Innovasoft
Innovasoft Privacy and Data Processing Policy
1. Introduction
At Innovasof, we value and respect user privacy. This privacy policy describes how we collect, use, and protect users' personal data in accordance with the data protection laws applicable in the countries where we operate: Peru, Ecuador, Spain, Nicaragua, Honduras, Colombia, El Salvador, Panama, the Dominican Republic, Chile, Uruguay, Paraguay, Bolivia, Argentina, Costa Rica, Mexico, and Guatemala. We also have offices in the United States, Colombia, Costa Rica, Chile, and Panama.
2. Contact Information
Our website address is https://www.innovasof.com. For any inquiry related to data protection, you may contact us at privacidad@innovasof.com.
3. Purpose of Data Collection
- Send information about our products and services: We use data to keep users informed about our latest offers, product updates, and services that may be of interest to them.
- Provide relevant content related to our products: Data allows us to provide personalized and relevant content to users, improving their experience with our brand.
- Contact users to provide additional information: Our commercial team may use the data to contact users and provide more detailed information about our products and services.
4. Data Collection Methods
- Social media advertising: We use platforms such as Facebook, LinkedIn, Instagram, and Twitter to promote our products and collect data from interested users.
- Google Ads: Our advertising campaigns on Google allow us to attract traffic to our website and capture data from potential customers.
- Digital advertising: This includes banners and ads on websites and digital platforms.
- Email marketing: We send emails to registered users to inform them about our offers, updates, and relevant content.
- Other digital marketing methods: We use various digital marketing strategies to attract and capture data from users interested in our products.
- Cold outreach: Our sales representatives may contact potential customers directly through phone calls or unsolicited emails to offer information about our products and services.
5. Types of Data Collected
- Full name: To uniquely identify our users.
- Mobile and business phone numbers: To establish direct and timely communication with our users.
- Business email address: To send information and updates directly to the user's inbox.
- Job title: To better understand the user's role within their company and personalize communication.
- Company name: To identify the organization to which the user belongs.
- Company size: To adapt our offers and communications according to the size of the user's company.
Note: We do not collect sensitive data.
6. Consent
Consent for the collection and use of personal data is obtained when users agree to leave their data in our forms. We ensure that consent is explicit and informed by providing clear data policies in our forms and website. Users may also withdraw consent at any time by contacting us through the provided channels.
7. User Rights
Users have the right to access, correct, or delete their personal data. These requests may be made by email at privacidad@innovasof.com. We commit to:
- Provide access to the personal data we hold about the user.
- Correct any inaccurate or incomplete data.
- Delete the user's personal data upon request, unless we are required to retain it for legal or legitimate reasons.
8. Procedure for Handling Access, Correction, or Data Deletion Requests
- Request receipt: Users may send requests to privacidad@innovasof.com. We will confirm receipt of the request within a maximum of 24 hours.
- Identity verification: We may request additional information when necessary to verify the identity of the requester and ensure they are authorized to make the request.
- Request evaluation: We review the request and determine whether it complies with legal requirements and internal policy. We verify the requested information in the CRM and prepare the data for access, correction, or deletion.
- Action and response: We provide access to the data, perform the requested correction, or delete the personal data as applicable. We notify the requester of the action taken and provide confirmation.
- Deadlines: We respond to requests within 30 business days. If more time is required, we inform the requester of the reasons and the additional time needed.
9. Data Security
We implement security measures to protect personal data against unauthorized access, loss, or destruction. These measures include:
- Encryption: We use data encryption both in transit and at rest to protect sensitive information from unauthorized access.
- Access control: We implement two-factor authentication (2FA) and role-based access permissions to limit access to sensitive data to authorized personnel only.
- Monitoring and auditing: We implement continuous monitoring systems to detect and respond to suspicious activity. We conduct regular security audits to identify and correct vulnerabilities.
- Training: We provide regular data protection and information security training to all employees.
10. Procedure in Case of a Data Breach
In the event of a data breach, we follow a specific procedure to handle the situation efficiently and minimize its impact:
- Detection and containment: We detect data breaches through our monitoring systems and contain the breach to prevent further exposure of data.
- Impact assessment: We assess the nature and scope of the breach, identifying compromised data and associated risks.
- Notification: We notify the relevant data protection authorities within 72 hours of detecting the breach. We inform affected users, explaining the nature of the breach, the compromised data, and the measures taken to mitigate harm.
- Corrective measures: We implement measures to correct the vulnerability that caused the breach. We review and improve security policies and procedures to prevent future breaches.
11. International Data Transfers
The personal data we collect may be transferred to and stored in other countries where we operate. We ensure that such transfers comply with the data protection laws applicable in those countries. Data is stored in our CRM and is not shared with third parties unless necessary to comply with legal or contractual obligations.
12. Data Retention and Deletion
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. We implement specific policies for the secure deletion of personal data using secure erasure techniques such as disk wiping. Users may request deletion of their data at any time, and we will comply unless we are required to retain the data for legal reasons.
13. Use of Cookies
We use cookies and similar technologies to improve the user experience on our website, save preferences, and analyze traffic. Cookies allow us to remember information about user visits, making navigation easier and providing a more personalized experience. Users may manage cookie preferences through a banner on our website or by configuring their browser to reject cookies.
14. Embedded Content from Other Websites
Articles on this site may include embedded content, such as videos, images, articles, and similar materials. Embedded content from other websites behaves exactly as if the visitor had visited the other website directly. These websites may collect data about the user, use cookies, embed additional third-party tracking, and monitor interaction with that embedded content, including interaction tracking if the user has an account and is logged into that website.
15. Legal Considerations by Country
Each country has its own laws and regulations regarding personal data protection that we must comply with. Some applicable regulations are summarized below:
- Peru: Personal Data Protection Law (Law No. 29733).
- Ecuador: Organic Law on Personal Data Protection.
- Spain: General Data Protection Regulation (GDPR).
- Nicaragua: Personal Data Protection Law.
- Honduras: Regulations requiring informed consent.
- Colombia: Statutory Law 1581 of 2012.
- El Salvador: Constitution and Law Regulating Credit History Information Services.
- Panama: Law 81 of 2019 on Personal Data Protection.
- Dominican Republic: Law 172-13 on Personal Data Protection.
- Chile: Law on the Protection of Private Life (Law 19.628).
- Uruguay: Personal Data Protection Law (Law 18.331).
- Paraguay: Law 1682/01 and its amendment, Law 1969/02.
- Bolivia: General privacy and information protection principles.
- Argentina: Personal Data Protection Law (Law 25.326).
- Costa Rica: Law on the Protection of Individuals Regarding the Processing of Personal Data (Law No. 8968).
- Mexico: Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP).
- Guatemala: Legal doctrine of the Constitutional Court regarding consent for the use of personal data.
Privacy Policy Updates
We will inform users of any changes to this policy through our website and other appropriate channels. Significant changes will be communicated effectively and in advance.
