When it comes to security, senhasegura goes above and beyond to meet the highest industry standards. We regularly invest in compliance with the most demanding and renowned regulatory requirements in the Information Security market.
Our commitment to data privacy can be seen in our certifications and compliance, including the SOC2-Type 2 Report, ISO 27001 certification, and LGPD check seal. We take pride in our adherence to major privacy regulations such as GDPR, CCPA, and LGPD.
Your peace is our priority.
These certifications are a promise to our clients and partners that we’re doing everything possible to keep their data and systems safe, addressing risks that go beyond customer data and showing that we are a reliable and trustworthy partner.
On June 2023, senhasegura earned the LGDP (General Law of Personal Data Protection) certification, granted by Privacidade Garantida. This law is enforced by the Brazilian Data Protection Authority (ANPD) and requires organizations to adhere to specific definitions and authorized uses of personal data. Our LGDP certification fortifies our position as a market leader and reinforces our commitment to offering first-class solutions to our customers.
We are fully compliant with the ISO/IEC 27001:2013, which guarantees that our company handles all data with confidentiality and integrity. We are also certified in Information Management Systems with ISO/IED 27001:2013, offering the highest level of protection against cyber threats and ensuring that companies can provide autonomy over internal information.
the SOC 2® Type II report certifies that senhasegura designs, implements, and operates with a guarantee of service and system requirements, based on relevant criteria established by the AICPA such as trustworthy service, availability, processing integrity, and confidentiality. This report was prepared with an audit of the senhasegura SaaS 360º Privilege platform based on our system and the organization of our services.
senhasegura is a proud member of a select group of institutions qualified by the CVE® (Common Vulnerabilities and Exposures) Program to identify, attribute, and publish software vulnerabilities. As a CNA (CVE Numbering Authority), senhasegura can point out CVEs in its own products and can also report cyber flaws and vulnerabilities found in third-party software. We’re proud to cooperate with the global community to strengthen cybersecurity in response to growing threats in cybernetics.
As part of our commitment to protecting data privacy, we embrace and comply with key privacy legislation, incorporating the necessary practices to demonstrate our ongoing commitment to the privacy and security of our customers', partners', and employees' data.
The General Data Protection Regulation (GDPR) is a privacy legislation established by the European Union, effective since May 2018. Its main objective is to protect the personal data of EU citizens by mandating that companies handle this data transparently, securely, and within legal parameters.
GDPR gives individuals more control over their personal information and imposes stricter responsibilities on organizations involved in the collection and processing of data, regardless of geographic location. The law includes rights such as access, rectification, erasure, and data portability, while imposing substantial penalties for non-compliance.
The CCPA (California Consumer Privacy Act) is a privacy law established by the United States, effective since January 2020. It gives Californians more control over their personal data by allowing them to ask questions about how companies collect and use it and giving them the right to opt out of sharing or selling it.
The CCPA also applies to businesses that meet certain size and activity criteria and imposes penalties for consumer privacy violations.
The General Data Protection Law (LGPD) is a Brazilian law that went into effect in September 2020. Inspired by the European Union's GDPR, the LGPD aims to protect the privacy and security of Brazilian citizens' personal data. The law requires organizations to obtain data subject consent, provide transparency around data processing, and implement appropriate security measures.
In addition, the LGPD establishes principles in relation to data processing and gives individuals rights to their data, such as access, correction, deletion, and portability.
