O Xooriq é uma alternativa ao Apollo.io?

Sim. Cobre prospecção B2B (Google Maps + email finder + monitoramento) a partir de R$597/mês, versus US$2.500/mês médio Apollo. LGPD nativo + CNPJ Brasil.

O Xooriq é LGPD-compliant?

Sim. Processamento de dados B2B públicos sob LGPD com legítimo interesse e opt-out automático.

Quanto custa um crédito extra?

R$0,09 por crédito acima do limite do plano.

Sim, free tier com 100 leads/mês sem cartão de crédito.

Em quais regiões opera?

8 regiões com paridade de poder de compra: Brasil, USA, Índia, EU, Reino Unido, México, Japão, Austrália.

Quem é a empresa por trás do Xooriq?

Xooriq é um produto da Central Fox Tecnologia, mesma empresa do FOX NF-e (emissor fiscal para SaaS brasileiros em foxnfe.com.br) e da plataforma de IA para e-commerce em centralfox.online.

Is B2B lead scraping legal under LGPD?

Yes, when based on legítimo interesse (legitimate interest, LGPD Article 7, §IX) and limited to publicly available business data such as CNPJ records, official company email addresses, and public business telephone numbers. Scraping personal data of individuals (private email, mobile phone) for cold outreach without consent is restricted. The compliant pattern is: source from public registries (Receita Federal, JUCESP, prefeituras), check against Procon and Não Me Perturbe lists, document the legitimate interest basis, and provide easy opt-out in every message.

What makes a lead scraping tool LGPD-compliant?

Five practical signals: (1) data sourced from public business registries, not scraped from LinkedIn or private social profiles; (2) automatic suppression against Procon Nacional and Não Me Perturbe lists at query time; (3) clear legitimate-interest documentation in the legal trail (ROPA/Records of Processing Activities); (4) opt-out signal propagation across all customer outputs within 48h; (5) named DPO contact and incident response procedure. Tools that scrape LinkedIn primarily for Brazilian operations typically fail signal (1) and create downstream exposure for the customer.

Which lead scraping tools work for Brazilian B2B?

For B2B operations in Brazil, the practical options are Xooriq (CNPJ enrichment + Procon cross-check + LGPD native), Kaptto (Brazilian prospecting platform, also LGPD-aware), RadarLeads (Brazilian B2B database), and Speedio (sales intelligence Brazil). International tools like Apollo.io and ZoomInfo can be configured for LGPD but typically require customer-built compliance layers. We recommend cross-checking each vendor on the ANPD (Brazilian Data Protection Authority) site and reviewing their published DPA before signing.

How do I document legitimate interest for LGPD compliance?

Document four elements in your Records of Processing Activities (ROPA): (1) the specific business purpose (e.g., B2B outreach to potential customers in segment X with annual revenue Y), (2) the data minimization principle applied (only public business contact data, no personal data), (3) the balancing test showing that customer rights are not overridden (opt-out provided in every message, suppression list checked), (4) the technical and organizational measures (encryption, access controls, retention policy). Your DPO or external counsel should review and update this annually.

Guide · Brazilian B2B compliance

LGPD-compliant lead scraping: a practical 2026 guide

Brazilian B2B sales teams face a recurring question: which lead scraping tools work without triggering LGPD exposure? This guide covers the legal basis (legítimo interesse vs consent), the five practical signals that separate compliant tools from risky ones, and a side-by-side of the main options available to Brazilian operations today.

The LGPD legal basis for B2B outreach

LGPD Article 7 enumerates ten legal bases for processing personal data. For cold B2B outreach in Brazil, the relevant basis is §IX, legítimo interesse (legitimate interest), which permits processing public business contact data without prior consent when the controller demonstrates a legitimate purpose that does not override the data subject's fundamental rights. This is the same legal basis recognized in GDPR Article 6(1)(f) for B2B contexts in the EU.

Practically, this means a Brazilian sales team can legally email a person at a known business address using their professional email when (a) the data was sourced from a public registry, (b) the outreach is genuinely B2B in nature, (c) the message provides clear opt-out, and (d) suppression lists like Procon Nacional and Não Me Perturbe are honored. It does not permit harvesting personal mobile numbers for SMS or WhatsApp outreach to individuals — that requires consent under Article 7, §I.

Five signals of a compliant tool

Public source documentation: the vendor publishes which registries they pull from (Receita Federal, JUCESP, prefeituras, official APIs). If the data origin is opaque, treat it as elevated risk.
Procon and Não Me Perturbe cross-check at query time: the system checks suppression lists before returning a record, not as a post-hoc filter the customer must configure.
Legítimo interesse documentation in the DPA: the vendor provides a Data Processing Agreement (DPA) with explicit legitimate-interest analysis, balancing test, and customer obligations.
Opt-out signal propagation within 48 hours: when a recipient opts out of one customer's outreach, the suppression propagates to all customers within 48h, not just the one who received the request.
Named DPO and incident response: the vendor lists a Data Protection Officer with direct contact and publishes an incident response procedure with notification SLAs aligned to LGPD Article 48.

Tools for LGPD-compliant B2B prospecting in Brazil

Tool	Origin	LGPD positioning	Pricing model
Xooriq	Brazil (Central Fox)	Native: public registries + Procon cross-check + DPO	Flat $99/mo Scale plan
Kaptto	Brazil	LGPD-aware, customer configures suppression	Tiered seat-based
RadarLeads	Brazil	LGPD-aware, B2B Brazilian database	Tiered subscription
Speedio	Brazil	LGPD-compliant, sales intelligence focus	Enterprise quote
Apollo.io	USA	Customer builds LGPD layer	Per-seat + credits (~$150-250 ACV)
ZoomInfo	USA	Customer builds LGPD layer	Enterprise quote (~$15k+ ACV)
Cognism	UK	GDPR-first, Brazilian coverage limited	Enterprise quote (~$1.5-3k/seat)

Information based on publicly published documentation as of 2026-05. Always review the current DPA and request a compliance review from your DPO before deploying any tool in production.

What to ask before signing

Can you share your current DPA with the legitimate-interest balancing test?
Which Brazilian public sources do you pull from, and how often are they refreshed?
How does opt-out propagation work? What is your SLA?
Who is your named DPO, and what is their direct contact?
Have you been involved in any ANPD investigation? If yes, the outcome and remediation.
Can you provide references from at least three customers in regulated sectors (finance, health, education)?

Try Xooriq with LGPD compliance built in

Free trial: 100 leads/month with full Procon cross-check and legitimate-interest documentation included.

Start free trial →