How Nexyla handles personal and technical data through KSV Análises Técnicas Industriais Ltda — in line with the Brazilian General Data Protection Law (LGPD) and the regulatory framework that governs technical analysis, software testing, and digital security operations.
This Privacy Policy explains how personal and technical data is collected, processed, stored, and protected when individuals and organizations interact with the institutional website nexyla.online, operated by KSV ANALISES TECNICAS INDUSTRIAIS LTDA — a technical desk dedicated to software testing, code verification, web auditing, and digital security services from Rio das Ostras, Rio de Janeiro.
The website may collect the following categories of personal and commercial data, depending on how the visitor interacts with the technical desk:
Personal and technical data is processed only to enable the operation of the website and the technical engagements built around it. Specifically:
Data processing may be based on the user's consent where applicable, legitimate business interest, pre-contractual steps, contract execution, or compliance with legal obligations — in particular the Lei Geral de Proteção de Dados (LGPD — Law No. 13,709/2018), the Marco Civil da Internet (Lei nº 12.965/2014) governing internet usage and data handling in Brazil, the Brazilian Civil Code, and applicable commercial regulations.
Personal information is not sold or transferred to third parties for marketing purposes. Data may be shared with essential service providers — such as hosting, email delivery, security infrastructure, technical support, and accounting partners — solely when required for website operations, engagement execution, or regulatory compliance.
Disclosure to competent authorities may occur when required by law. Findings from technical engagements remain confidential to the contracting client and are not disclosed externally except where (a) explicitly authorized by the client, (b) legally required, or (c) involving an active threat to third parties that ethical disclosure principles require us to report through appropriate channels and within the engagement's responsible disclosure framework.
Information is retained for as long as needed to fulfill the purposes described in this Policy, to maintain legitimate business and engagement records, or to comply with applicable legal, fiscal, and regulatory requirements. Technical engagement records — including scope documents, testing artifacts, findings, and final reports — are retained in line with applicable Brazilian commercial and contractual requirements. Sensitive technical data such as credentials, sample exploit data, and proof-of-concept findings is treated under strict retention discipline and securely disposed of when no longer operationally required for the engagement.
Security is the work — and we apply it to ourselves first. We implement reasonable technical and administrative safeguards to minimize the risk of unauthorized access, loss, alteration, or improper disclosure of personal and technical data. Engagement materials — scope documents, codebases under audit, vulnerability findings, and remediation recommendations — are handled with the discretion this kind of work demands. No online environment can guarantee absolute security, and clients are encouraged to use appropriate channels (such as encrypted communications) when sharing particularly sensitive technical material.
Under Brazilian data protection law, individuals may have rights including: access to their personal data, correction of inaccurate information, deletion, anonymization, restriction of processing, data portability, information about sharing, and withdrawal of consent where applicable. To exercise these rights, contact us at privacy@nexyla.online.
This website may use essential technical cookies to ensure proper functionality and navigation. No advertising tracking or behavioral profiling is currently implemented on this institutional website.
If this website links to third-party platforms or services, their own privacy policies apply. KSV ANALISES TECNICAS INDUSTRIAIS LTDA is not responsible for the data practices of external websites or platforms.
Information related to active technical engagements — including scope definitions, authorization records, testing artifacts, vulnerability findings, security assessments, and final reports — is handled with strict operational confidentiality and used exclusively for engagement execution, accounting, and the contractual relationship with the client. Records related to security findings are retained under access controls appropriate to their sensitivity.
Technical analysis and security work routinely involves access to highly sensitive information — proprietary source code, system architecture, credentials, vulnerability findings, and the kind of technical context that could be misused if disclosed improperly. All such information is treated under strict professional and contractual confidentiality, and is not disclosed externally except in the limited and explicit circumstances defined in the engagement contract or required by law. Specific confidentiality obligations are formalized in written engagement agreements.
This Privacy Policy may be updated at any time to reflect changes in operations, law, or website structure. The version published on this page is always the current and applicable version. We recommend reviewing it periodically.
For any privacy-related questions, data requests, or concerns, please reach us at privacy@nexyla.online or through our commercial email at contact@nexyla.online.