1. Acceptance of Terms
These Terms of Use ("Terms") govern access to and use of the Effluex platform ("Platform" or "System"), offered as a SaaS (Software as a Service) by the providing company ("Effluex" or "Operator") to its contracting Customers ("Controllers") and their authorized users ("Users").
By accessing, registering or using the Platform, the User declares to have read, understood and fully accepted these Terms, as well as the Privacy Policy and the Cookie Policy, which are incorporated herein by reference.
If the User does not agree with any provision of these Terms, the User shall refrain from using the Platform.
2. Definitions
For the purposes of these Terms, the following definitions apply, in addition to those set out in the Privacy Policy:
- Platform:
- the Effluex system, including software, database, application interfaces, APIs, documentation and other components accessible to the User.
- Controller / Customer:
- the contracting entity that enters into a service agreement with the Operator (municipality, concessionary company, environmental agency or WWTP operating company).
- User:
- natural person authorized by the Controller to access and operate the Platform, including operators, technical leads, managers and administrators.
- Account:
- individual and non-transferable access credentials assigned to the User by the Platform.
- Customer Content:
- all data, records, documents, operational parameters and reports entered or generated by the Controller and its Users within the Platform.
3. Object and Service Scope
The Platform is a multi-tenant SaaS solution, hosted on Amazon Web Services (AWS) infrastructure, intended for the management and operational monitoring of Wastewater Treatment Plants (WWTPs), covering, among other features:
- Registration and parameterization of WWTPs, collection points and technical leads;
- Recording and storage of operational, physicochemical and laboratory data;
- Generation of environmental compliance reports, dashboards and indicators;
- Integration with IoT sensors and regulators, when applicable;
- Application of Artificial Intelligence resources for predictive analysis, anomaly detection and routine automation;
- Audit trails, access logs and operational control mechanisms.
The specific scope, contracted modules, operational limits and applicable service levels (SLAs) for each Customer are detailed in the agreement signed between the Operator and the Controller.
4. Registration, Account and Credentials
Access to the Platform requires prior registration carried out by the Controller or by a delegated administrator, with the creation of individual and named credentials for each User.
Credentials are personal and non-transferable. The User is fully responsible for all actions performed in their Account, undertaking to:
- Maintain the confidentiality of password and other authentication factors;
- Enable multi-factor authentication (MFA) whenever available, mandatory for administrative profiles;
- Immediately notify the Operator and the Controller of any suspicion of unauthorized use, credential compromise or security incident;
- Use trusted devices with minimum security measures.
The Operator may, at any time, require password reset, permission review or preventive Account suspension in case of risk to the security of the Platform or of Customer Content.
5. License of Use
Subject to acceptance of these Terms and to a valid contract with the Controller, the Operator grants the Controller and its authorized Users a personal, non-exclusive, non-transferable, non-sublicensable and revocable license to access and use the Platform, strictly for the contracted purposes.
The User is expressly forbidden from:
- Reproducing, modifying, decompiling, performing reverse engineering or creating derivative works from the Platform;
- Selling, sublicensing, assigning or transferring, in whole or in part, access to the Platform to unauthorized third parties;
- Using the Platform for unlawful, fraudulent purposes, contrary to morality or public order;
- Using the Platform for purposes other than those provided in the contract with the Controller;
- Conducting intrusion tests, vulnerability scans or any investigative activity without prior, formal and specific authorization from the Operator.
6. User Obligations
Without prejudice to the other obligations set forth in these Terms, in the Privacy Policy and in applicable law, the User undertakes to:
- Use the Platform in a lawful, ethical manner and in compliance with the LGPD and other applicable regulations;
- Provide truthful, complete and updated information when registering and operating the System;
- Respect access profiles and competencies assigned by the Controller;
- Not insert third-party personal data without an adequate legal basis;
- Not insert sensitive personal data, except when strictly necessary and authorized;
- Not attempt to bypass security mechanisms, authentication or audit trails;
- Cooperate with the Operator in incident investigations, providing pertinent information in a timely manner.
7. Effluex Obligations
The Operator undertakes to:
- Make the Platform available in compliance with the contracted service levels (SLAs);
- Maintain the technical and organizational security measures described in the Privacy Policy;
- Process personal data exclusively within the limits of the Controller's instructions and the contracted purposes;
- Notify security incidents to the Controller within a reasonable period, in the manner provided in the Privacy Policy and in the LGPD;
- Provide technical support through the channels and during the hours established contractually;
- Maintain up-to-date documentation of features, integrations and sub-operators.
8. Payment, Term and Renewal
Amounts, payment methods, term, adjustment hypotheses, renewal conditions and other commercial aspects are established in the contract signed between the Operator and the Controller, with the provisions of that instrument prevailing over these Terms in case of divergence.
Late payment or default may result in preventive suspension of access, without prejudice to the continued retention of data for the applicable legal and contractual periods.
9. Intellectual Property
The Platform, its features, source code, layouts, trademarks, logos, manuals, technical documentation and other elements are the exclusive property of the Operator or its licensors, protected by Brazilian and international intellectual property law.
Customer Content, that is, the data, records, documents and reports entered or generated by the Controller and its Users, remains the exclusive property of the Controller. The Operator, in performing its activities, receives a limited license to host, process and return such content, strictly under the contractual terms.
The User is forbidden from using trademarks, distinctive signs or visual identity of the Operator without prior, formal and specific authorization.
10. Confidentiality
All information exchanged between the parties in connection with the use of the Platform, especially Customer Content and configuration data, is considered confidential and may only be disclosed upon express authorization, legal requirement or order from a competent authority.
The confidentiality obligation survives the termination of the contractual relationship for the period set in the contract with the Controller and, in its absence, for 5 (five) years.
11. Limitation of Liability
The Operator makes its best efforts to keep the Platform operational, secure and aligned with best practices, without, however, guaranteeing uninterrupted availability or total absence of errors, failures or unavailability arising from events beyond its reasonable control.
The Operator is not responsible for:
- Damages resulting from misuse of the Platform by the User or the Controller;
- Unavailability or failures attributable to third-party infrastructure, public networks, Customer connectivity or force majeure events;
- Content, information or decisions based on data entered by the Controller or User itself;
- Unauthorized access resulting from credential compromise under the User's responsibility.
The Operator's total liability, in any case, will observe the limits established in the contract signed with the Controller and in applicable law.
12. Suspension and Termination
The Operator may suspend, restrict or terminate access to the Platform, upon notice to the Controller, in the following cases:
- Breach of these Terms, of the contract or of the Privacy Policy;
- Contractual default;
- Indications of fraudulent, unlawful use or use that puts at risk the security of the Platform or other Customers;
- Judicial, regulatory or administrative determination.
Once the contract is terminated, and the legal and contractual retention periods are observed, the data will be returned to the Controller or securely deleted, under the Privacy Policy.
13. Changes to These Terms
These Terms may be updated at any time due to regulatory, technological, contractual or operational developments. The current version will always be available on the official Effluex website and/or in the authenticated area of the System, with the date of the last update indicated.
Substantial changes will be communicated in advance to the Controller and, when applicable, to Users, through the registered communication channels. Continued use of the Platform after the new version takes effect will imply agreement with the updated terms.
14. Applicable Law and Jurisdiction
These Terms are governed by the laws of the Federative Republic of Brazil, in particular the Civil Code, the General Data Protection Law (Law No. 13,709/2018) and the Brazilian Internet Civil Framework (Law No. 12,965/2014).
The court of the district of the Operator's headquarters is hereby elected to settle any disputes arising from these Terms, except for legal jurisdictions that prevail by force of law, such as consumer and public-entity venues.
15. Contact
Questions, requests or communications related to these Terms can be sent through the official channels of the Operator:
- General email:
- contato@effluex.com.br
- Data Protection Officer (DPO):
- dpo@effluex.com.br