Legal & Privacy - Cosmos Model Management

Cosmos Model Management collects personal data so we can represent models, present them to partner agencies, and run the agency day to day. This page tells you what we collect, why we collect it, what we do with it, and how to ask for it back, change it, or have it deleted.

Who we are

Cosmos Model Management is a Brazilian model agency operating internationally. The data controller is Jordan Bürger, founder and CEO. Any privacy request can be addressed directly to him at jordan@cosmosmgm.com.

Data we collect

We collect data through three channels: the Be Discovered form on this site, the Welcome Form sent to newly signed models, and direct contact (email, WhatsApp, in-person meetings).

The data falls into these categories:

Identity and contact: name, email, phone, date of birth, nationality, address, Instagram, emergency contact.
Professional: measurements, photos, video, portfolio links, current and past agencies, languages, sports and artistic skills, willingness for specific job types (swimwear, lingerie, nude, etc.).
Sensitive data: allergies, phobias, history of psychiatric conditions, scars, piercings, tattoos. Under Brazil's LGPD (Art. 5º, II) this category receives stricter handling.
Browsing data: standard analytics through cookies (visit, page, device type). We don't run advertising trackers.

Why we collect it

Each category serves a specific purpose:

Identity and contact: to communicate with you, send opportunities, manage contracts, and meet legal obligations.
Professional: to present you to partner agencies and clients, build your model card, organize your portfolio, and arrange travel and visas.
Sensitive data: to keep you safe on the job. Allergies and medical history are shared with production teams only when the job involves specific risks (animals, food, certain materials). Scars and piercings are shared with clients during casting because they affect visual continuity. We collect this data based on your explicit consent (LGPD Art. 11º).
Browsing data: to understand how the site is used and improve it.

Who sees it

Inside Cosmos: Jordan and the small operations team (currently Josh on commercial and onboarding).

Outside Cosmos:

Partner agencies in countries where you're being pitched or placed (Asia, Europe, Middle East, Americas).
Clients (brands, photographers, productions). only the data needed to confirm a booking.
Service providers we use to run the agency: Notion (database), Google Workspace (email, drive, forms), Wise (payments), Vercel (this website), Brevo (email campaigns). Each of these has its own privacy policy.

We do not sell your data. We do not share it with parties unrelated to your career.

International transfers

Because we work with agencies and clients abroad, your data leaves Brazil regularly. By signing with Cosmos or submitting a form, you authorize this transfer for the purpose of representing you in international markets. We only send what's necessary for each pitch.

How long we keep it

While you're with Cosmos, we keep your data for as long as we represent you. After the contract ends, we keep records that may be needed for legal, accounting, or tax purposes (typically 5 years), and delete the rest on request.

Be Discovered submissions that don't lead to a signing are kept for up to 12 months and then deleted.

Your rights

Under LGPD (Art. 18) you have the right to:

Confirm whether we hold your data, and access a copy of it.
Correct anything that's wrong, incomplete, or out of date.
Delete data that's no longer needed for the purpose it was collected for.
Ask for your data in a portable format.
Withdraw consent for the use of sensitive data at any time.
Know who we've shared your data with.
Object to a specific use of your data.

To exercise any of these, email jordan@cosmosmgm.com. We respond within 15 days.

Cookies

This site uses cookies for two things: remembering your language preference, and basic anonymous analytics. There are no advertising cookies and no third-party tracking pixels. The cookie banner you saw on first visit records your acceptance.

Security

Data is stored in industry-standard cloud services with encryption in transit and at rest (Notion, Google Workspace, Vercel). Access is limited to the operations team. Sensitive data (health, scars, willingness fields) is restricted to people involved in your direct representation.

Changes to this policy

If we update this policy in a way that affects how we use existing data, we'll let you know by email before the change takes effect.

Last updated: 7 May 2026.