Geopagos recognizes that local legislation in certain countries may impose stricter and/or different standards regarding Personal Data. Local legislation will always be applied and prevail over this Policy if it exceeds, or to the extent it exceeds, the standards of this Policy or imposes stricter requirements.
Anonymization: the use of reasonable and available technical means at the time of processing, by which data loses the possibility of being directly or indirectly associated with an individual.
Minimum Collection: a concept derived from the principle of purpose, which establishes that data collection can only be carried out for a specific purpose and must be informed in advance to the data subjects. From this principle derives the minimization of collection, i.e., the collection is limited to the data necessary to achieve the specific objective.
Controller: a person competent to make decisions related to the processing of personal data. This person can be a natural or legal person, public or private.
Anonymized Data: data related to a data subject that cannot be identified, considering the use of reasonable and available technical means at the time of processing.
Personal Data: information related to an identified or identifiable natural person, which identifies or can identify them.
Sensitive Personal Data: data related to racial or ethnic origin, religious beliefs, political opinions, affiliation with unions or organizations of a religious, philosophical, or political nature, data related to health or sexual life, genetic or biometric data when linked to a natural person.
Processor: a natural or legal person, public or private, who processes personal data on behalf of the controller.
Personal Data Subject: a natural person to whom personal data refers.
International Data Transfer: Transfer of personal data to a foreign country or international organization of which the country is a member.
Processing: any operation carried out with Personal Data, such as collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, evaluation, or control of information, modification, communication, transfer, disclosure, or extraction.
Geopagos may play the role of Controller whenever it comes to the Processing of data from website users, collaborators, contractors, suppliers, partners, and prospects, and/or Processor when it comes to the Processing of data from customers or end users of Geopagos solutions on behalf and on account of the Controllers with whom it enters into agreements to establish the relevant responsibilities and obligations.
Through the Site, Geopagos collects certain Personal Data that can identify you, such as your name, postal address, telephone number, and email address. Geopagos will collect this information when you provide it through the Site. You are responsible for the accuracy of the personal information you provide to Geopagos, and you will be responsible for the consequences of providing false or inaccurate information. You agree that Geopagos may collect your information through cookies and/or tags or any other automated information detection method. The information that Geopagos collects may include browsing behavior, IP address, logs, and other types of information.
The Personal Data collected by Geopagos through the Site may be used for the following purposes:
Communicate with the user through different means;
Customize preferences and visits to our Site;
Comply with and enforce applicable legal requirements; and
Personal Data can only be processed for specific purposes notified to the Data Subjects at the time of collection and for which consent has been obtained, or for any other purpose specifically permitted by applicable law. Personal Data will be collected to the extent necessary for the specific purpose notified to the Data Subject. Any data that is not necessary for that purpose should not be collected. Geopagos ensures that Personal Data is accurate and up-to-date as far as it can be required and is relevant to the purpose in question, within reason.
Only to fulfill the purposes established in this Policy, Geopagos may transfer Personal Data and/or personal information to authorities, clients, suppliers, and subcontractors of Geopagos. In some cases, personal information may be transferred outside the country to countries with different levels of protection. The User understands, consents, and accepts, through this Policy, that their Personal Data may be transferred to other countries, whether or not they have an adequate standard of protection in accordance with current legislation.
Anyone within Geopagos who processes Data must comply with the following principles of good practice. In this regard, Personal Data must be, at all times:
(a) Processed fairly, transparently, and in accordance with the law;
(b) Processed for limited, specific purposes and in an appropriate manner;
(c) Adequate, relevant, and not excessive for the purpose for which they were collected;
(d) Accurate and precise;
(e) Not kept for longer than necessary for the purpose of Processing;
(f) Processed in line with the rights of Personal Data Subjects;
(g) Secure; and
(h) For international transfers of Personal Data, they must be transferred to individuals or organizations in accordance with applicable law.
Maintaining data security involves ensuring the confidentiality, integrity, and availability of Personal Data:
(a) Confidentiality means that only authorized persons can access Personal Data;
(b) Integrity means that Personal Data must be accurate and adequate for the purpose for which it is processed;
(c) Availability means that authorized users must be able to access the Data if they need it for authorized purposes.
Security procedures include:
(a) Entry controls: it must be reported if a stranger is seen in controlled entry areas;
(b) Desks and cabinets with secure locks. Desks and cabinets must remain locked if they contain confidential information of any kind (Personal Data is always considered confidential);
(c) Disposal methods. Paper documents must be shredded. CD-ROMs and other data media must be physically destroyed when no longer in use, and reusable memory storage (such as USB storage devices or flash memory cards on mobile devices) must be erased when the data is no longer needed.
(d) Equipment. Data users must ensure that individual monitors do not display confidential information to passersby and must log out of the PC when it is unattended.
(e) Encryption. Data users must ensure that Personal Data is encrypted or, at the very least, protected by passwords when stored on data media (such as DVDs or USB storage devices) or sent by email externally.
In accordance with applicable law, you may request the exercise of your right of access, rectification, or deletion of your data. In this way, you have the option to send an email to email@example.com to exercise your rights.