Information Security Policy

EBANX acknowledges the responsibility of protecting all processed data and information, regardless of the fact that this information belongs to EBANX, partners or third parties. By protecting these data and information, we can guarantee our reputation as employers and trustable partners, allowing us to grow as a company and offering awesome services to promote the success of any client.

To prove our commitment with information security and data protection, EBANX implements the best security practices and controls on the market.

It is an employee responsibility, no matter his or her rank in the company, to be familiarized and to fulfill our information security and data protection policies.

We commit ourselves to guarantee that our Information Security procedures are efficient, effective and continually improved, aiming to protect our data and information, thus avoiding any reputational, legal and financial damage.

As EBANX grew, the company acknowledged that its responsibilities and scope regarding PCI DSS also grew and became more complex. This demands that EBANX evolve making sure that the whole company is aware, engaged and organized in order to keep compliant with the PCI DSS standards.

This evolution goes through the strengthening of the current controls and processes and are followed by continuous improvement and consistent, repeatable and manageable processes that are part of the security routine allowing that all PCI DSS requirements are fulfilled or exceeded in our operation.

It is a management and executive body duty to guarantee that all necessary resources to fulfill these responsibilities are available and that its execution is efficient and effective. The C-Level shows unconditional support to the information security policies, procedures and actions related to the operation, keeping, control and processes improvement required by the PCI DSS certification and demands that all employees, partners and third parties do the same.

João Del Valle ‐ COO