Privacy Policy
1. General Information
Pito Bar e Restaurante Ltda, registered under Tax ID No. 48.312.447/0001-22, headquartered at R. Mariante, 587, Rio Branco, Porto Alegre - RS, ZIP 90430-181, is committed to protecting the personal data of its customers and website visitors, in compliance with the Brazilian General Data Protection Law (LGPD - Law No. 13.709/2018).
This Privacy Policy describes how we collect, use, store, and protect your personal information in the context of bar and restaurant services.
2. Data Collected
We may collect the following information:
- Identification data: Full name, Tax ID (CPF)
- Contact data: Email, phone number
- Reservation data: Booking information, date and time, party size
- Consumption data: Orders, dining preferences
- Payment data: Information necessary for transaction processing
- Browsing data: IP address, browser type, pages visited
- Loyalty program data: Membership information (if applicable)
- Video surveillance: Security camera footage
3. Purpose of Data Processing
The collected data is used to:
- Provide bar and restaurant services
- Process reservations and bookings
- Process food and beverage orders
- Process payments
- Issue invoices and receipts
- Manage loyalty programs (if applicable)
- Provide customer service
- Send promotions and special offers (with consent)
- Ensure security through video surveillance
- Comply with health and safety regulations
- Comply with legal and fiscal obligations
- Improve our services
4. Legal Basis for Processing
Data processing is performed based on:
- Consent: When you expressly authorize the use of your data
- Contract execution: To fulfill reservations and service contracts
- Legal obligation: To comply with fiscal, health, and safety obligations
- Legitimate interest: For security surveillance and customer relationship management
5. Data Sharing
Pito does not sell or commercialize personal data. We may share data only with:
- Suppliers: For food and beverage procurement coordination
- Payment processors: For transaction processing
- Service providers: Restaurant management systems, accounting
- Health authorities: To comply with health regulations (when applicable)
- Tax authorities: To comply with tax obligations
- Law enforcement: For security purposes (video surveillance when legally required)
- Consumer protection agencies: To comply with CDC obligations (when applicable)
- Legal authorities: When required by law or court order
6. Data Security
We implement technical and organizational measures to protect your data:
- Encryption of payment and personal data
- Access controls to customer information
- Secure restaurant management systems
- Video surveillance with restricted access
- Security system monitoring
- Regular backups and secure storage
- Employee training on data protection
- Periodic security audits
7. Your Rights as Data Subject
Under LGPD, you have the following rights:
- Confirmation and access: Confirm the existence of processing and access your data
- Correction: Request correction of incomplete, inaccurate, or outdated data
- Anonymization, blocking, or deletion: Request removal of unnecessary data
- Portability: Request data portability
- Deletion: Request deletion of data processed with consent
- Information: Obtain information about data sharing
- Revocation: Revoke consent at any time
- Opposition: Object to the processing performed
8. Cookies and Similar Technologies
We use cookies to improve your browsing experience. You can configure your browser to refuse cookies.
9. Data Retention
We retain your data for the time necessary to:
- Fulfill the purposes described in this policy
- Duration of customer relationship
- Reservation records: for service coordination purposes
- Video surveillance: typically 30-90 days for security purposes
- Legal prescription periods (generally 5 years for fiscal purposes)
- Health and safety regulatory obligations
- Exercise of legal rights
After these periods, data will be securely deleted or anonymized.
10. International Data Transfer
Your data is stored and processed in Brazil. We do not perform international data transfers.
11. Minors
Our services are intended for individuals over 18 years of age. Minors must be accompanied by parents or guardians. We do not intentionally collect data from unaccompanied minors.
12. Changes to This Policy
This Policy may be updated periodically. Significant changes will be communicated by email or website notice.
13. Data Protection Officer (DPO)
We have appointed a Data Protection Officer responsible for ensuring LGPD compliance.
14. Contact
To exercise your rights or clarify questions:
Pito Bar e Restaurante Ltda
Tax ID: 48.312.447/0001-22
Address: R. Mariante, 587
Rio Branco
Porto Alegre - RS
ZIP: 90430-181
Privacy Email: privacy@pitobar.com.br
DPO Email: dpo@pitobar.com.br
Phone: (51) 0000-0000
We will respond to your requests within 15 calendar days, extendable by another 15 days with justification.
15. Applicable Law and Jurisdiction
This Policy is governed by the laws of the Federative Republic of Brazil, especially Law No. 13.709/2018 (LGPD), health regulations, and Consumer Protection Code (CDC). The jurisdiction of Porto Alegre/RS is elected to resolve any disputes.
Last updated: December 2025