Legal
Privacy Policy
The Motion Show Last updated: 22 June 2026 Effective date: 22 June 2026
This Privacy Policy explains how 32.862.107 Moises Cerqueira Santana Filho (CNPJ 32.862.107/0001-35), operating as The Motion Show ("The Motion Show", "we", "us", or "our"), collects, uses, shares, and protects personal data when you visit themotionshow.com (the "Site"), contact us, receive communications from us, or use our video branding services (the "Services").
We act as the data controller for the personal data described below. We are based in Brazil and serve clients worldwide, so this Policy is written to comply with the Brazilian General Data Protection Law (LGPD, Law No. 13.709/2018), and, where they apply, the EU and UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act as amended (CCPA/CPRA), and other applicable data protection laws.
1. Who we are and how to contact us
- Controller: 32.862.107 Moises Cerqueira Santana Filho (The Motion Show)
- Registration: CNPJ 32.862.107/0001-35, registered as a Microempreendedor Individual (MEI) in Brazil
- Address: Avenida Sete de Setembro, 1448, Centro, Salvador, BA, CEP 40020-465, Brazil
- Privacy contact: hello@themotionshow.com
For LGPD purposes, the person responsible for handling data requests and acting as our communication channel with data subjects and the National Data Protection Authority (ANPD) is reachable at the privacy contact above.
2. The personal data we collect
We collect only the data we need to run our business. The categories are:
a) Data you give us directly
- Identification and contact data: name, email address, business or channel name, phone number, social or website links.
- Project data: briefs, goals, brand materials, files, logos, footage, and any content you share so we can deliver the Services.
- Communications: messages you send us by email, contact form, chat, scheduling tools, or social media.
- Booking data: details you submit when scheduling a call (for example through our scheduling provider).
b) Data we collect automatically when you use the Site
- Usage and device data: IP address, browser type, device type, operating system, pages viewed, referring page, time on page, and similar log data.
- Cookies and similar technologies: see Section 5.
c) Data we receive from third parties
- Business contact data from professional and prospecting sources (for example public professional profiles, business databases, and lead-generation tools) that we use for business-to-business outreach.
- Advertising and analytics data from platforms such as Google, including aggregated campaign performance.
We do not intentionally collect sensitive personal data (such as health, racial, religious, or biometric data). Please do not send us sensitive data unless it is strictly necessary and requested.
3. Why we use your data and our legal basis
We process personal data only where we have a lawful basis. The table below maps each purpose to its legal basis under the LGPD (Art. 7) and the GDPR (Art. 6).
| Purpose | Legal basis (LGPD / GDPR) |
|---|---|
| Respond to your enquiries and provide quotes | Steps prior to a contract / pre-contract measures and legitimate interests |
| Deliver, manage, and support the Services | Performance of a contract |
| Process payments and keep financial records | Legal obligation and performance of a contract |
| Send business-to-business marketing and outreach to professional contacts | Legitimate interests (promoting our services), subject to your right to opt out |
| Send marketing to people who asked to hear from us | Consent |
| Run and measure analytics and advertising | Consent (for non-essential cookies) and legitimate interests |
| Operate, secure, and improve the Site | Legitimate interests |
| Comply with law and defend legal claims | Legal obligation and regular exercise of rights |
Where we rely on legitimate interests, we have balanced our interests against your rights, and you can object at any time (see Section 10). Where we rely on consent, you can withdraw it at any time without affecting prior processing.
4. Marketing and outreach communications
If you receive a marketing email from us, you can opt out at any time using the unsubscribe link in the message or by emailing us. We honour opt-out requests promptly and, in any case, within the timeframes required by law. We do not use false or misleading sender or subject information, and our commercial emails identify who we are and include a valid postal or business contact. These practices reflect the requirements of the US CAN-SPAM Act and equivalent rules in other regions.
5. Cookies and similar technologies
The Site uses cookies and similar technologies. We group them as:
- Strictly necessary cookies that make the Site work. These do not require consent.
- Analytics cookies (for example Google Analytics) that help us understand how the Site is used.
- Advertising cookies (for example Google Ads) that help us measure and deliver relevant advertising.
Analytics and advertising cookies are non-essential. Where required by law, we load them only after you give consent through our cookie banner, and you can withdraw consent or change your choices at any time through the "Cookie settings" link in our footer, the banner, or your browser settings. For details on each cookie, see our Cookie Notice.
6. How we share your data
We do not sell your personal data. We share it only with:
- Service providers (processors) who help us operate, such as website hosting, analytics, advertising, scheduling, email and communication tools, prospecting tools, cloud storage, and payment processors. They may only process data on our instructions.
- Professional advisers such as accountants and lawyers, where needed.
- Authorities where required by law, court order, or to defend our legal rights.
- Business transfers, if we are ever involved in a merger, acquisition, or sale of assets.
The main sub-processors we rely on are listed below. We keep this list current as our stack changes.
| Sub-processor | Purpose | Location |
|---|---|---|
| Wix | Website hosting and the live site | United States / global |
| Supabase | Application database and file storage | United States / global |
| Clerk | Account authentication and sign-in | United States |
| Stripe | Payments and billing | United States / global |
| Google (Analytics, Ads) | Site analytics and advertising measurement | United States / global |
| Google (Gemini / Imagen) | AI image generation for client content | United States / global |
| Higgsfield | AI image and video generation for client content | United States / global |
| ElevenLabs | AI voice and sound generation for client content | United States / global |
| Supermetrics | Marketing data aggregation for client reporting | European Union / United States |
| Meta, TikTok, LinkedIn, YouTube | Advertising and social analytics for client reporting | United States / global |
Several of these providers are established outside Brazil (see Section 7 on international transfers).
7. International data transfers
Because we use global service providers and serve clients worldwide, your data may be processed in countries other than your own, including the United States and the European Union. When we transfer data internationally, we rely on lawful transfer mechanisms, such as adequacy decisions, standard contractual clauses, or the safeguards required by the ANPD and the GDPR, so your data keeps an adequate level of protection.
8. How long we keep your data
We keep personal data only as long as needed for the purposes in this Policy:
- Enquiry and prospect data: up to 18 months from last contact, unless you become a client or ask us to delete it sooner.
- Client and project data: for the duration of our relationship and then for the period required to meet legal, tax, and accounting obligations (in Brazil, generally up to 5 years, and longer where the law requires).
- Cookie and analytics data: for the retention period set in each tool.
When data is no longer needed, we delete or anonymise it.
9. How we protect your data
We use reasonable technical and organisational measures appropriate to our size and risk, including access controls, encryption in transit where available, reputable providers, and limiting access to people who need it. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
10. Your rights
Depending on where you live and which law applies, you have some or all of these rights:
- Confirmation that we process your data and access to it.
- Correction of incomplete, inaccurate, or outdated data.
- Deletion, anonymisation, or blocking of unnecessary or excessive data, or data processed unlawfully.
- Portability of your data to another provider.
- Information about with whom we have shared your data.
- Withdrawal of consent and information about the consequences of refusal.
- Objection to processing based on legitimate interests.
- The right to opt out of marketing.
- The right to lodge a complaint with a supervisory authority.
For California residents (CCPA/CPRA): you also have the right to know what personal information we collect and how we use and share it, the right to correct it, the right to delete it, the right to opt out of "sale" or "sharing" for cross-context behavioural advertising, and the right to limit the use of sensitive personal information. We do not sell your personal information for money. We do not discriminate against you for exercising your rights. To exercise the opt-out of sharing for advertising, adjust your choices in our cookie banner.
How to exercise your rights: email us at hello@themotionshow.com. We may need to verify your identity. We respond within the timeframes set by the applicable law (for example, without undue delay under the LGPD, within one month under the GDPR, and within 45 days under the CCPA, with extensions where permitted). You can also authorise an agent to act for you where the law allows.
11. Children
The Site and Services are intended for businesses and professionals and are not directed at children. We do not knowingly collect data from children. If you believe a child has given us data, contact us and we will delete it.
12. Third-party links
The Site may link to third-party sites and platforms (for example YouTube, social media, or scheduling tools). We are not responsible for their privacy practices. Please review their policies.
13. Changes to this Policy
We may update this Policy from time to time. We will post the new version here with an updated date, and, for material changes, we will give a more prominent notice where appropriate.
14. Complaints and supervisory authorities
If you have a concern, please contact us first. You also have the right to complain to a data protection authority:
- Brazil: Autoridade Nacional de Proteção de Dados (ANPD), gov.br/anpd.
- European Union: your local Data Protection Authority.
- United Kingdom: the Information Commissioner's Office (ICO), ico.org.uk.
- California: the California Privacy Protection Agency (CPPA) or the California Attorney General.
This Privacy Policy reflects how The Motion Show handles personal data today. We review it periodically and update the date above whenever it changes.
