Skip to content

LGPD and Data Protection

Our compliance with the General Data Protection Law

NESS is committed to personal data protection and in compliance with the General Data Protection Law (LGPD - Law No. 13.709/2018) since its enforcement.

This page explains our privacy program and how we ensure the protection of personal data we process on behalf of our clients and partners.

Principles We Follow

Our operations are guided by the principles established by LGPD

Purpose

Processing for legitimate, specific and informed purposes to the data subject

Adequacy

Compatibility of processing with the informed purposes

Necessity

Limited to the minimum necessary for achieving the purposes

Transparency

Guarantee of clear, accurate and accessible information about processing

Security

Technical and administrative measures for data protection

Prevention

Adoption of preventive measures to avoid harm to data subjects

Your Rights as a Data Subject

LGPD guarantees various rights to personal data subjects. You can exercise the following rights at any time:

Confirmation and Access

Confirm if there is processing of your data and access them

Correction

Correct incomplete, inaccurate or outdated data

Anonymization, Blocking or Deletion

Request anonymization, blocking or deletion of unnecessary data

Portability

Receive your data in structured and interoperable format

Deletion

Request deletion of data processed with your consent

Information

Obtain information about data sharing

Revocation

Revoke previously given consent

Opposition

Oppose processing in specific cases

Security Measures

We implement robust technical and organizational measures to ensure personal data security:

  • Encryption: Sensitive data is encrypted in transit and at rest
  • Access Control: Access based on principle of least privilege
  • Monitoring: 24x7 SOC with anomaly and threat detection
  • Backup and DR: Automated backup and disaster recovery plan
  • Incident Management: Procedures for rapid response to incidents
  • Training: Continuous team training in privacy and security

Data Protection Officer (DPO)

NESS has a Data Protection Officer (DPO) responsible for:

  • Act as communication channel between NESS, data subjects and ANPD
  • Guide employees and contractors on data protection practices
  • Handle data subject requests
  • Receive communications from the National Data Protection Authority (ANPD)

Contact our DPO

Data Controller:
NESS Processos e Tecnologia Ltda.
CNPJ: 72.027.097/0001-37

DPO Email: privacy@ness.com.br
Phone: +55 (11) 2504-7650
Address: Rua George Ohm 230 Torre A Cj 82, Brooklin Paulista, São Paulo/SP - CEP 04576-020

Need LGPD Support?

Learn about n.privacy - our complete SaaS platform for privacy governance and LGPD compliance

Learn More about n.privacy