Privacy Policy
Last Updated: December 30, 2025
1. Global Compliance and Commitment
Custom Stack acts as a data controller and is committed to protecting the privacy of its users and partners. Our data governance architecture is built under the pillars of LGPD (Brazil), GDPR (EU), and CCPA (USA), ensuring transparency and security throughout our tech stack.
2. Data Collection and Purpose
We process personal data only for legitimate and specific purposes:
- Identification Information: Name and email collected via forms to enable commercial service and technical support.
- Browsing Data: IP address, browser type, and usage behavior, used exclusively for performance optimization and fraud prevention.
- Purpose: The legal basis for processing includes contract execution, CustomStack's legitimate interest, and compliance with legal obligations.
3. Security and Cloud Infrastructure
We implement rigorous cybersecurity controls to protect your data against unauthorized access:
- Encryption of data at rest and in transit (SSL/TLS 1.3).
- Hosting on cloud infrastructure (AWS/Azure/GCP) with ISO 27001 and SOC2 certifications.
- Continuous intrusion monitoring (IDS/IPS).
4. Retention and International Transfer
Data is kept only for the period necessary to fulfill the described purposes. As we operate globally, data may be processed on servers located outside your country of residence, always under standard contractual clauses.
5. Your Rights and Autonomy
We guarantee the full exercise of your rights as a data subject:
- Access and Portability: Obtain a copy of your data in a structured format.
- Revocation and Deletion: Withdraw your consent or request the "right to be forgotten".
- Correction: Update inaccurate or outdated information.
6. Data Protection Officer (DPO)
To exercise any of your rights or ask questions about our data governance, please contact our Data Protection Officer (DPO) directly through our exclusive privacy email:
privacy@customstack.com.br