Warning
🚧 Work in Progress: This page is currently under construction. Content may be incomplete or subject to change. To contribute, see the contribution guide.
Compliance
Info
Template: This page should be filled with compliance obligations relevant to the Technology department.
LGPD (Brazilian Data Protection Law)
LGPD applies to Patria as a controller of personal data of investors, employees, and partners.
Technology department responsibilities:
- Map personal data in systems and pipelines (see LGPD in Data)
- Ensure appropriate access controls
- Support data subject rights (access, deletion, portability)
- Report security incidents within the legal timeframe
CVM / Regulatory
(Describe specific regulatory obligations for asset managers that impact Technology.)
Audits
| Type | Frequency | Owner | Last conducted |
|---|---|---|---|
| IAM access review | Quarterly | Infra / IAM | (fill in) |
| Penetration testing | Annual | (fill in) | (fill in) |
| LGPD audit | Annual | (fill in) | (fill in) |