EBANX Compliance and Legal Hub

ebanx terms & conditions

Other Documents
EBANX Values
EBANX Privacy Policy
Code of Conduct
Socio-environmental Responsibility Policy
Information Security Policy
Information Security for Third Parties
Responsible Security Vulnerability Disclosure Policy
Gifts, Presents and Hospitality for Third Parties
Sustainability Report 2021
Restricted and Prohibited Products and Services
EBANX Supply and Partnership Standard
Policy Anti-Bribery and Corruption
Anti-Money Laundering And Counter Financing Of Terrorism Policy
Business Continuity Management
Standard for Vendors and Partners

Information Security Policy

September 28, 2022

EBANX acknowledges the responsibility of protecting all processed data and information, regardless of the fact that this information belongs to EBANX, partners or third parties. By protecting these data and information, we can guarantee our reputation as employers and trustable partners, allowing us to grow as a company and offering awesome services to promote the success of any client.
To prove our commitment with information security and data protection, EBANX implements the best security practices and controls on the market.

It is an employee’s responsibility, no matter his or her rank in the company, to be familiarized and to fulfill our information security and data protection policies.

We commit ourselves to guarantee that our Information Security procedures are efficient, effective and continually improved, aiming to protect our data and information, thus avoiding any reputational, legal and financial damage.

As EBANX grew, the company acknowledged that its responsibilities and scope regarding PCI DSS also grew and became more complex. This demands that EBANX evolve making sure that the whole company is aware, engaged and organized in order to keep compliant with the PCI DSS, ISO 27001 standards and best security market practices.

This evolution goes through the strengthening of the current controls and processes and are followed by continuous improvement and consistent, repeatable and manageable processes that are part of the security routine allowing that all PCI DSS requirements are fulfilled or exceeded in our operation.

It is a top management and other leadership duty to guarantee that all necessary resources to fulfill these responsibilities are available and that its execution is efficient and effective. The C-Level shows unconditional support to the information security policies, procedures and actions related to the operation, keeping, control and processes improvement required by the ISO 27001 and PCI DSS certification and demands that all employees, partners and third parties do the same.

João Del Valle ‐ CEO