Information Security Policy

Por Progic - 03/06/2026

Purpose

Progic is committed to protecting your information and personal data, ensuring confidentiality, integrity, and availability, in accordance with legal, contractual, and regulatory requirements, to guarantee business continuity and brand protection.

Principles and commitments

  1. Comprehensive information protection : Information must be protected throughout its entire lifecycle, ensuring confidentiality, integrity, and availability.
  2. Privacy and protection of personal data : The processing of personal data must comply with legal and contractual requirements, guaranteeing the rights of data subjects and transparency in the company’s role, whether as a controller or processor.
  3. Security and privacy by design : Information security and data protection should be incorporated from the design stage of technological solutions, systems, and infrastructures.
  4. Control, traceability, and risk management : Access to information must be controlled, monitored, and auditable, with continuous management of threats, vulnerabilities, and incidents.
  5. Resilience and business continuity : Information security must support service continuity and the ability to recover from adverse events.
  6. Shared responsibility and a culture of security : Information security is everyone’s responsibility, supported by awareness, continuous training, and adequate governance, including in the supply chain.

Responsibility

Senior Management defines and communicates the Information Security Policy, ensuring alignment with the strategy, adequate resources, and effectiveness of the Integrated Management System (IMS).

The information security and infrastructure team implements, operates, and maintains information security controls, such as system protection, access management, monitoring, vulnerability treatment, and service continuity support, following established policies.

Employees and third parties must comply with the Information Security Policy, use technological resources securely, protect the information under their responsibility, and report security or privacy incidents or events immediately.

Communication and availability

This policy is communicated internally and made available to stakeholders on the company’s official website.

Note: This Policy has been automatically translated from its original version in Portuguese.

Por

Progic

Plataforma multicanal de comunicação interna para alcançar 100% dos seus colaboradores.

wid.studio