effectively hired: transferred to the contracting controller;
  • Background Check results: up to 90 days after the end of the hiring process;
  • Data retained by legal obligation: for the period set by applicable law.

5. Legal bases for processing

We rely on the following legal bases: data subject's consent (art. 7, I), legitimate interest of the controller (art. 7, IX), execution of preliminary procedures to a contract (art. 7, V), and compliance with a legal or regulatory obligation (art. 7, II).

6. User rights

  • Confirmation that processing exists;
  • Access to the data;
  • Correction of incomplete, inaccurate, or outdated data;
  • Anonymization, blocking, or deletion of unnecessary data or data processed in non-compliance with the LGPD;
  • Portability to another service or product provider;
  • Deletion of personal data processed with consent;
  • Information about the public and private entities with whom data has been shared;
  • Information about the possibility of refusing consent and its consequences;
  • Withdrawal of consent.

To exercise your rights, the data subject can contact our DPO via the channels listed in section 10. We respond to requests within 15 calendar days.

7. Security measures

We adopt technical and organizational measures to protect data, including password storage with cryptographic hashing, access restrictions, role-based access control (RBAC), least-privilege principle, log and audit records, secure connections (TLS/SSL), and continuous staff training.

8. Complaint to the supervisory authority

Without prejudice to any other administrative or judicial recourse, data subjects may file a complaint with the Brazilian National Data Protection Authority (ANPD).

9. Changes to this Policy

This Policy was updated on March 9, 2026. We reserve the right to modify it at any time, especially to adapt it to changes in the site. We will notify Users whenever there is a change.

10. How to contact us

For questions about this Policy or about the personal data we process, contact our Data Protection Officer (DPO):

  • Legal email: juridico@getsolu.ai
  • DPO: Gabriel Appel