Back to login

Privacy Policy

Last updated: 20/03/2026

1. Introduction

This Privacy Policy describes how Metaverso Educacional ("we", "our" or "Platform") collects, uses, stores and protects the personal data of Dashboard and Teaching Platform users. We are committed to protecting the personal data of all users, with special attention to children and adolescents, in compliance with the General Data Protection Law (LGPD — Law No. 13,709/2018) and the Child and Adolescent Statute (ECA — Law No. 8,069/1990).

2. Data Collected
2.1 Registration Data
ProfileData collected
StudentName, date of birth, e-mail (or guardian's, if minor), linked school/institution
TeacherName, e-mail, CPF, linked institution, professional data
InstitutionCompany name, CNPJ, address, legal representative data, institutional e-mail
Parent/GuardianName, e-mail, CPF, relationship with student
2.2 Usage Data
  • Student progress and performance in the virtual lab.
  • Activity and interaction history on the Platform.
  • Reports generated by teachers and institutions.
  • Access logs, including date, time and IP address.
2.3 Chat Data
  • Content of messages exchanged between teachers and students.
  • Conversation metadata (date, time, participants).
  • Results of message monitoring.
2.4 Technical Data
  • Device type and browser used.
  • Operating system.
  • Cookie data and similar technologies (see Section 10).
3. Purpose of Data Processing

We use personal data for the following purposes:

PurposeLegal basis (LGPD)
Account creation and managementContract execution (Art. 7, V)
Virtual lab operationContract execution (Art. 7, V)
Educational progress trackingContract execution (Art. 7, V)
Performance reports generationContract execution (Art. 7, V)
Parental controlGuardian consent (Art. 14, §1)
Chat monitoringMinor protection (Art. 14) and legitimate interest (Art. 7, IX)
Platform securityLegitimate interest (Art. 7, IX)
Platform communicationsContract execution (Art. 7, V)
Technical supportContract execution (Art. 7, V)
Service improvementLegitimate interest (Art. 7, IX)
4. Data of Minors

Processing of children's personal data (up to 12 years) will be carried out exclusively with the specific and prominent consent of at least one parent or legal guardian, pursuant to Art. 14 of the LGPD.

For adolescents (12 to 17 years), processing will be carried out with guardian consent or in their best interest.

We collect only data strictly necessary for providing the educational service.

Minor data will never be:

  • Shared with third parties for commercial purposes.
  • Used to create behavioral profiles for advertising purposes.
  • Transferred without guardian consent.

The parent or guardian may at any time:

  • Consult the minor's collected data.
  • Request correction of incorrect data.
  • Request data deletion.
  • Revoke consent.
5. Chat Monitoring

What is monitored: all messages exchanged between teachers and students are automatically analyzed. The parent or guardian, through the Parental account, can review the full content of the linked student's conversations at any time.

Purpose of monitoring:

  • Protection of minors against inappropriate content, harassment or abuse.
  • Detection of offensive or inappropriate language.
  • Ensuring the chat is used for educational purposes.

Retention: chat messages are stored for the period necessary to fulfill the described purposes and legal obligations. After that period, they are anonymized or deleted.

Transparency: users are informed about monitoring before using the chat for the first time.

6. Data Sharing
6.1 Within the Platform
FromToShared data
StudentTeacherProgress, performance, activities
StudentInstitutionProgress, performance, reports
StudentParent/GuardianProgress, performance (parental control)
TeacherInstitutionGenerated reports, management data
6.2 With Third Parties

We may share data with:

  • Service providers: hosting, infrastructure, payment processing — under confidentiality and data protection agreements.
  • Competent authorities: when required by law or court order.
  • In case of merger or acquisition: with prior notice to users.

We do not sell, rent or commercialize our users' personal data.

7. Storage and Security

Data is stored on secure servers with: encryption in transit (TLS/SSL) and at rest, role-based access control, regular backups, and continuous security monitoring.

Internal data access is restricted to authorized employees under confidentiality.

In case of a security incident that may cause risk or damage to data subjects, the National Data Protection Authority (ANPD) and affected users will be notified as required by law.

8. Data Retention
Data typeRetention period
Account dataWhile account is active + 6 months after closure
Progress and reportsWhile account is active + 1 year after closure
Chat messages1 year after sending, then anonymized or deleted
Access logs6 months (per Internet Civil Framework)
Minor dataDeleted upon guardian request or account closure
9. Data Subject Rights

Under the LGPD, you have the right to:

  • Confirmation and access: know if we process your data and access it.
  • Correction: correct incomplete, inaccurate or outdated data.
  • Anonymization, blocking or deletion: of unnecessary data or data processed in non-compliance.
  • Portability: transfer your data to another provider.
  • Deletion: request deletion of data processed based on consent.
  • Information: know with whom your data is shared.
  • Consent revocation: withdraw consent at any time.
  • Opposition: oppose processing in certain situations.

To exercise your rights, contact us at the email indicated in Section 14.

10. Cookies and Similar Technologies
TypePurposeRequired?
EssentialLogin, session, securityYes
FunctionalUser preferences, languageNo
AnalyticsUsage metrics, Platform improvementNo

Non-essential cookies are only activated with user consent.

Users can manage cookies in browser settings or through the Platform's preference panel.

11. International Data Transfer

If data is stored or processed on servers outside Brazil, we ensure that: the destination country has an adequate level of protection, or appropriate safeguards are adopted (standard contractual clauses, certifications).

Users will be informed about international transfers when applicable.

12. Data Protection Officer (DPO)

Metaverso Educacional has designated a Data Protection Officer responsible for: receiving and responding to data subject requests, interacting with the ANPD, and guiding the organization on data protection practices. DPO contact: operacional@bebyte.net

13. Changes to this Policy

This Policy may be updated periodically.

Significant changes will be communicated with a minimum of 30 days' notice through the Platform.

For minor data, changes that expand processing will require new guardian consent.

14. Contact

For questions, requests or exercise of rights, contact us at: operacional@bebyte.net

  • Support: accessible through the Platform Dashboard

If you do not receive a satisfactory response, you may contact the National Data Protection Authority (ANPD).

© 2026 Metaverso Educacional.