Privacy and Data Security
At PLANSERVICE we give top priority to the security and privacy of our customers' and employees' data, establishing a reliable and secure environment for all information entrusted to our care.
Data Security:
- End-to-End Encryption: We use end-to-end encryption to protect all communications and data transactions on our systems. This means that from the moment data is sent to the moment it is stored, it is transformed into a format that is unreadable to any unauthorized person.
- Controlled Access Policies: Only authorized employees have access to customer and employee data. We use access management systems to ensure that only people with specific permissions can view or modify sensitive information.
- Real-Time Monitoring: We implement real-time monitoring systems that track and record activities on our systems. This allows us to identify any suspicious activity immediately and take corrective action quickly.
- Penetration Testing and Vulnerability Assessments: We perform regular penetration testing and vulnerability assessments to identify and remediate any potential weaknesses in our security systems. This includes searching for software vulnerabilities, misconfigurations, and other potential threats.
- Redundant Backups: We perform frequent backups of all critical data and store it in secure locations. This ensures that in the event of a breach or security incident, we can restore data quickly and efficiently.
Cyber Protection:
- Firewalls and Network Monitoring: Our networks are protected by state-of-the-art firewalls that constantly monitor network traffic for suspicious activity. This helps prevent any unauthorized access attempts and ensures that our systems remain secure.
- Advanced Threat Detection: We implement advanced threat detection solutions that use machine learning and artificial intelligence to identify patterns of suspicious activity, even when threats are unknown.
- Software Updates and Patches: We keep our systems and software up to date with the latest security updates and patches, ensuring we are protected against known vulnerabilities.
- Continuous Training: We regularly raise awareness and train our employees on best cybersecurity practices. They are prepared to recognize and report any potential threats, as well as follow strict security protocols.
- Incident Response Plan: We maintain a detailed incident response plan, which is activated immediately in the event of a data breach or security incident. This allows us to act quickly and effectively to minimize any impact.
Data Privacy:
- Limited Purpose Principle: We collect, store and use the personal data of our customers and employees only for legitimate purposes, strictly related to the provision of our services, the fulfillment of legal obligations or the exercise of our legitimate interests. We do not make improper or unauthorized use of this information.
- Express Consent: We do not share personal data with third parties without the express consent of the holders, unless required by law or by court order. We fully respect the wishes of data subjects regarding the sharing of their data.
- Rights of Holders: We recognize and respect the rights of holders of personal data, including the right to access, correction, deletion, portability, limitation or opposition to the processing of their data.
Our company is committed to strict compliance with data protection regulations, including the General Data Protection Law (LGPD), and we are continually updating our security practices to be in line with constantly evolving legal and technological changes.
We appreciate the trust placed in our company and reiterate our ongoing commitment to offering quality solutions, maintaining the highest standard of data security and privacy in all aspects of our services.