LGPD Notice

Last updated: April 19, 2026

This Notice highlights how Yolki Pet, operated by Coflint OÜ (Tallinn, Estonia), handles personal data of data subjects residing in Brazil, in compliance with General Data Protection Law (Law No. 13,709/2018 — LGPD).

For a complete view of data handling, including purposes, legal bases, retention, and international transfers, see the Privacy Policy. This notice is a supplement focused on rights and relevant points for data subjects in Brazil.

1. Controller and Data Protection Officer (DPO)

Controller: Coflint OÜ — a legal entity established in the Republic of Estonia, with headquarters in Tallinn.
Data Protection Officer: email contact hello@yolki.pet.

Since our headquarters are in the European Union, we comply with both the LGPD (for data subjects in Brazil) and the GDPR.

2. Legal bases used (art. 7 of LGPD)

Execution of a contract to which the data subject is a party;
Compliance with legal or regulatory obligations;
Legitimate interest of the controller, respecting the data subject's rights;
Free, informed, and unambiguous consent, when applicable.

3. Data subject rights (art. 18 of LGPD)

At any time and upon request, you have the right to:

Confirmation of the existence of processing;
Access to your data;
Correction of incomplete, inaccurate, or outdated data;
Anonymization, blocking, or deletion of unnecessary, excessive, or non-compliant data;
Portability to another service provider;
Deletion of data processed based on consent;
Information about entities with which we share your data;
Information about the possibility of not providing consent and its consequences;
Withdrawal of consent.

4. How to exercise your rights

Send your request to hello@yolki.pet, providing your name, registered email, and the right you wish to exercise. We'll respond within the legal timeframe (15 days, extendable based on complexity).

If you still believe your rights have not been respected, you may lodge a complaint with the Brazilian National Data Protection Authority (ANPD): www.gov.br/anpd.

5. International data transfers (art. 33 of LGPD)

As we're based in Estonia, your data is processed in the European Union. Any transfers to other countries occur with appropriate safeguards, including Standard Contractual Clauses from the European Commission and, where applicable, adequacy decisions or authorizations from the ANPD.

6. Data Retention

We retain data only for as long as necessary to fulfill the stated purposes, or for the applicable legal periods following account termination (typically up to 5 years for legal defense and tax obligations).

7. Security Measures

We apply reasonable technical and administrative measures to protect your data, including encryption in transit, access controls, logging, monitoring, and incident response procedures.

8. Incidents

In the event of a relevant security incident, we will notify the ANPD and affected individuals in accordance with the terms and timeframes provided by law.

9. Updates

This Notice may be updated. The current version will always be the one published on this page.