Linkedin Facebook Instagram
Request a Quote

Information Security Policy for Suppliers

  1. Objectives

The main objective of this document is to define the practices and commitments of all suppliers that have a relationship with Idlewild’s information assets, as well as to raise awareness among suppliers about the correct use of the resources made available.

This document also includes the definition of responsibility for supplier actions and related disciplinary actions.

 

1.1 Authors            

The Idlewild Supplier Information Security Policy, as well as its review and maintenance, is the responsibility of the Information Security Management Committee (CGSI).

Questions about the application of this policy or suggestions for changes and improvements can be sent to the members of the Information Security Management Committee (CGSI) at the following email address: cgsi@Idlewildtraducoes.com.br.

 

1.2 Disclosure and Distribution

This information security policy for suppliers must be an integral part of the service provision contract of all Idlewild Information Technology suppliers.

When signing the service provision contract, the supplier assumes full knowledge of and agreement with the guidelines defined in this document.

 

1.3 Version and Revision

This Policy, as well as its General Supplier Guidelines and Responsibilities, may be revised, and a new version must be prepared, approved, disclosed and distributed in the following cases:

  • Significant change to an information asset covered by this policy;
  • Creation of new information assets relevant to this policy;

 

  1. General Supplier Guidelines and Responsibilities

All suppliers are aware of their responsibilities regarding information security in line with the LGPD and undertake to respect this Policy, as well as the documents below, thus confirming their commitment to Idlewild’s information and guidelines:

 

  1. INFORMATION SECURITY RULES AND PROCEDURES FOR SUPPLIERS

The items below describe security guidelines related to Idlewild’s suppliers.

 

3.1 Intellectual Property

  • The supplier is responsible for ensuring the legal compliance of any and all systems or content used during the performance of its service;
  • The supplier is responsible for the intellectual property of the content of the equipment that it brings to Idlewild’s premises;
  • The supplier is responsible for ensuring that the software installed by it does not violate any type of copyright law.

 

3.2 Internet access in the Idlewild environment

  • Idlewild reserves the right to monitor Provider Internet access to ensure proper usage;
  • Idlewild reserves the right to block websites that it considers inappropriate for the company, without prior notice;
  • The Internet access provided by the supplier must have the sole purpose of fulfilling the provision of services to Idlewild.

 

3.3 Mobile Computing

  • The supplier is fully committed to the security of the data on its equipment on Idlewild’s premises;
  • The supplier is responsible for ensuring that the equipment or media it uses has all updated software, is legal, has antivirus software and is free of any type of software that could harm Idlewild’s system assets.

 

3.4 Emails

  • At any time and from any location, the supplier must not forward emails to Idlewild employees whose content is not work-related.

 

3.5 Logical Handling of Information

  • The supplier undertakes to only process information received from Idlewild that is directly related to its service as described in the service provision contract;
  • The supplier undertakes to maintain the complete confidentiality, integrity and availability of the Idlewild information provided to it;
  • Internal disclosure of Idlewild information within the supplier’s company must be formally informed and agreed upon between the parties;
  • The supplier undertakes not to transmit Idlewild information through unsecured communication channels, such as social networks, WhatsApp, etc., which may result in the leakage of this information;
  • The supplier undertakes to properly and securely dispose of Idlewild information at the end of the service or when it is no longer used (whichever occurs first);
  • Idlewild reserves the right to carry out information security audits, previously communicated, on its suppliers.

 

3.6 Logical Storage of Information

  • The storage of Idlewild information by the supplier must be carried out in a secure manner, i.e. with restricted access control by the supplier;
  • Storing data owned by Idlewild on removable media is prohibited.
  • The supplier also undertakes to ensure that Idlewild information will not be tampered with during the storage of media under its responsibility.

 

3.7 Access to Idlewild Systems or Equipment (Local or Remote)

  • The supplier may only access Idlewild’s systems or equipment for support or maintenance, when applicable to the scope of the service, and in these cases access will only be permitted after formal communication;
  • Remote access by all suppliers, when applicable to the scope of the service, must be carried out via secure means (VPN/ controlled access passwords/ controlled and monitored access/private or particular access).

 

3.8 Use of Passwords, applicable to IT suppliers.

  • The supplier must not request, accept or use access passwords from Idlewild employees under any circumstances;
  • Any password used by the supplier must have been created specifically for the related activities as defined and authorized by the Idlewild IT team.
  • Idlewild is responsible for deactivating the supplier’s password. If the supplier identifies that the credential is still active, after the end of the contract or project, they must request its immediate deactivation;
  • The supplier is responsible for the security of the passwords provided to him/her and must immediately notify Idlewild of any loss or leak.

 

3.9 Supplier’s Employees

  • The supplier is responsible for immediately notifying Idlewild of the dismissal of its employees, when they are providing any service or have access credentials to Idlewild systems;
  • The supplier must immediately communicate any change in the list of its employees authorized to provide the service to Idlewild;
  • All employees of the supplier who provide services to Idlewild assume full knowledge of and agreement with the content of this document, as well as the documents described in item 2 above.

 

3.10 Physical Security

  • Supplier is responsible for returning to Idlewild or properly disposing of information when it is no longer needed or at the end of its service;
  • The supplier undertakes to access Idlewild’s physical premises only when duly authorized and accompanied by an Idlewild employee;
  • The supplier may only access Idlewild’s physical environment after approval by Idlewild’s IT team and must be accompanied by an Idlewild employee when carrying out the activity.
  • To remove equipment from Idlewild, for any reason, the supplier must complete the Delivery and Maintenance Term prepared by Idlewild’s IT team.

 

  1. Corrective Actions

Any violation of the guidelines contained in this policy constitutes information security incidents and will be duly recorded and analyzed by Idlewild’s Information Security Management Committee (CGSI).

After analysis by this committee, disciplinary measures will be decided against the supplier, which, in compliance with current legislation, may include:

  • Formal or informal warning;
  • Cancellation of the service provision contract;
  • Legal action or filing of a police report.
  • In case of security incidents, report them immediately to privacy@korntranslations.com

 

Publication Date on the Website: 05/15/2026

Este site usa cookies para garantir que você obtenha a melhor experiência em nosso site.

aceitar