Skip to main content
Yuni
Skip to content

Global Privacy Policy

Last updated:

We at Yuni value your privacy. This Legal Design document explains how we collect, use, and protect your data in the Yuni ecosystem, in compliance with LGPD (Brazil), GDPR (Europe), CCPA (USA), and global legislation.

Quick FAQ

FAQ

Do you sell my data?
No. For California residents (CCPA/CPRA) and other regions, we declare that we do not sell your personal information (Do Not Sell My Personal Information).
Where is my data stored?
Primarily on Google Cloud Platform (GCP) in São Paulo (Brazil), ensuring data sovereignty and local security.

1. What data do we collect?

Professionals

  • Name, contact, tax ID, profile photos.
  • KYC data (documents, selfies) and banking data.
  • Geographic location, address, and billing history.

End Clients

  • Name, contact, date of birth.
  • Service history and Technical Notes (which may contain sensitive data, such as allergies and skin types).

Technical Data

  • IP, User-Agent, access logs, approximate location, and device data.

2. How do we use your data?

  • To enable scheduling and CRM.
  • To process payments via Yuni Pay.
  • For content moderation and fraud prevention (Cloudflare Turnstile, ClamAV, and Google Cloud Vision API).
  • For transactional communication via Email (Resend) and WhatsApp (Meta API).

3. Our Roles (LGPD/GDPR)

  • Yuni as Controller: For data of Professionals registered on the platform.
  • Yuni as Processor: For End Clients' data (the Professional is the Controller who dictates how that data will be used in the CRM).

4. Sensitive Data and Minors

We collect date of birth data and professionals may enter health notes (allergies). Processing of minors' data requires guardian consent. Health data processing must be strictly limited to the safety of the aesthetic procedure.

5. International Transfer and Global Compliance

We apply standard contractual clauses for international transfers. We comply with GDPR (Right to Erasure, Portability), LGPD, CCPA, and maintain unified adequacy standards for users in Asia, Oceania, and LATAM.

6. Your Rights

You have the right to access, correct, anonymize, or delete your data. Requests can be made directly through the dashboard or by contacting our DPO:

Contact our DPO:

dpo@yuni.bio

Jurisdiction: São Paulo/SP, Brazil

7. Candidate Data

When you send a résumé or spontaneous application to people@yuni.bio, we collect the personal data you voluntarily provide (name, email, phone number, professional history, and any other information included in your résumé). This data is used solely for recruitment and selection purposes. The legal basis is Yuni's legitimate interest in evaluating candidates (Art. 6(1)(f) GDPR / Art. 7, IX LGPD). Your data is retained for up to 12 months and securely deleted thereafter, unless you authorize us to keep it longer. You may request deletion of your data at any time by emailing dpo@yuni.bio.