Reis Tecnologia

Privacy Policy

Updated on 2026-04-05

Reis Tecnologia Ltda (Company ID CNPJ: 30.101.677/0001-87), headquartered in Goiânia, GO, values privacy and data security. This policy describes how we handle information in our ERP-to-marketplace integration operations, with a focus on the SHEIN platform and the ENotas ecosystem, in full compliance with the Brazilian General Data Protection Law (LGPD - Law No. 13,709/18) and international standards (GDPR).

1. Scope and Role of Reis Tecnologia

Within the integration ecosystem, Reis Tecnologia acts predominantly as a Data Processor. We process information under the instructions of our clients (Controllers), who use our infrastructure to synchronize catalogs and issue tax documents.

2. Data Categories and Purpose

We collect only the minimum data required for technical execution:

  • Account Data (Sellers): Corporate email, API tokens, and account identifiers for authentication.
  • Order Data (Sales): Items, amounts, and recipient data strictly necessary for issuing NF-e through ENotas.
  • Technical Logs: API request metadata for debugging and security purposes (audit trails).

3. Third-Party API Integrations (SHEIN | ENotas)

Our platform uses official APIs for secure communication:

  • Data Segregation: We ensure that SHEIN order data is not used for any purpose other than the logistics and tax integration requested by the user.
  • Confidentiality: All data received through webhooks or API queries is handled under strict commercial confidentiality.

4. International Data Transfers

Considering the global nature of the SHEIN marketplace, the user acknowledges that data may be transferred to and processed on servers located outside Brazil (including Singapore and the United States), using highly secure cloud infrastructures (Vercel / Google Cloud) holding ISO 27001 and SOC 2 certifications.

5. Information Security (Technical Protocols)

We implement robust security layers:

  • Encryption: Mandatory use of TLS 1.2/1.3 (SSL) in all communications.
  • Hashing: Storage of credentials and tokens using one-way hashing algorithms.
  • Restricted Access: Enforcement of the "Least Privilege" principle for access to backend infrastructure.

6. Retention and Disposal (Data Minimization)

We follow a data minimization policy:

  • End-customer data (PII) is retained only for the period necessary for tax reconciliation and compliance with legal obligations (generally 30 days for active processing).
  • Transaction logs are deleted or anonymized after the applicable technical support retention period.

7. Data Subject Rights and Contact (DPO)

In accordance with Art. 18 of the LGPD, the data subject may request access, correction, or deletion of data. For privacy-related matters or to contact our Data Protection Officer (DPO), please use the official channel:

  • Compliance Email: [wigorpaulo@reisengineering.com.br](mailto:wigorpaulo@reisengineering.com.br)
  • Attention to: Wigor Paulo Magalhães dos Reis (DPO/Data Protection Officer).
  • Reis Tecnologia 2026Software Architecture with Security and Compliance.