Privacy & Cookies

1. Introduction and Scope

BERNARDO PRANTZ PIN PRODUCAO CINEMATOGRAFICA LTDA, operating globally as Woow (“Woow,” “we,” “our,” or “us”), is a creative production and consulting studio providing audiovisual, design, and related professional services to business clients and other professional users.

This Privacy Policy explains how we collect, use, disclose, store, and otherwise process personal information when you:

  • visit or interact with our website or digital properties;
  • contact us, request information, or engage with our onboarding process;
  • purchase, request, or receive our services;
  • provide materials, assets, or instructions for project execution; or
  • otherwise interact with us in a professional or commercial context.

 

This Policy is intended to provide a globally oriented privacy framework and should be read together with any applicable proposal, statement of work, service agreement, or other contractual documentation governing a specific client relationship.

Important: This Policy describes website-level and general business practices. Certain projects may require additional, project-specific privacy terms, confidentiality obligations, or data protection addenda.

 

2. Who We Are (Controller / Contact)

Controller / Business Contact
BERNARDO PRANTZ PIN PRODUCAO CINEMATOGRAFICA LTDA
Operating name: Woow
Email: contact@woow.tv

For privacy-related questions, rights requests, or data protection concerns, please contact us using the email address above.

Controller vs. Processor (Project Context)

  • For website interactions and general business communications, Woow typically acts as a controller of personal information.
  • In certain client engagements, the client may determine the purpose and means of processing (for example, when the client provides project materials and instructions). In those contexts, Woow may act as a service provider / processor to the extent applicable under law and contract.

 

3. Categories of Information We Collect

Depending on how you interact with us, we may collect the following categories of information.

A. Business Contact and Identity Information

This may include:

  • full name;
  • business email address;
  • company name;
  • job title or professional role;
  • billing address;
  • country, state, or region;
  • other information you choose to provide in a contact form, intake form, or onboarding workflow.

 

B. Client Project and Briefing Information

This may include:

  • creative briefs;
  • scripts, storyboards, production notes, and strategic instructions;
  • brand guidelines, logos, visual references, and campaign assets;
  • other project materials provided for the purpose of service delivery.

 

C. Voice, Facial Reference, or Similar Sensitive Inputs (When Provided by You)

In certain projects, a client may choose to provide materials such as:

  • voice samples;
  • facial references;
  • reference images;
  • likeness-related assets;
  • other materials intended to support a commissioned custom output.

 

Key clarification: We process these materials only when they are provided to us for a specific project and only for the limited purpose of executing the requested services. We do not collect such materials from the general public through our website as a standard practice.

D. Technical, Device, and Usage Information

When you use our website or digital properties, we may collect information such as:

  • IP address;
  • browser type and version;
  • device type;
  • operating system;
  • referral URLs;
  • page views, timestamps, click activity, and other usage metrics;
  • cookie identifiers and similar technologies, where applicable.

 

E. Transaction and Billing Information

We may collect or receive:

  • billing contact information;
  • invoice and payment status information;
  • transaction records;
  • limited payment-related metadata.

 

Important: We do not intentionally store raw payment card numbers or full sensitive banking credentials on our own internal systems. Payment processing is handled through regulated payment processors, banking partners, and service providers, as applicable.

F. Communications Information

We may keep records of communications you send to us, including:

  • emails;
  • support requests;
  • project-related feedback;
  • revisions, approvals, and delivery communications.

 

4. Sources of Information

We may collect personal information:

  • directly from you;
  • from your company or authorized representatives;
  • automatically through website interactions, cookies, and analytics tools;
  • from service providers that assist with payments, hosting, security, or communications;
  • from publicly available professional sources, where lawful and appropriate for legitimate business outreach or relationship management.

 

5. How We Use Information

We may use personal information for the following purposes:

  • to respond to inquiries and communicate with prospective or current clients;
  • to onboard clients, evaluate project fit, and prepare proposals or agreements;
  • to provide, manage, and deliver our services;
  • to process payments, invoices, and related administrative matters;
  • to maintain project records and support delivery, revisions, and follow-up;
  • to operate, secure, improve, and troubleshoot our website and systems;
  • to detect, prevent, or investigate fraud, misuse, security incidents, or unlawful activity;
  • to comply with legal, tax, regulatory, accounting, and recordkeeping obligations;
  • to send business communications, including updates, service-related notices, and, where permitted, marketing communications.

 

We do not use client-submitted project assets for generalized public model training in the manner described in Section 8 below.

 

6. Legal Bases for Processing (Where Applicable)

Where laws such as the GDPR, UK GDPR, or similar regimes apply, we may process personal information on one or more of the following bases:

  • performance of a contract (or taking steps at your request before entering into a contract);
  • legitimate interests, including operating our business, responding to commercial inquiries, protecting our systems, maintaining records, and improving our services;
  • consent, where required or where we choose to rely on consent;
  • compliance with legal obligations;
  • other lawful bases recognized under applicable law.

 

Where we rely on consent, you may withdraw that consent at any time, subject to legal and operational limitations.

 

7. Cookies, Analytics, and Similar Technologies

We may use cookies and similar technologies to operate our website and understand usage.

These technologies may include:

  • strictly necessary cookies required for core website functionality and security;
  • analytics cookies used to understand traffic, performance, and usage patterns;
  • functional cookies used to remember preferences and improve usability;
  • marketing or advertising cookies, if used in the future, subject to applicable notice and consent requirements.

 

Where required by applicable law, we will request consent before placing non-essential cookies. You may also be able to manage cookies through your browser settings or any cookie preferences tool we make available.

Do Not Track / Global Privacy Control: Some jurisdictions and browsers support signals such as “Do Not Track” or Global Privacy Control. Where legally required and technically feasible, we will honor such signals in accordance with applicable law and our configuration.

Disabling certain cookies may affect website functionality.

 

8. Generative Workflows and AI Training Isolation

Woow may use advanced software tools, machine learning-assisted systems, computational rendering workflows, and other production technologies to support commissioned creative work.

Because many client projects involve confidential business information, unreleased campaigns, proprietary materials, or sensitive brand assets, we maintain a strict operational separation between client project execution and generalized external model training.

Our Zero-Training Commitment for Client Inputs

Except where expressly disclosed and specifically authorized in writing:

  • we do not intentionally submit client-provided confidential project materials for the purpose of training public, open, or generalized third-party models;
  • we do not repurpose client briefs, scripts, brand assets, or confidential strategy materials as training data for unrelated public-facing systems;
  • client-submitted materials are handled only as reasonably necessary to provide the requested services, generate deliverables, and maintain agreed project workflows.

 

Where third-party tools are used as part of production, their role is limited to service execution and subject to vendor-selection, confidentiality, and workflow controls.

 

9. Sensitive Inputs, Voice References, and Likeness-Related Materials

If a client provides voice samples, facial references, likeness-related materials, or similar sensitive assets, we process such materials only:

  • for the direct execution of the commissioned project;
  • under the client’s instructions and/or contractual authorization;
  • in accordance with applicable law;
  • for no longer than reasonably necessary, subject to contractual or legal retention obligations.

 

Client responsibility: Clients are responsible for ensuring they have the legal right, authorization, consent, and releases required to provide any third-party voice, likeness, biometric-adjacent, or identity-related materials to us.

 

10. How We Share Information

We do not sell personal information.

We may disclose personal information only as reasonably necessary in the following circumstances:

A. Service Providers / Sub-Processors

We may share information with vendors and service providers that support our operations, including providers involved in:

  • cloud hosting and storage;
  • email and communications;
  • website infrastructure and security;
  • analytics;
  • accounting, invoicing, and payment processing;
  • production infrastructure and project execution support.

 

These providers are engaged under appropriate contractual and operational controls.

Sub-processor transparency: Where appropriate, we may provide a general list of categories of service providers used and, in some cases, specific vendors, upon request and subject to confidentiality/security constraints.

B. Legal and Compliance Reasons

We may disclose information if reasonably necessary to:

  • comply with applicable law, regulation, court order, subpoena, or lawful governmental request;
  • enforce our agreements;
  • protect our rights, property, systems, clients, or users;
  • detect, prevent, or address fraud, abuse, or security issues.

 

C. Business Transactions

If our business undergoes a reorganization, merger, acquisition, sale of assets, financing, or similar transaction, information may be disclosed as part of that process, subject to appropriate safeguards.

 

11. California Notice (CCPA/CPRA)

If CCPA/CPRA applies to a particular interaction, California residents may have rights including:

  • the right to know/access certain categories and specific pieces of personal information;
  • the right to request deletion (subject to exceptions);
  • the right to request correction;
  • the right to opt out of the sale or sharing of personal information;
  • the right to limit the use and disclosure of sensitive personal information in certain cases;
  • the right not to receive discriminatory treatment for exercising rights.

 

Notice at Collection

We collect the categories of information described in this Policy for the purposes described in this Policy.

Sale / Sharing

  • We do not sell personal information.
  • We do not share personal information for cross-context behavioral advertising unless and until such activity is disclosed here and any required notice is provided.

 

Authorized Agents and Verification

We may require identity verification and may require proof of authorization for requests submitted by an authorized agent, as permitted by law.

To exercise applicable California rights, please contact contact@woow.tv.

 

12. GDPR / UK GDPR Rights (Where Applicable)

Where GDPR/UK GDPR applies, you may have rights including:

  • the right to be informed;
  • the right of access;
  • the right to rectification;
  • the right to erasure;
  • the right to restriction of processing;
  • the right to data portability;
  • the right to object;
  • rights related to certain automated decision-making or profiling, where applicable;
  • the right to lodge a complaint with a competent supervisory authority.

 

These rights are not absolute and may be subject to legal exceptions, limitations, and identity verification.

To exercise applicable rights, contact contact@woow.tv.

 

13. Canadian Privacy Notice (PIPEDA, Where Applicable)

Where PIPEDA applies, we aim to handle personal information consistent with applicable fair information principles including:

  • accountability;
  • identifying purposes;
  • consent, where required;
  • limiting collection;
  • limiting use, disclosure, and retention;
  • accuracy;
  • safeguards;
  • openness;
  • individual access;
  • complaint and challenge mechanisms.

 

14. Brazilian Privacy Notice (LGPD, Where Applicable)

Where LGPD applies, data subjects may have rights including, as applicable:

  • confirmation of the existence of processing;
  • access to data;
  • correction of incomplete, inaccurate, or outdated data;
  • anonymization, blocking, or deletion of unnecessary, excessive, or non-compliant data;
  • portability, where applicable;
  • information about sharing;
  • withdrawal of consent (where consent is the legal basis);
  • review of decisions made solely on automated processing, where applicable.

 

Requests may be submitted to contact@woow.tv.

 

15. Cross-Border Transfers

Because we operate internationally, personal information may be processed in countries other than the country in which it was originally collected.

Where required by applicable law, we implement appropriate safeguards for international transfers, which may include:

  • contractual protections;
  • standard contractual clauses or comparable transfer mechanisms;
  • internal policies and access controls;
  • technical and organizational safeguards appropriate to the transfer context.

 

The safeguard used may depend on the nature of the transfer, the destination jurisdiction, and the applicable legal framework.

 

16. Data Minimization, Accuracy, and Retention

We aim to collect personal information that is relevant and reasonably necessary for the purposes described in this Policy.

We take reasonable steps to keep personal information accurate and up to date where appropriate and practicable.

We retain personal information only for as long as reasonably necessary for the purposes described in this Policy, including:

  • providing services;
  • maintaining project records;
  • handling revisions, support, and follow-up;
  • complying with legal, tax, accounting, contractual, or regulatory obligations;
  • resolving disputes and enforcing agreements.

 

When information is no longer required, we will delete, anonymize, archive, or otherwise securely dispose of it in accordance with our internal practices and applicable law.

 

17. Security

We use reasonable and appropriate administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, misuse, disclosure, alteration, or destruction.

However, no method of transmission, storage, or security control is completely secure. Accordingly, we cannot guarantee absolute security.

 

18. Data Incidents and Notifications

If we become aware of a personal data incident affecting personal information under our control, we will assess the incident and, where required by applicable law, provide notice to affected individuals, clients, regulators, or other authorities within the timeframe required by law.

 

19. Marketing Communications and Anti-Spam Compliance

Where we send commercial or promotional communications, we aim to do so in compliance with applicable email marketing and anti-spam laws.

Where required, marketing communications will:

  • identify the sender;
  • avoid deceptive subject lines or materially misleading headers;
  • include a functional unsubscribe or opt-out mechanism;
  • honor opt-out requests within the time required by applicable law.

 

Service-related or transactional communications may still be sent where necessary even if you opt out of marketing messages.

 

20. Children’s Privacy

Our website and services are intended for business and professional audiences and are not directed to children.

We do not knowingly collect personal information from children under 13 years of age through a website or online service in a manner intended to trigger obligations under COPPA.

If you believe a child has provided personal information to us inappropriately, please contact us so we can review and, where appropriate, delete the information.

 

21. Third-Party Links and External Services

Our website or communications may contain links to third-party websites, tools, or services. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any external services you use.

 

22. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we update it, we will revise the “Last Updated” date above. If a change is materially significant, we may provide additional notice where appropriate or required by law.

Your continued interaction with our services after an update may be subject to the revised Policy, as permitted by applicable law.

 

23. How to Contact Us

For privacy requests, rights requests, data protection inquiries, or questions regarding this Policy, contact:

Email: contact@woow.tv
Corporate Entity: BERNARDO PRANTZ PIN PRODUCAO CINEMATOGRAFICA LTDA
Operating Name: Woow


Last Updated: March 2026