Privacy Policy | We have updated our privacy policies. Read the updated version here. See what has changed here.

Information Security Policies

How Ackaia deals with the security of its customers’ and users’ information.

Ackaia develops and manages innovative products and services for its customers, and has information security in its DNA, adopting the latest technology and processes that protect and guarantee the privacy of data stored and processed in our environment.

Aiming at the proper treatment of the company’s information and that of all
customers, we are based on the following information security principles:

  • Confidentiality: Any access to information must be obtained only by authorized
    persons, and only when it is actually necessary.
  • Availability: Information must be available for access whenever necessary.
  • Integrity: The accuracy and completeness of the information and its processing
    methods must be guaranteed, as well as transparency in dealing with the public
    involved.

In order to comply with these principles, we have established internal information
security processes and controls, aimed at protecting data throughout its life cycle
(creation, handling, storage, transport and disposal):

  1. Ensuring the protection of information from unauthorized access, copying,
    modification, destruction or disclosure;
  2. Ensuring the principle of transparency, where the purpose of the use of the
    information must be explained, and it must be used only for that purpose;
  3. Ensure proper handling of security incidents, considering detection, mitigation
    and root cause analysis;
  4. Ensuring the prevention, detection and mitigation of vulnerabilities of incidents
    related to the Ackaia environment that stores or processes information;
  5. Establish periodic business continuity tests, considering established incident
    scenarios;
  6. Protect assets through monitoring procedures of the company’s networks and
    technological resources and its employees, in order to detect and prevent
    attacks and intrusions;
  7. Inform customers and users about the information security measures
    necessary for the use and treatment of information;
  8. Ensure compliance with current information security policies, rules and
    requirements in the company;
  9. Raise awareness, educate, evaluate and disseminate the information security
    culture to all employees and third parties, aiming at full compliance with
    security principles and guidelines.

All policies and processes related to information security are reviewed at least once a
year. All customers and the general public can inform Ackaia about suspected incidents
or ask questions related to information security, through the service channels.