LGPD and Security
Accelero's role in compliance with the Brazilian General Data Protection Law (LGPD) focuses on two concrete points:
- Protection against leakage — the personal and sensitive data processed by the platform is protected at rest, in transit, and on access.
- Retention and cleanup — the platform provides purge routines so that data is not stored longer than necessary.
The purposes, legal bases, and retention periods of processing are defined by the customer (data controller); Accelero provides the technical tools to implement them.
The platform's security mechanisms and architecture (authentication, session, RBAC, multi-company isolation, physical access engine, encryption, MQTT, and infrastructure) are consolidated in Security and Architecture.
Personal data protection
Data processed
Common personal data: name, document (CPF/RG), photo, phone, email, and address — most of it optional, depending on the person's record.
Sensitive data:
- ⚠️ Biometrics (fingerprint and facial templates)
- ⚠️ Health data, when entered in customer-configurable custom fields
Access data: entry/exit events, timestamps, locations, and camera images.
Protection mechanisms (leak prevention)
The controls below protect personal data at rest, in transit, and throughout its life cycle:
| Control | What it does |
|---|---|
| Photo encrypted at rest | People's photos are encrypted (AES) on write and decrypted only on read. |
| Photo served with authorization | Images are only delivered to authenticated operators, after authorization is verified on the server. |
| Upload sanitization | Every uploaded image is reprocessed to JPEG and stored outside the web root, removing embedded code. |
| Encrypted QR Code | Access and invitation QR Codes carry data encrypted with a random nonce — they cannot be forged. |
| Irreversible password | Operator passwords in bcrypt: even with database access, they cannot be recovered. |
| Multi-company isolation | An operator only accesses data from the companies they are linked to — another company's data never enters the result. |
| Biometrics removal | Biometric templates can be removed from the person and from the devices. |
Full technical detail (encryption, authentication, session, auditing, MQTT, infrastructure) in Security and Architecture.
Querying, correcting, and deleting a person's data are native operations of the record, and data can be exported to CSV. In practice, this supports handling data-subject requests — whose formal process (channel, deadline, documentation) is defined by the customer.
Data retention and cleanup
Accelero runs automatic purge routines that remove data based on retention time or inactivity — the technical foundation for not storing data longer than necessary.
What gets purged: logs, access events, reports, photos, and inactive records.
How it works:
- Deletion by retention time or inactivity, executed by the maintenance routines.
- Logical deletion (soft delete) before physical removal, preserving the operation trail.
The product does not impose a fixed retention period. Each organization configures the retention periods according to its retention policy and the legal bases applicable to its context. Accelero provides the mechanism; the "how long to keep" rule belongs to the controller.
Responsibilities
Accelero is a tool (software). Responsibility for LGPD compliance is divided as follows:
- Data controller — the customer/organization that uses Accelero.
- Data processor — Iongrade, when applicable, as per contract.
The customer (controller) is responsible for:
- Defining the purpose and legal basis of processing (consent, legitimate interest, legal obligation, etc.).
- Defining retention periods and configuring the purge accordingly.
- Handling data-subject requests.
Iongrade provides:
- Technical tools for data protection and cleanup.
- Security measures to prevent leakage.
- Documentation and support.
Next Steps
- Security and Architecture - Platform security mechanisms
- Standards and Protocols - Supported technical standards