LGPD and Data Protection

    Our compliance with the General Data Protection Law

    NESS is committed to personal data protection and in compliance with the General Data Protection Law (LGPD - Law No. 13.709/2018) since its enforcement.

    This page explains our privacy program and how we ensure the protection of personal data we process on behalf of our clients and partners.

    Principles We Follow

    Our operations are guided by the principles established by LGPD

    Purpose

    Processing for legitimate, specific and informed purposes to the data subject

    Adequacy

    Compatibility of processing with the informed purposes

    Necessity

    Limited to the minimum necessary for achieving the purposes

    Transparency

    Guarantee of clear, accurate and accessible information about processing

    Security

    Technical and administrative measures for data protection

    Prevention

    Adoption of preventive measures to avoid harm to data subjects

    Your Rights as a Data Subject

    LGPD guarantees various rights to personal data subjects. You can exercise the following rights at any time:

    Confirmation and Access

    Confirm if there is processing of your data and access them

    Correction

    Correct incomplete, inaccurate or outdated data

    Anonymization, Blocking or Deletion

    Request anonymization, blocking or deletion of unnecessary data

    Portability

    Receive your data in structured and interoperable format

    Deletion

    Request deletion of data processed with your consent

    Information

    Obtain information about data sharing

    Revocation

    Revoke previously given consent

    Opposition

    Oppose processing in specific cases

    Security Measures

    We implement robust technical and organizational measures to ensure personal data security:

    • Encryption: Sensitive data is encrypted in transit and at rest
    • Access Control: Access based on principle of least privilege
    • Monitoring: 24x7 SOC with anomaly and threat detection
    • Backup and DR: Automated backup and disaster recovery plan
    • Incident Management: Procedures for rapid response to incidents
    • Training: Continuous team training in privacy and security

    Data Protection Officer (DPO)

    NESS has a Data Protection Officer (DPO) responsible for:

    • Act as communication channel between NESS, data subjects and ANPD
    • Guide employees and contractors on data protection practices
    • Handle data subject requests
    • Receive communications from the National Data Protection Authority (ANPD)

    Contact our DPO

    Data Controller:
    NESS Processos e Tecnologia Ltda.
    CNPJ: 72.027.097/0001-37

    DPO Email: privacy@ness.com.br
    Phone: +55 (11) 2504-7650
    Address: Rua George Ohm 230 Torre A Cj 82, Brooklin Paulista, São Paulo/SP - CEP 04576-020

    Need LGPD Support?

    Learn about n.privacy - our complete SaaS platform for privacy governance and LGPD compliance

    Learn More about n.privacy