Your data, treated with the same rigor as an engagement.

Basilisk, operated by Volucer Group, headquartered in São Paulo/SP, is the controller of personal data processed from this site and during commercial engagements.

DPO contact: contato@basilisk.com.br

Via contact form: name, corporate email, company and free message you choose to send.

Via navigation: anonymous technical data (device type, pages visited, session time) for aggregated analytical purposes. We do not use individual profiling for advertising.

During engagements: technical data from the tested environment, per contractual scope. Personal data is only accessed when strictly necessary to demonstrate impact and under specific NDA.

Contact form and commercial relationship: contract execution and preliminary procedures (art. 7 V LGPD).

Strictly necessary cookies and security logs: legitimate interest (art. 7 IX LGPD).

Subsequent commercial communications: consent, revocable at any time.

Respond to contact requests and issue commercial proposal.

Execute offensive security contracts and deliver contracted artifacts.

Comply with legal, regulatory and audit obligations.

Improve the site and user experience with aggregated metrics.

We don't sell data. We share only with: infrastructure providers (hosting, email), accountants and lawyers under professional secrecy, authorities when required by law.

Suppliers are selected with specific data protection contractual clauses.

Commercial contacts without contracting: up to 24 months from last contact.

Executed contracts: for the applicable legal period (minimum 5 years after closure for tax and audit purposes), subject to specific obligations.

Engagement technical artifacts: destroyed in certified manner within 90 days after final delivery, except for express retention requested by client.

Part of infrastructure (email, analytics) may involve processing on servers outside Brazil, in countries with adequate protection level or under standard contractual clauses, per art. 33 LGPD.

You may request at any time: processing confirmation, access, correction, anonymization, portability, deletion and consent revocation.

Exclusive channel: contato@basilisk.com.br. We respond within 15 business days.

We apply risk-proportional controls: encryption in transit (TLS 1.3) and at rest, access segmentation, auditable logs, MFA on sensitive accounts and periodic reviews.

Incidents with relevant risk are communicated to authorities and affected subjects per applicable law.

We use only strictly necessary cookies for site operation and aggregated anonymous metrics. There are no behavioral advertising cookies.