Introduction
When you work with Via Codos, you are often giving us access to things that matter enormously to your business — source code, customer data, credentials, and internal systems. This page describes, in plain language, the standard we hold ourselves to in protecting that information. It is a public summary of our practices, not a substitute for the formal Non-Disclosure Agreement (NDA) signed at the start of every client engagement, which contains the full, legally binding terms.
Our Confidentiality Standard
Every Via Codos engagement begins under a signed mutual NDA before any project details, access, or credentials are shared. This is not an optional add-on for larger clients — it is a standard first step for every project we take on, regardless of size.
What We Protect
- Source code and technical architecture
- Business data, customer information, and internal documents
- Login credentials, API keys, and system access
- Project scope, pricing, and business strategy discussed during engagements
- Any other information reasonably understood to be confidential
How We Protect It
- Access on a need-to-know basis. Only engineers directly assigned to your project have access to your systems and code. Access is revoked promptly when a team member rolls off a project.
- Individual confidentiality agreements. Every engineer, designer, and team member at Via Codos signs an individual confidentiality agreement as a condition of employment, independent of the client-facing NDA.
- Secure credential handling. Credentials and access keys are stored using industry-standard secured methods and are not shared over insecure channels such as plain email or chat.
- Encrypted storage and transfer. Client data and source code are stored and transferred using encryption appropriate to the sensitivity of the information involved.
- Controlled environments. Where appropriate, development and testing work is conducted in isolated, access-controlled environments to reduce the risk of unauthorized exposure.
Security-Conscious Development
For clients with elevated security or compliance needs — particularly in healthcare, financial services, and other regulated industries — we can apply additional practices including secure coding standards, dedicated access logging, and support in preparing technical evidence for compliance frameworks such as GDPR, SOC 2, or PCI-DSS. See our Cybersecurity & Compliance service page for details.
Incident Response
In the unlikely event of a security incident affecting client data, Via Codos is committed to prompt investigation, containment, and notification to affected clients in accordance with our contractual and legal obligations.
Your NDA Is Separate From This Page
This page is a public description of our general practices and is intended to build confidence before you engage us — it is not itself a legally binding confidentiality agreement. The actual Non-Disclosure Agreement you sign with Via Codos at project kickoff is the legally enforceable document governing confidentiality for your specific engagement, and its terms will take precedence over anything summarized here.
Questions About Security or Confidentiality
If you'd like to review our standard NDA template before starting a conversation, or have specific security or compliance requirements, contact us directly: Email: info@viacodos.com · WhatsApp: +94 76 904 7552
Questions about how we handle your data?
Contact us directly — we answer these questions plainly, without legal run-around.
