Information Security Policy

1. Introduction

At Crunchequation, protecting information is fundamental to how we operate. Whether it's our clients' data, internal systems, or our partners' technology, we are committed to maintaining the highest standards of security across all areas of our business.

This policy outlines our principles and approach to information security and applies to all our services, including iGaming consulting, IT and infrastructure, customer support, SEO, and web development.

2. Our Commitment

We are dedicated to ensuring that information handled by our company remains: Confidential: accessible only to authorized people; Intact: protected from unauthorized modification or loss; Available: reliably accessible when needed.

We are committed to continuous improvement in our security practices and staying abreast of emerging threats.

3. Scope of Application

This policy covers:

  • All systems, platforms, and technologies used in our day-to-day operations;
  • All departments and service lines;
  • All employees, contractors, vendors, and third-party collaborators who interact with company systems or data.

4. Key Objectives

We aim to:

  • Build and maintain trust with clients, staff, and partners by ensuring secure operations;
  • Identify and mitigate risks that could compromise our systems or data;
  • Stay compliant with legal, regulatory, and contractual obligations;
  • Continuously enhance our security capabilities as technology and threats evolve.

5. Implementation Strategy

To achieve our objectives, we follow these guiding practices.

  • Security Governance

We designate clear leadership and roles for security operations, compliance, and oversight. Responsibilities are documented and regularly reviewed.

  • Risk Management

We assess information security risks on an ongoing basis, prioritizing areas where threats or vulnerabilities may impact our business or clients.

  • Policies and Controls

We maintain documented security policies that guide employee behavior, access control, password management, system updates, and acceptable use. These policies are made available to all relevant personnel.

  • Monitoring and Logging

Security-relevant activities across our systems are logged and monitored. Anomalies or suspicious behavior are investigated promptly.

  • Incident Response

We have an established procedure for reporting and handling security incidents, including containment, remediation, and notification processes when necessary.

  • Business Continuity and Recovery

Our continuity plans ensure that we can maintain critical services during disruptions. These plans are tested and updated regularly.

  • Vendor Security

We review and assess vendors and partners for compliance with our security requirements. Contracts include appropriate provisions for data protection and confidentiality.

  • Training and Awareness

We provide regular training on security responsibilities, data protection practices, and threat awareness. Everyone in the company is responsible for protecting information.

  • Continuous Improvement

We monitor the effectiveness of our security measures and conduct periodic internal reviews and audits. Gaps are addressed with corrective actions, and lessons learned feed into ongoing improvement efforts.

  • Compliance and Enforcement

Adherence to this policy is mandatory for all staff and third parties who access our systems or data. Violations may result in disciplinary action or contract termination.

The policy is reviewed at least annually by our management team and security leads to ensure it remains aligned with evolving risks, technologies, and regulations. Last updated: May 6, 2025

Contact Us

If you have any questions about our use of cookies or this policy, please contact us at:

  • info@crunchequation.com
  • Rua Senhora da mestra 40, 4410-511 Serzedo
Data Protection Policy​ | Crunchequation