Privacy Policy and GDPR

Safeconn Soluções is committed to protecting the privacy and personal data of its clients, partners, and employees in compliance with the General Data Protection Regulation (GDPR).

1. Collection and Use of Personal Data
   Safeconn Soluções collects only the personal data necessary for providing its services and for legitimate purposes, such as name, email address, phone number, financial information, and other service-related details.
   

2. Storage of Personal Data
   Safeconn Soluções stores collected personal data on secure servers, located either in Brazil or abroad, ensuring the confidentiality, integrity, and availability of the information.
   

3. Sharing of Personal Data
   Safeconn Soluções does not share personal data with third parties except when explicitly authorized by the data subject or required by law or competent authority.
   

4. Data Subject Rights
   Safeconn Soluções respects the rights of data subjects, including the right to access, correction, deletion, and portability of their personal data. To exercise these rights, data subjects should contact Safeconn Soluções through the available channels.
   

5. Information Security
   Safeconn Soluções adopts technical and organizational measures to protect collected personal data against unauthorized access, disclosure, loss, or accidental or illegal destruction.
   

6. Training and Awareness
   Safeconn Soluções conducts training and promotes awareness among its employees regarding the importance of privacy and data protection, ensuring compliance with this policy.
   

7. Cookie Policy
   Safeconn Soluções uses cookies on its website to enhance user experience and analyze site performance. Cookie usage can be managed by the user through browser settings.
   

8. Changes to the Privacy Policy and Data Protection
   Safeconn Soluções may modify this policy at any time to comply with changes in legislation or market practices. Changes will be communicated to data subjects through the available channels.
   

9. Contact
   For more information about Safeconn Soluções' Privacy and Data Protection Policy or to exercise your rights as a data subject, please contact us through the channels available on our website.
   
   

IT Asset Disposal (ITAD) Policy

Safeconn Soluções is committed to the secure and responsible management of IT assets at the end of their lifecycle. This policy outlines the procedures and practices for IT asset disposal, emphasizing the importance of logical and physical data destruction and ensuring that assets are disposed of with destruction, not reuse.

1. Objective
   The objective of this policy is to ensure that all IT assets are discarded securely and efficiently, minimizing information security risks and environmental impact, and ensuring compliance with applicable regulations and laws.
   

2. Scope
   This policy applies to all employees, contractors, and third parties handling IT assets belonging to Safeconn Soluções.
   

3. Asset Inventory
   All IT assets reaching the end of their life must be identified and recorded in a detailed inventory, including serial numbers, equipment type, and location.
   

4. Data Assessment
   Before disposal, an assessment must be conducted to identify any sensitive or confidential data present on the IT assets.
   

5. Logical Destruction
   All data on IT assets must be irreversibly erased using logical destruction methods, such as overwriting with specific patterns or degaussing. Approved and certified software tools should be used to ensure data cannot be recovered.
   

6. Physical Destruction
   After logical destruction, IT assets must undergo physical destruction, which may include shredding, dismantling, or other methods to ensure complete hardware destruction. Physical destruction should be performed by certified and specialized companies, ensuring compliance with environmental and safety standards.
   

7. Destruction Record
   A detailed record of IT asset destruction must be maintained, including dates, methods used, and third-party companies involved. Destruction certificates must be obtained and archived for audit and compliance purposes.
   

8. Final Disposal
   Waste resulting from the physical destruction of IT assets must be disposed of following environmentally responsible practices, including recycling components whenever possible. IT assets that contained data must not be reused or resold, ensuring no residual information can be recovered.
   

9. Compliance and Auditing
   Safeconn Soluções will conduct periodic audits to ensure compliance with this policy and assess the effectiveness of IT asset disposal processes. Non-compliances identified during audits will be addressed promptly, with corrective actions implemented as needed.
   

10. Training
    All employees and parties involved in IT asset disposal will receive appropriate training on logical and physical destruction practices and the importance of policy compliance.
    

11. Policy Review
    This policy will be reviewed annually or whenever there are significant changes in regulations or market practices related to IT asset disposal.
    

This policy ensures Safeconn Soluções handles IT asset disposal responsibly and securely, protecting sensitive information and contributing to environmental sustainability.

Data Security and Remote Access Policy

Safeconn Soluções values the security and privacy of client data and adopts the following data security and remote access policy:

1. Remote Access
   To access clients' computers, we use secure remote access tools with advanced encryption. Access is granted only with prior client authorization, who has full control over the remote session. During access, clients can view all actions performed by the technician in real time, ensuring transparency and trust in the service provided.
   

2. Data Transfer
   During remote access, no data will be transferred between computers without the client's need and/or consent. If file transfer is necessary, only files strictly required for service execution will be transferred, with prior client authorization.
   

3. Data Storage
   All data stored by Safeconn Soluções is protected with appropriate security measures to ensure the integrity and confidentiality of the information. Stored data is exclusively owned by the clients and will only be shared with third parties with prior client authorization.
   

4. Employee Training
   All Safeconn Soluções employees undergo regular training on information security and data protection, ensuring they are up-to-date and aware of the associated risks.
   

5. Security Audits
   Safeconn Soluções conducts regular audits of its data security systems and processes to ensure the effectiveness of the adopted measures and the continuous improvement of client data security.
   

The implementation of these measures ensures Safeconn Soluções complies with the General Data Protection Law and prioritizes the security and privacy of client data throughout the remote service process.

Data Recovery Service Policy

Safeconn Soluções follows stringent practices to ensure security and confidentiality during data recovery. Our commitment is to protect client privacy and ensure no data is accessed, disclosed, or used internally without prior authorization.

1. Controlled Access
   All data recovery processes are carried out in a secure and controlled environment, with access restricted to authorized technicians only.
   

2. Protection of Recovered Data
   Recovered data is protected using best practices in information security, ensuring the integrity and confidentiality of restored information.
   

3. Prior Authorization
   Before starting any data recovery, clients will be informed about the files to be recovered and must give prior authorization for the opening of some files to verify their integrity.
   

4. Confidentiality
   We are committed to always maintaining client data confidentiality. No file or information will be transferred or accessed without the explicit need or client consent.
   

5. Post-Recovery Data Handling
   After completing the recovery process and sending the recovered data to the client, all recovered data will be securely stored on our equipment for 7 days or until confirmation of receipt and data integrity by the client. After this confirmation or the 7-day period, all data will be permanently deleted using methods established by NIST 800-88.
   
   

For questions or more information about our policies, please contact us through the available channels. We are here to ensure the security and protection of your information.