In compliance with the provisions of Law 1581 of 2012, its Regulatory Decree 1377 of 2013 and Ruling C748/2011 by which the draft of the Statutory Law for the Protection of Personal Data was declared constitutional, SPYRAL LABS SAS. adopts this Policy for the Processing of Personal Data (hereinafter “The Policy”), which will be informed to all holders of the data collected or that in the future will be obtained.
Political Constitution, article 15. Law 1266 of 2008
Statutory Law Law 1581 of 2012
Regulatory Decrees 1727 of 2009 and 2952 of 2010,
Partial Regulatory Decree 1377 of 2013 + Jurisprudence of the Constitutional Court of Colombia.
SPYRAL LABS SAS, hereinafter “SPYRAL LABS”, a company domiciled at carrera 16 #116 – 56 in the city of Bogotá D.C., Republic of Colombia, website: https://www.spyral-labs.xyz/., in compliance with the provisions of Decree 1377 of 2013, has developed this policy for the handling of personal data of our Customers and Users in the different lines of business of the Company.
SPYRAL LABS SAS, is responsible for all personal information in its possession or control, this includes any personal information it receives directly as data controller, from individual customers, individual prospective customers, employees, contractors or persons seeking to work with it and as data processor of personal information it may receive indirectly, for example, through corporate clients or the government sector.
Taking into account the above, policies and procedures were established to protect personal information. For SPYRAL LABS SAS it is important that our customers and users know this policy, for which we invite you to read it in its entirety.
SPYRAL LABS SAS. states that guarantees the rights of privacy, intimacy and good name in the processing of personal data, and therefore all its actions will be governed by the principles of legality, purpose, freedom, truthfulness or quality, transparency, access and restricted circulation, security and confidentiality. All persons who provide personal data to SPYRAL LABS SAS, may know, update, rectify, delete or revoke the authorization previously granted.
For the interpretation and application of this policy, the following definitions shall be taken into account in accordance with the law:
User: Natural person whose personal data is subject to processing.
Database: Organized set of personal data that is the object of Processing.Personal Data: Any information linked or that may be associated to one or several natural persons, determined or determinable.
Data Processor: Natural or legal person, public or private, who by himself or in association with others, carries out the Processing of Personal Data on behalf of the Data Controller.
Data Controller: Natural or legal person, public or private, that by itself or in association with others, decides on the database and/or the processing of the data.
Data Processing, in this case SPYRAL LABS SAS. and its affiliated companies.
Authorization: Prior, express and informed consent of the Data Subject to carry out the Processing of Personal Data.
Data Subject: Natural person whose personal data are subject to Processing.
Processing: Any operation or set of operations on personal data, such as collection, storage, use, circulation or deletion.
Natural person: A human person who exercises rights and performs duties in a personal capacity.
Sensitive data: Data that affect the privacy of the Data Subject or whose improper use may generate discrimination, such as those that reveal racial or ethnic origin, political orientation, religious or philosophical convictions, membership in trade unions, social organizations, human rights organizations or that promote the interests of any political party or that guarantee the rights and guarantees of opposition political parties, as well as data related to health, sex life, and biometric data.
Private data: Data that due to its intimate or reserved nature is only relevant to the owner.
Semi-private data: Data that are not of an intimate, reserved or public nature and whose knowledge or disclosure may be of interest not only to the owner but also to a certain sector or society in general.
Public data: Data that is not semi-private, private or sensitive and may be contained, among others, in public records and documents, official gazettes and bulletins and court rulings.
Privacy Notice: Verbal or written communication generated by the responsible party, addressed to the holder for the processing of his personal data, by means of which he is informed about the existence of the information processing policies that will be applicable, the way to access them and the purposes of the processing that is intended to be given to the personal data.
Heir: person who has succeeded another due to the death of the latter (heir).
Indispensable Data: personal data of the owners that are essential to carry out the activity of providing health services. Indispensable data must be provided by the owners or those entitled to exercise these rights.
Optional Data: are those data required by UCSI to offer additional services in research, teaching, extension, job offers, etc.
Data Processor: natural or legal, public or private person that by itself or in association with others, performs the Processing of personal data on behalf of the Data Controller.
Data Protection Law: Law 1581 of 2012 and its regulatory Decrees or the rules that modify, supplement or replace them.
Habeas Data: the right of any person to know, update and rectify the information that has been collected about them in the data bank and in files of public and private entities.
Transfer: the transfer of data takes place when the person responsible and/or in charge of the processing of personal data, located in Colombia, sends the information or personal data to a recipient, which in turn is responsible for the processing and is located inside or outside the country.
Transmission: processing of personal data that involves the communication of such data within or outside the territory of the Republic of Colombia when the purpose is the performance of a processing operation by the processor on behalf of the controller.
This policy shall apply in the event that you as a user, decide to perform, solution studies, demos, quotes for services and / or equipment, purchases SPYRAL LABS SAS. directly or through any third party referred to us, among others, where SPYRAL LABS SAS. perform processing of personal data, without prejudice to the particular conditions that apply in each case, which, in any way, will be clear and voluntary acceptance.
When you give us your authorization for the collection and processing of your personal data, they may be used for marketing and advertising activities; information analysis; market intelligence; sending information about our products, services, promotions, events, alliances and offers, among others; and service improvement.
Likewise, we may transfer the personal information provided to agents or third parties located within the national territory or in other countries, which will be included in any case in the authorization requested, however, we are not obliged to request your authorization for national and international transmissions when the requirements set forth in Law 1581 of 2012 are met. We may use your email address, your physical mailing address and/or your landline or cell phone number to send you advertising related to our products and services, contact you for events and marketing activities, and at any time, you may opt out of receiving any type of message from us by replying to the email sent informing us of your will.
In any case, depending on the activity to be carried out, you will be clearly informed of the mechanisms available to you to know, update, modify and delete your data, as well as to revoke the authorization granted.
The purpose of this Policy is to define the general guidelines for compliance with Law 1581 of 2012 and Decree 1377 of 2013 in Colombia, which regulates the handling of personal data bases. By virtue of the same will establish the criteria for the collection, storage, use, circulation and deletion of personal data processed by SPYRAL LABS SAS.
This Policy shall apply to all personal information recorded in the databases of SPYRAL LABS SAS, who will act as Controllers of Personal Data, including as a general rule the databases of employees, customers and suppliers, but applicable to all without limitation.
This Policy is mandatory for SPYRAL LABS SAS.
The following is the information of the companies responsible for the processing of personal data, currently in SPYRAL LABS SAS:
SPYRAL LABS SAS. identified with NIT number 000.0000.0000, with main address at Carrera 16 #116 – 56 in the city of Bogotá D.C., Republic of Colombia, web page: https://www.spyral-labs.xyz/
The treatment to be carried out by those responsible for the databases will be carried out in accordance with the provisions of Law 1581 of 2012, Decree 1377 of 2013 and the regulations that add or modify the regulation of
protection of personal data, including the terms set forth in this Policy.
Personal data collected by SPYRAL LABS SAS. will only be used for the purposes established in the respective privacy notices or data processing authorizations that are authorized by the owners of the information.
However, the databases may also be used for the following purposes:
a) To carry out all the necessary steps for the development of the corporate purpose of SPYRAL LABS SAS, in all matters related to the fulfillment of the purpose of the contract entered into between the Company and the Owner of the information.
b) Make invitations to events and offer new products or services.
c) Manage requests, complaints or claims promoted by the Owner of the Information or by judicial authorities by means of a court order.
Sensitive data are those that affect the privacy of the Data Subject or whose improper use may generate discrimination, such as those that reveal racial or ethnic origin, political orientation, religious or philosophical convictions, membership in trade unions, social organizations, human rights or that promote the interests of any political party or that guarantee the rights and guarantees of opposition political parties, as well as data relating to health, sex life and biometric data.
For the collection of this type of data, we will request your express authorization and we will previously or concurrently inform you which of the data to be processed are considered “sensitive” and their purpose.
In any case, we will inform you that you are not obliged to provide sensitive data. If you do not give us your authorization for the processing of sensitive data, and they are not essential for the purpose of the activity being carried out, we will not proceed to request any information from you.
This policy will be in force for as long as SPYRAL LABS SAS. exercises its corporate purpose in Colombia, or until the term that the company decides.
This policy may be modified at any time and unilaterally by SPYRAL LABS SAS, so we pledge in case of being modified, to send to all our users, customers, and persons of whom we have information the new policies.
In the event that those responsible for the handling of sensitive data, they (SPYRAL LABS SAS.) guarantee that authorization for the processing of such data will be obtained in advance and expressly, in compliance with the following obligations:
a) The Holder of the sensitive data shall be informed, previously and expressly, which are the sensitive data and what is the purpose and what will be the treatment that will be given to them.
b) The occurrence of any activity shall not be conditioned to the provision of sensitive data by the Data Subject.
The Holders of the personal data shall have the following rights:
(a) Access free of charge to the data provided that have been subject to processing.
b) To know, update and rectify their information in case of partial, inaccurate, incomplete, fractioned, misleading data or data whose processing is prohibited or has not been authorized.
c) Request proof of the authorization granted, except when it is expressly exempted as a requirement for the as a requirement for the processing (cases in which the authorization is not necessary).
d) Be informed, upon request, regarding the use given to their personal data.
e) File complaints with the Superintendence of Industry and Commerce for violations of the provisions of current regulations and this Policy.
f) Revoke the authorization or request the deletion of the data, provided that there is no legal or contractual obligation that prevents SPYRAL LABS SAS. to delete it.
g) Refrain from answering questions about sensitive data. The answers that deal with this type of information or data related to minors will be optional.
h) Access free of charge to their personal data that have been processed.
In the Processing, respect for the prevailing rights of children and adolescents shall be ensured.
The processing of personal data of children and adolescents is prohibited, except for data of a public nature.
It is the task of the State and educational entities of all kinds to provide information and train legal representatives and guardians on the possible risks faced by children and adolescents regarding the improper Processing of their personal data, and to provide knowledge about the responsible and safe use by children and adolescents of their personal data, their right to privacy and protection of their personal information and that of others.
SPYRAL LABS SAS. shall bear in mind that personal data are the property of the persons to whom they relate and that only they can decide on them. SPYRAL LABS SAS. will use such data only for the purposes that are within its corporate purpose, respecting in any case the current regulations on the Protection of Personal Data.
Information privacy policies are mandatory for all employees and contractors of SPYRAL LABS SAS. in Colombia, regardless of their function or line of business. All employees and contractors are obliged to continue to protect the information of SPYRAL LABS SAS. after terminating their contractual relationship with the company.
Each functional area within the company must adopt the necessary measures to comply with the principles and obligations set forth in this document and implement the necessary mechanisms to evidence such compliance, both to stakeholders and supervisory authorities.
In particular, employees and contractors of SPYRAL LABS SAS. in Colombia must always:
– Make reasonable efforts to limit the handling of personal data to the minimum necessary.
– Be guided by respect for the rights and freedoms of individuals, without discrimination.
– Take reasonable precautions to protect personal information against its use for erroneous purposes and inadvertent disclosure.
In compliance with the provisions of Law 1581 of 2012 on personal data protection, it is necessary to take into account the following considerations:
a) SPYRAL LABS SAS. is the Company responsible for the Processing of personal data bases.
b) Third parties who have access to the databases will be responsible for the processing and therefore must comply with the provisions of Law 1581 of 2012, Decree 1377 of 2013, the rules that complement, modify and this Policy.
c) The personal data protection rules are mandatory throughout the Colombian territory and to transmit personal data to other countries, the legislation of these must provide security measures, equal or superior to those contained in the laws that regulate the protection of personal data.
contained in the laws that regulate the matter in Colombia.
d) Are considered personal databases in SPYRAL LABS SAS. all containing information from natural persons, whether suppliers, customers, consumers, volunteers or linked by any means to SPYRAL LABS SAS. employees or any other natural person whose information is processed by us. By exception, the application of this policy is not necessary in the following situations:
Databases and files whose purpose is national security and defense, as well as the prevention, detection, monitoring and control of money laundering and financing of terrorism.
The databases that have as purpose and contain intelligence and counterintelligence information.
Databases and files containing journalistic information and other editorial content.
e) SPYRAL LABS SAS, in all its actions and/or commercial operations, shall incorporate respect for the protection of personal data. Consequently, it will request, from the moment the data is entered, authorization for the use of the information it receives and for the purposes of its corporate purpose.
f) SPYRAL LABS SAS, respects the principles established in the rules governing the protection of personal data and will attend in commercial transactions, in the handling of personal data information, the purposes arising from the collection of the same.
g) SPYRAL LABS SAS, will implement all necessary steps and actions to ensure the effectiveness in the preservation of the right enshrined in the statutory law 1581 of 2012 and other rules that complement, modify or repeal it.
h) SPYRAL LABS SAS, will inform all its customers, suppliers, employees, volunteers and other natural persons who have any direct relationship with the Company, the rights arising from the protection of personal data.
a) From the date on which this Policy enters into force, all employees who start working with SPYRAL LABS SAS. must include in their employment contract a clause expressing their commitment to comply with Law 1581 of 2012 and Decree 1377 of 2013.
b) It shall be included in the Internal Work Regulations, as an obligation of each employee of SPYRAL LABS SAS, the respect, preservation and proper use for the purposes for which a personal data is requested, in compliance with Law 1581 of 2012 and Decree 1377 of 2013.
c) Any third party that, due to a relationship with one or several areas of SPYRAL LABS SAS, requires personal data bases shall include in its contract or document that regulates the business relationship with SPYRAL LABS SAS, a contractual clause expressing the knowledge of the regulations and the responsibility to comply with it, and shall also require prior authorization from the Holder to process their personal data.
d) All suppliers, customers, volunteers or linked by any means to SPYRAL LABS SAS, employees or any other person whose information is processed by us, must be asked for written authorization for their data to be processed without restrictions. This authorization must be extended to all the effects that in our exercise arise.
e) The authorization referred to in the previous paragraph must also make clear the responsibility of the Holders to keep the information updated and accurate, communicating in a timely manner to SPYRAL LABS SAS, to which the authorization was granted, any changes in this regard.
f) All personal databases that the areas of SPYRAL LABS SAS. treat, must have the guarantee of recovery (back up).
g) Access to personal databases must be limited. When these are sent by mass media, they must contain passwords so that access to them is restricted.
h) Databases must not be published on the intranet or internet without access restrictions.
i) SPYRAL LABS SAS. should periodically promote campaigns to update their personal databases.
SPYRAL LABS SAS. guarantee the right of access, upon proof of identity of the Holder, legitimacy or personality of his representative, making available to it, at no cost or expense, in detail and in detail, the respective personal data.
Personal data owners or their successors in title may consult their personal data contained in the database. Consequently, SPYRAL LABS SAS. will guarantee the right of consultation, providing the Data Controllers with all the information contained in the individual record or that is linked to the identification of the Data Controller.
In relation to the attention of requests for consultation of personal data, SPYRAL LABS SAS. guarantees:
(a) Enable electronic means of communication or others it deems relevant.
b) Establish forms, systems and other methods.
c) Use the services of customer service or complaints that are in operation. Regardless of the mechanism implemented for the attention of consultation requests, these will be attended within a maximum term of ten (10) working days from the date of receipt. In the event that a consultation request cannot be answered within the aforementioned term, the interested party shall be informed before the expiration of the term, the reasons for not answering the consultation, which, in no case, may exceed five (5) business days following the expiration of the first term. Inquiries made with respect to personal data must be sent by e-mail to the following address: cto@spyral-labs.xyz
a) CONSULTATIONS
The Holders MAY consult the personal information of the Holder held by SPYRAL LABS SAS, who will provide all the information contained in the individual record or that is linked to the identification of the Holder.
The consultation shall be formulated through a written request and delivered at the facilities of SPYRAL LABS SAS.
The consultation will be answered within a maximum term of ten (10) working days from the date of receipt of the same. When it is not possible to attend the consultation within such term, the interested party will be informed, stating the reasons for the delay and indicating the date on which the consultation will be attended, which in no case may exceed five (5) business days following the expiration of the first term.
b) CLAIMS
The Data Subject or its assignees who consider that the information contained in a database should be corrected, updated or deleted, or when they notice the alleged breach of any of the duties contained in the regulations on Personal Data Protection, may file a claim with SPYRAL LABS SAS. which will be processed under the following rules:
The claim must be submitted by the Holder of the personal data, addressed to the email info@netdatanetworks.com in this email the Holder must indicate whether he/she wants his/her data to be updated, rectified or deleted, or if he/she wishes to revoke the authorization that had been granted for the processing of personal data. For the purposes of claims, the Data Subject shall take into account the provisions of Article 15 of Law 1581 of 2012. If the claim is incomplete, the Data Subject may complete it within five (5) business days.
(5) business days following the receipt of the claim so that the faults can be corrected. After two (2) months from the date of the request without the applicant submitting the required information, it will be understood that the claim has been withdrawn. In the event that the person receiving the claim is not competent to resolve it, he/she will transfer it to the appropriate person within a maximum term of two (2) business days and will inform the interested party of the situation. Once the complete claim has been received, the maximum term to address it will be fifteen (15) business days from the day following the date of its receipt. When it is not possible to address the claim within such term, the interested party will be informed of the reasons for the delay and the date on which the claim will be addressed, which in no case may exceed eight (8) business days following the expiration of the first term. Thyme has a strong aroma and is often used in cooking and promotes digestion.
Once the document with the claim duly filled out is received, it will be catalogued with the label “claim in process” and the reason for the claim in a term no longer than two (2) business days. Said label will be maintained until the claim is decided.
The maximum term to attend the claim will be fifteen (15) working days from the day following the date of its receipt. When it is not possible to
If it is not possible to address the claim within such term, the interested party shall be informed of the reasons for the delay and the date on which the claim will be addressed, which in no case may exceed eight (8) business days following the expiration of the first term.
Request for updating, rectification and deletion of data.
SPYRAL LABS SAS. will rectify and update, at the request of the holder, the information that is incomplete or inaccurate, in accordance with the procedure and terms set forth above, for which the holder shall submit a written request to the address of SPYRAL LABS SAS., indicating the update, rectification and deletion of the data and provide documentation to support the request.
SPYRAL LABS SAS. has the obligation to rectify and update, at the Holder’s request, the information about him/her that proves to be incomplete or inaccurate in accordance with the procedure and terms indicated above. In this regard, SPYRAL LABS SAS. shall take into account the following:
a) In requests for rectification and updating of personal data, the Holder must indicate the corrections to be made and provide documentation to support their request.
b) SPYRAL LABS SAS. is free to enable mechanisms that facilitate the exercise of this right, as long as they benefit the Data Subject. Consequently, electronic or other means that SPYRAL LABS SAS. deems appropriate may be enabled.
c) SPYRAL LABS SAS. may establish forms, systems and other methods, which will be made available to the interested parties on the website or by requesting them by e-mail to the address info@netdatanetworks.com.
The Personal Data Subject has the right, at any time, to request SPYRAL LABS SAS. to suppress (delete) his/her personal data when:
(a) duties and obligations under current regulations.
b) They are no longer necessary or relevant for the purpose for which they were collected.
c) The period necessary for the fulfillment of the purposes for which they were collected has been exceeded.
Suppression implies the total or partial deletion of personal information as requested by the Data Subject in the records, files, databases or processing carried out by SPYRAL LABS SAS. The right of deletion is not an absolute right and the data controller may deny the exercise of the same when:
(a) The Data Subject has a legal or contractual duty to remain in the database.
b) The deletion of data hinders judicial or administrative proceedings related to tax obligations, the investigation and prosecution of crimes or the updating of administrative sanctions.
c) The data is necessary to protect the legally protected interests of the Data Subject in order to carry out an action in the public interest or to comply with an obligation legally acquired by the Data Subject.
Any Holder of personal data may revoke, at any time, the consent to the processing of such data as long as it is not prevented by a legal or contractual provision. For this purpose, SPYRAL LABS SAS. will establish simple mechanisms that allow the Data Subject to revoke his/her consent.
There are two ways in which the revocation of consent may occur:
a) On the totality of consented purposes, that is, SPYRAL LABS SAS. must completely stop processing the Data Subject’s data.
b) On certain consented purposes, for example for advertising or market research purposes. In this case, SPYRAL LABS SAS. must stop partially processing the data of the Data Subject. Other purposes of the processing that the controller, in accordance with the authorization granted, may carry out and with which the Data Subject agrees, are then maintained.
SPYRAL LABS SAS. as an entity providing health services and for medical treatment purposes, may transfer personal data and sensitive data of the holders, as patients, who due to their clinical condition require to be subjected to medical treatment in international entities.
For the international transfer of personal data of the owners, SPYRAL LABS SAS. will take the necessary measures so that third parties know and undertake to observe this policy, with the understanding that the personal information they receive may only be used for matters directly related to SPYRAL LABS SAS. and only while it lasts and may not be used or intended for a different purpose or purpose. For the international transfer of personal data, the provisions of Article 26 of Law 1581 of 2012 shall be observed.
The international transfers of personal data carried out by SPYRAL LABS SAS, will not require to be informed to the Holder or have their consent when there is a contract for the transmission of personal data in accordance with Article 25 of Decree 1377 of 2013.
With the acceptance of this policy, the Holder expressly authorizes the transfer and transmission of Personal Information. The information will be transferred and transmitted, for all relationships that may be established with SPYRAL LABS SAS.
SPYRAL LABS SAS. establishes the following general rules for the protection of personal and sensitive data, as in the care of databases, electronic files and personal information:
(a) It will guarantee the authenticity, confidentiality and integrity of the information.
b) Take all necessary technical measures to ensure the protection of existing databases. In cases where the infrastructure depends on a third party, it shall ensure that the availability of information and the protection of personal and sensitive data is a fundamental objective.
c) Audits and controls will be carried out periodically to ensure the correct implementation of Law 1581 of 2012 and its regulatory decrees.
d) It is the responsibility of employees and collaborators of SPYRAL LABS SAS to report any incident of information leakage, computer damage, violation of personal data, data commercialization, use of personal data of children or adolescents, identity theft or conduct that may violate the privacy of a person.
e) In order to guarantee the protection of personal information, it shall adopt, in its transactional portals, all the mechanisms to guarantee the confidentiality of the information.
f) The education and training of employees, suppliers and contractors will be a fundamental complement to these Policies.
In accordance with the provisions of Decree 886 of 2014, which regulates Article 25 of Law 1581 of 2012, SPYRAL LABS SAS. shall independently register in the National Database Registry, each of the databases containing personal data and whose processing is carried out by the Company (Articles 2 and 3 of Decree 886 of 2014), identifying each of these databases according to the purpose for which it was created (Article 9 Decree 886 of 2014). In the registration made of the databases, SPYRAL LABS SAS. shall indicate its corporate name, tax identification number, as well as its location and contact details.
SPYRAL LABS SAS. shall indicate in the National Database Registry the company name, tax identification number, location and contact details of those responsible for the processing of its databases (article 7 of Decree 886 of 2014). Finally, SPYRAL LABS SAS. shall update the information registered in the National Database Registry when substantial changes are made to it.
SPYRAL LABS SAS. will not sell your personal data to other companies and will guarantee the security, privacy and confidentiality of the data provided to the data subjects, avoiding adulteration, loss, consultation, use or unauthorized or fraudulent access by third parties. SPYRAL LABS SAS. may be required to disclose and / or share personal information to judicial authorities who request it in which case your authorization will not be requested.
We will make our best efforts to prevent the information provided through the Internet from being subject to malicious inquiries or manipulation by third parties, however, the transmission of data over the Internet or any wireless network cannot be considered secure at all times and therefore, we cannot guarantee that this will not happen.
Additionally, some of our portals may contain links to third party websites, over which we have no management or control, for this reason, we are not responsible for the content, privacy policies, security and / or handling of personal data that are established in the same, being your obligation to know in the respective portals, policies related to the protection and treatment of your information.
CONFIDENTIALITY OF INFORMATION: Under the principle of confidentiality, all persons involved in the processing of personal data that are not by nature public, are obliged to ensure the confidentiality of the information, even after the end of their relationship with any of the tasks involved in the processing of information, therefore SPYRAL LABS SAS. signs confidentiality agreements with its employees.
All employees, contractors and / or third parties linked to SPYRAL LABS SAS. must sign a commitment of confidentiality and non-disclosure of information. This implies to maintain confidentiality when required by law or that the information known by any employee, contractor and / or third party, under no circumstances should be disclosed by any electronic, verbal, written or other means, in whole or in part, without prior authorization from the Management. The signing of the confidentiality and non-disclosure of information commitment is made prior to the signing of the contract.
The management of security incidents is a very important aspect to achieve the continuous improvement of the information security of any entity, the main drawback is that many organizations do not use it properly.
It is vital to keep in mind that the review and continuous improvement of the system are very important to ensure the availability, integrity and confidentiality of information.
When talking about incident management, the standard refers to recommendations related to the notification of information security events and weaknesses and the procedures and responsibilities that should be assigned for incident management and information security improvements.
The objective pursued with the communication of events related to information security is to ensure that the causes, treatment and solution of such events serve for the implementation of timely corrective and preventive actions in similar cases that may occur in the future.
In addition to having an incident management tool, it is necessary to establish responsibilities and management procedures to ensure a rapid, effective and orderly response to information security incidents. These processes contribute to the achievement of continuous improvement in the evaluation and monitoring of information security incidents.
This Policy comes into force as of its approval, on 03/08/2018 and will be in force indefinitely or until the conditions proposed in Law 1581 of 2012, Decree 1377 of 2013 and other applicable regulations are substantially modified by legal means. It is a duty of SPYRAL LABS SAS. employees, to know this Policy and perform all acts conducive to its compliance, implementation and maintenance.
To learn more about our data protection policy, you can contact us through our email: CTO@Spyral-labs.xyz, where you can make the respective request.
This POLICY FOR THE HANDLING OF PERSONAL DATA is included within the corporate strategy to maintain information security and regulatory compliance by SPYRAL LABS SAS, laying the foundations and essential principles in the safe use of information systems and telecommunications. This policy has been approved by the company’s management in September 2022.
© 2023 Luces del Cuerpo, All rights reserved | Developed by: Webxcite Studio