OuViTel Logo OuViTel™
Contact

Privacy Policy

Last updated: 5 January 2026

Legal Entity: OuViTel™ is a trademark of Urimata Ltda., São Paulo, Brazil.
OuViTel Interface in Action

1. Acceptance of Privacy Policy

By registering an account and completing onboarding, you consent to the data processing practices described in this Privacy Policy.

Consent is confirmed by checking "I agree to the Privacy Policy" during onboarding.

If you are using the Service on behalf of a company, you confirm you have authority to bind that entity to these privacy terms.

2. Scope

This Privacy Policy applies to:

  • Visitors to our website (including contact form submissions)
  • Users of the OuViTel™ dashboard
  • Customers using print services, APIs, or webhooks
  • Business (B2B) and individual (B2C) customers
  • Trial users during the 7-day evaluation period

For business customers, a separate Data Processing Agreement (DPA) may apply in addition to this Privacy Policy.

3. Data We Collect

3.1 Account & Contact Data

  • Email address
  • Company name and location (if provided during onboarding)
  • Account identifiers and license type
  • Newsletter subscription preference

3.2 Service & Technical Data

  • Printer tokens and identifiers
  • Printer status and heartbeat timestamps
  • Print job metadata (job ID, size, timestamps, status)
  • Usage metrics for billing and quota enforcement (500 MB monthly limit)
  • IP addresses and access logs
  • Browser and device information (for dashboard access)

3.3 Print Content

  • OuViTel™ supports client-side encrypted printing workflows designed to minimize server access to print content
  • Depending on customer configuration, print jobs may be encrypted end-to-end between sender and printer
  • For encrypted print jobs, OuViTel™ does not have access to, and cannot read, the content of print data. This includes scenarios where system administrators have direct access to application databases or infrastructure.
  • If customers choose not to enable client-side encryption, print data may be processed only for the purpose of delivery and is not persistently stored once delivery is completed or expires.
  • We do not intentionally collect personal documents or end-user data from print content

3.4 Zero-Knowledge Scope

When end-to-end encryption is enabled, OuViTel™ operates under a zero-knowledge model with respect to print content. This means that while OuViTel™ processes technical metadata required for service operation, it has no technical ability to access, decrypt, or reconstruct the contents of encrypted print jobs.

Zero-knowledge applies to document content only and does not extend to service metadata, availability, or usage information. Zero-knowledge does not imply anonymity, invisibility of usage patterns, or the absence of all operational data processing.

Encryption keys are generated, stored, and controlled exclusively within the customer environment.

4. How We Use Data

We use personal data solely to:

  • Provide and operate the Service
  • Authenticate users and secure access
  • Deliver print jobs and monitor printer availability
  • Enforce license terms and usage limits (500 MB monthly)
  • Process payments and billing via Stripe
  • Provide customer support via Zoho Desk ticket system
  • Communicate with customers via Google Workspace business email
  • Ensure system security and prevent abuse
  • Measure uptime and SLA compliance
  • Send service-related communications (license expiration, quota warnings)

5. Webhooks & Third-Party Integrations

OuViTel™ allows customers to configure webhooks and integrations with third-party platforms such as Zapier, n8n, Make, or custom systems.

When enabled by the customer, OuViTel™ sends event data (for example, print status or printer availability) to endpoints controlled by the customer.

Important:

  • OuViTel™ does not control third-party platforms
  • Data sent via webhooks is processed under the customer's responsibility
  • Customers are responsible for securing webhook endpoints and secrets
  • OuViTel™ is not responsible for third-party data handling or availability
  • Webhook delivery is available only for Premium license holders

6. Legal Basis for Processing

We process personal data based on:

  • Performance of a contract (providing the Service)
  • Legitimate business interests (security, service improvement)
  • Compliance with legal obligations (tax, regulatory)
  • Explicit user consent (newsletter subscription, trial participation)

7. Data Sharing

We do not sell personal data.

We may share data only with:

  • Cloud infrastructure providers (Railway)
  • Email delivery providers (Brevo)
  • Support ticket system (Zoho Desk)
  • Business email and collaboration (Google Workspace)
  • Payment processing (Stripe)
  • Website form processing (Netlify Forms)
  • Authorities when legally required (subpoenas, court orders)
  • Processors who sign Data Processing Agreements (DPA)

8. International Data Transfers

Your data may be processed outside Brazil or the European Union, including in data centers located in the United States and Europe.

Where required, international transfers are protected using Standard Contractual Clauses (SCCs) or equivalent safeguards in compliance with LGPD and GDPR.

All processors are required to implement appropriate security measures for international data transfers.

9. Data Retention

We retain personal data only as long as necessary to:

  • Provide the Service (active license period)
  • Comply with legal obligations (tax records: 5 years)
  • Resolve disputes and enforce agreements
  • Fulfill legitimate business purposes

Specific retention periods:

  • Print job metadata: 90 days
  • Account data: 30 days after account termination
  • Webhook delivery logs: 30 days
  • Access logs and security events: 90 days
  • Newsletter subscription records: until unsubscribe
  • Support ticket data: As long as necessary for service provision
  • Business email data: According to legal and operational requirements
  • Payment and billing data: 5 years for tax and legal compliance

Print content is not retained beyond processing requirements (deleted immediately after delivery or expiration).

10. Security Measures

We implement appropriate technical and organizational measures, including:

  • Industry-standard secure transport protocols for all API communication
  • Client-side encryption for print content where enabled by the customer
  • Encryption of service metadata and system data at rest
  • Where end-to-end encryption is enabled, print content encryption is performed at the client level and remains inaccessible to OuViTel™, regardless of transport-layer security
  • Access control and multi-factor authentication for staff
  • Network and application monitoring
  • Least-privilege access principles
  • Regular security assessments and vulnerability scanning
  • Incident response procedures

No system can be guaranteed 100% secure, but we continuously improve our security practices and maintain industry-standard protections.

11. Your Rights

Depending on your jurisdiction (EU, Brazil, California), you may have rights including:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion of data where legally permitted
  • Restriction or objection to processing
  • Data portability (structured, commonly used format)
  • Withdrawal of consent (where processing is consent-based)

Requests can be submitted via the contact details below. We will respond within 30 days.

We may require verification of your identity before processing requests.

12. Data Processing Agreement (DPA)

Business customers acting as data controllers may request a Data Processing Agreement (DPA), which forms part of the contractual framework in addition to this Privacy Policy.

The DPA includes Standard Contractual Clauses (SCCs) for international data transfers and detailed processor obligations.

13. Children's Privacy

Our Service is not intended for individuals under 16 years of age.

We do not knowingly collect personal data from children.

If we become aware of such collection, we will take steps to delete the information promptly.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

Material changes will be communicated via email or dashboard notification.

The latest version will always be published on our website with an updated "Effective date".

Continued use of the Service after changes constitutes acceptance of the modified policy.

15. Contact

Urimata Ltda.

São Paulo – Brazil

Email: support@ouvitel.com