OOLii implements a comprehensive Information Security and Cybersecurity framework, aligned with internationally recognized standards and best practices widely adopted in the technology industry, such as ISO/IEC 27001, ISO/IEC 27002, the NIST Cybersecurity Framework, and the principles of security by design and by default.

Scope and Objectives

OOLii’s security measures are intended to:

• Protect information processed through the platform against unauthorized access, alteration, loss, or destruction.

• Ensure operational continuity and the reasonable availability of services.

• Minimize technological, legal, and reputational risks for OOLii and its clients.

Technical and Organizational Measures

The measures implemented include, without limitation:

• Encryption of data in transit using secure protocols (TLS/HTTPS).

• Role-based logical access controls, secure authentication, and credential management.

• Logging and monitoring of relevant activities for incident detection.

• Environment segmentation and application of the principle of least privilege.

• Backup procedures, disaster recovery, and business continuity plans.

• Periodic risk assessments and reviews of security controls.

OOLii acknowledges that no system is completely secure. The User accepts that the use of digital services involves inherent risks and that OOLii does not guarantee the absolute invulnerability of the platform.