Privacy Policy

Last updated: February 6, 2026

1. Introduction

Gila Security ("we", "our", or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Defenzor Gila Security service ("Service").

This policy complies with Brazil's General Data Protection Law (LGPD - Law No. 13.709/2018), the European General Data Protection Regulation (GDPR), and other applicable data protection laws.

2. Data Controller

Gila Security is the controller of your personal data collected through the Service. For data protection questions, contact our Data Protection Officer (DPO):

Data Protection

Email: [email protected]

3. Data We Collect

3.1 Data you provide

  • Registration data: name, surname, email address, password (encrypted)
  • Profile data: profile picture (optional), company information (optional)
  • Payment data: processed by our payment provider (we do not store card data)
  • Monitored domains: URLs you add for monitoring
  • Communications: support messages and feedback

3.2 Automatically collected data

  • Usage data: pages accessed, features used, clicks
  • Technical data: IP address, browser type, operating system, device
  • Cookies and similar technologies: as detailed in section 7
  • Access logs: date/time of access, actions performed

3.3 Third-party data

  • Social authentication: basic profile data when you use login through external identity providers
  • Integrations: data necessary for integrations with communication and notification tools

4. How We Use Your Data

We use your personal data for the following purposes:

Purpose Legal Basis (LGPD/GDPR)
Provide and maintain the Service Contract performance (Art. 7º, V / Art. 6(1)(b))
Process payments and billing Contract performance (Art. 7º, V / Art. 6(1)(b))
Send alerts and service notifications Contract performance (Art. 7º, V / Art. 6(1)(b))
Marketing communications (optional) Consent (Art. 7º, I / Art. 6(1)(a))
Improve and personalize the Service Legitimate interest (Art. 7º, IX / Art. 6(1)(f))
Customer support Contract performance (Art. 7º, V / Art. 6(1)(b))
Security and fraud prevention Legitimate interest (Art. 7º, IX / Art. 6(1)(f))
Compliance with legal obligations Legal obligation (Art. 7º, II / Art. 6(1)(c))

5. Data Sharing

We do not sell your personal data. We may share your data in the following situations:

5.1 Service providers

We work with trusted third-party service providers to operate our platform. These providers may have access to your personal data only to perform specific tasks on our behalf, including:

  • Payment processing: secure handling of billing and transactions
  • Cloud infrastructure: hosting and data storage services
  • Communication services: email delivery and notifications
  • Analytics and monitoring: service performance and error tracking

These providers are required to protect your data and use it only for the specified purposes.

5.2 Other situations

  • Legal requirements: when required by law, legal process, or government authority
  • Rights protection: to protect our rights, property, or safety
  • Corporate transactions: in case of merger, acquisition, or asset sale

6. International Data Transfers

Some of our service providers are located outside Brazil, including in the United States. When we transfer data outside Brazil, we ensure adequate protection through:

  • Approved standard contractual clauses
  • Transfer mechanisms recognized by applicable legislation
  • Specific consent from the data subject, when necessary

7. Cookies and Tracking Technologies

7.1 Types of cookies we use

Type Purpose Duration
Essential Authentication, security, preferences Session / 30 days
Analytics Understand service usage 2 years
Preferences Language, theme, settings 1 year

7.2 Analytics Tools

With your consent, we use analytics tools to better understand how you use our platform, including:

  • Usage analytics: tracking interactions and events to improve the experience
  • Behavior analytics: heatmaps and session recordings to optimize the interface

Security: Analytics tools are configured to automatically protect your sensitive data such as passwords and payment information.

7.3 Cookie Consent

When you access the platform, you will see a cookie consent banner. You can:

  • Accept All: Activates essential cookies and analytics tools
  • Essential Only: Uses only essential cookies for platform functionality

7.4 Cookie management

You can manage your cookie preferences at any time:

  • Clearing your browser's local storage (localStorage)
  • Reloading the page (the consent banner will appear again)
  • Using your browser's cookie settings

8. Your Rights (LGPD/GDPR)

In accordance with LGPD and GDPR, you have the following rights regarding your personal data:

  • Confirmation and access: know if we process your data and access it
  • Correction: correct incomplete, inaccurate, or outdated data
  • Anonymization or blocking: of unnecessary or excessive data
  • Portability: receive your data in a structured format
  • Deletion: request deletion of data processed based on consent
  • Information: know who we share your data with
  • Revocation: revoke consent at any time
  • Opposition: object to processing in certain circumstances

To exercise your rights, send a request to [email protected]. We will respond within 15 business days.

9. Data Retention

We retain your personal data only for as long as necessary for the purposes described in this policy:

  • Account data: while your account is active
  • Monitoring data: according to your plan's retention period (7 days to 3 years)
  • Billing data: 5 years after closure (tax obligation)
  • Security logs: 6 months

After account cancellation, your data will be deleted within 30 days, except where there is a legal obligation to retain it.

10. Data Security

We implement technical and organizational measures to protect your data:

  • Encryption of data in transit and at rest
  • Secure authentication through trusted identity providers
  • Access controls to protect sensitive information
  • Platform security monitoring
  • Regular data backups

While we strive to protect your data, no method of transmission or storage is 100% secure. In case of a security incident, we will notify you and the competent authorities as required by law.

11. Minors

The Service is not directed to persons under 18 years of age. We do not knowingly collect data from minors. If you are a parent or guardian and believe your child has provided us with personal data, contact us so we can delete it.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by email or prominent notice on the Service. The "last updated" date at the top indicates when it was last revised.

We recommend that you review this policy periodically to stay informed about how we protect your data.

13. Contact

If you have questions about this Privacy Policy or the processing of your personal data, contact us:

Gila Security

General email: [email protected]

Website: https://defenzor.io

14. Data Protection Authority

You have the right to lodge a complaint with the National Data Protection Authority (ANPD) if you believe the processing of your personal data violates LGPD:

National Data Protection Authority (ANPD)

Website: https://www.gov.br/anpd