Privacy Policy
Last updated: June 2026 · Regulation (EU) 2016/679 (GDPR)
1. Controller
The data controller for this website and the Solerum Partners platform is:
Neurontech Consulting LTDA
CNPJ: 61.584.585/0001-29
Rua Prof Orlando Alvarenga Gaudio, 80, Casa 33, Parque Munhoz, São Paulo – SP, 05782-455, Brazil
Representative: Bruno Caram de Azevedo
Contact: bruno@solerumpartners.com
2. Data We Collect and Why
Account and identity data
Full name, corporate email address, phone number (optional), organization name, organization type, jurisdiction. Collected during registration. Legal basis: Article 6(1)(b) GDPR — necessary to perform the advisory service contract.
NDA signature data
Name, email, IP address, timestamp of electronic signature. Stored as an audit record of consent under eIDAS (EU) 910/2014. Legal basis: Article 6(1)(c) — legal obligation; Article 6(1)(f) — legitimate interest in maintaining an audit trail.
Portfolio data tapes (debtor data)
Sellers upload loan-level data tapes containing anonymised debtor records. All direct personal identifiers (name, address, national ID, phone, account number) are automatically stripped before storage. Only statistical fields are retained (year of birth, gender, region, product type, DPD buckets, recovery rates). Legal basis: Article 6(1)(b) — contractual necessity for portfolio valuation; Article 9 special categories do not apply as no health or biometric data is processed. Solerum acts as data processor; the uploading seller remains data controller for debtor data.
Platform usage data
Log data, session tokens, and page interactions processed by Clerk (authentication provider). Legal basis: Article 6(1)(f) — legitimate interest in platform security and fraud prevention.
3. Third-Party Processors
We use the following sub-processors, all operating under GDPR-compliant Data Processing Agreements:
| Processor | Purpose | Location |
|---|---|---|
| Clerk Inc. | Authentication and session management | EU region |
| Neon / Vercel | Database and application hosting | Frankfurt, EU |
| Google AI / Groq | AI-assisted memo generation (no personal data sent) | EU/US (SCCs applied) |
| Cloudflare | Website hosting and DNS | EU edge nodes |
4. Data Retention
Account and NDA data is retained for the duration of the business relationship plus 3 years, in accordance with German commercial law (§ 257 HGB) and applicable AML record-keeping obligations. Portfolio data tapes are deleted upon mandate closure or upon written request by the uploading seller. You may request deletion at any time subject to legal retention obligations.
5. Your Rights
Under GDPR Articles 15–22, you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate data
- Request erasure ("right to be forgotten"), subject to legal retention obligations
- Restrict or object to processing
- Data portability (where technically feasible)
- Withdraw consent at any time (where consent is the legal basis)
To exercise any of these rights, contact bruno@solerumpartners.com. We will respond within 30 days.
6. Supervisory Authority
If you are located in Germany, you have the right to lodge a complaint with the competent data protection authority:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219, 10969 Berlin · mailbox@datenschutz-berlin.de
7. Cookies
This website does not use tracking or advertising cookies. Session cookies necessary for authentication are used in the platform (app.solerumpartners.com) only. No third-party analytics are deployed on this site.