Information Technology Policy

Click here to access the PDF.

 

Review History

Version: Date of Review: History: 
1 06/03/2013 Document creation
2 06/08/2015 Inclusion of items Scope (II), Additional Documentation (III), Concepts and Acronyms (IV), Responsibilities (V) and Outcome Management (VII).
3 08/24/2017 Update of items I. Objective, II. Scope, III. Additional Documentation, IV. Concepts and Acronyms, V. Responsibilities and all sub-items of VI. Guidelines;
Inclusion of item VIII. Miscellaneous.
4 10/29/2019 Updating item II. Scope, V. Responsibilities, VII. Concepts and Acronyms and VIII. General Provisions.
5 12/17/2021 Update of items: I. Purpose, II. Scope, IV. Consequence Management, V. Responsibilities, VI. Concepts and Acronyms.

 

I. Purpose

The purpose of this Information Technology Policy (“Policy”) is to establish guidelines to leverage and sustain the strategies and business objectives of Cielo S.A., its subsidiaries and affiliates, through the management of the Information Technology (“IT”) project portfolio and its technological structure, with efficiency, quality and safety, ensuring long-term sustainability.

II. Scope

All administrators (officers, members of the Board of Directors and members of the Advisory Committees), members of the Audit Board and employees of Cielo S.A., Servinet Serviços Ltda., Aliança Pagamentos e Participações Ltda. and Stelo S.A., hereinafter referred to as “Company”.

All the Company’s Subsidiaries must define their directions based on the guidelines set forth in this Policy, considering the specific needs and the legal and regulatory aspects to which they are subject.

With respect to the Affiliated Companies, the Company’s representatives who act in managing its Affiliated Companies must make every effort to define their directions based on the guidelines set forth in this Policy, considering the specific needs and the legal and regulatory aspects to which they are subject.

III. Guidelines

1. Protecting Cielo’s operations by reducing incidents and impacts on the public that has a relationship with the Company and ensuring that all services are available from the standpoint of IT, network and processing capabilities, continuity and monitoring.

2. Ensuring that the best value for money is obtained from the set of IT projects, services, and processes, keeping Cielo’s IT project portfolio up to date, monitoring and controlling delivery costs, deadlines, resources, and quality.

3. Managing Cielo’s IT and Projects area by assimilating and empowering teams, improving systems development processes and methodologies to make IT deliveries faster and more focused on the client.

4. Providing information for strategic decision-making and aligning the IT and Project areas to the business, by advancing capture solutions, new platforms, best practices of Software Engineering and Architecture, indicators panel, project portfolio, integrated view of IT processes and solutions.

5. Ensuring the compliance and reliability of Cielo’s infrastructure of services through good practices, international standards and/or certifications, periodically monitoring recommendations and requirements.

6. Ensuring the continuity of the organization’s operations in case of prolonged unavailability of resources to support these operations (POS, information systems, facilities, people and information).

IV. Consequence Management

Employees, suppliers or other stakeholders who observe any deviations from the guidelines of this Policy may report the fact to the Ethics Channel through the channels below, with the option of anonymity:

Internally, non-compliance with the guidelines of this Policy gives rise to the application of accountability measures for agents who fail to comply with it, according to the respective severity of the non-compliance, and in accordance with internal regulations

V. Responsibilities

  • Administrators and Employees: Observe and ensure compliance with this Policy and, when necessary, call the Vice Presidency of Consumer Experience for consultation on situations involving conflict with this Policy, or upon the occurrence of situations described herein.
  • Vice-Presidency of Customer Experience: Comply with and enforce the guidelines set forth in this Policy, keep it updated to ensure that any changes to its guidance are incorporated hereto, and clarify doubts regarding its content and application.

VI. Additional Documents

VII. Concepts and Acronyms

  • Affiliated Companies: companies in which the Company holds 10% (ten percent) or more of their capital, without, however, controlling them, under the terms of article 243, paragraph 1 of the Brazilian Corporation Law.
  • Subsidiaries: companies in which the Company, directly or indirectly, holds partner or shareholder rights that assure it, on a permanent basis, preponderance in the corporate decisions and the power to elect the majority of the managers, under the terms of article 243, paragraph 2 of the Brazilian Corporation Law.
  • Stakeholders: All relevant target audiences with interests pertinent to the Company, as well as individuals or entities that assume some type of risk, direct or indirect, with respect to the Company. Among others, the following are highlighted: shareholders, investors, employees, society, clients, suppliers, creditors, governments, regulatory bodies, competitors, press, associations and class entities, users of electronic means of payment, and non-governmental organizations.

VIII. General Provisions

Cielo’s Board of Directors is responsible for amending this Policy whenever necessary.

This Policy takes effect on the date of its approval by the Board of Directors and revokes any contrary documents.