Elipti Inc.
EIN: 12-3456789
Phone: +1 (555) 123-4567
Email: management@elipti.com
At Elipti Inc., we recognize the importance of privacy and the protection of personal data of our clients, employees, suppliers, and other third parties with whom we maintain business relationships. This Privacy Notice is designed to inform clearly and transparently how we collect, use, store, and protect your personal data, in accordance with applicable US privacy laws and regulations. Our commitment is to ensure that the personal information you entrust to us is treated with maximum diligence, security, and respect, ensuring that your rights are always protected and respected.
This document is designed to provide a detailed understanding of our data protection practices and for you, as the data subject, to know your rights and the guarantees we offer you. By using our services, you accept the practices described in this Privacy Notice.
The processing of personal data at Elipti Inc. is strictly regulated by a set of laws and regulations that seek to protect people's privacy and ensure the proper use of their information. Various US federal and state laws establish the general principles for the protection of personal data, defining the obligations of data controllers and the rights of data subjects. Additionally, specific regulations complement these laws, providing specific provisions on the handling of personal data in the context of electronic communications.
The California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR) for EU residents, and other relevant privacy laws are also applicable, as they regulate the handling of personal information of individuals. Furthermore, in situations where international data transfers are made, Elipti Inc. will comply with International Data Protection Standards, ensuring that data is processed according to global security and privacy standards.
Internally, Elipti Inc. has developed Internal Regulations that establish specific procedures and policies for privacy management and data protection, thus ensuring continuous compliance with current regulations and promoting an organizational culture oriented toward the protection of personal information.
To facilitate the understanding of this Privacy Notice, it is essential to define some key terms that are used throughout the document.
Personal Data refers to any information that allows the identification of a natural person, either directly or indirectly. This includes, but is not limited to, full name, identification document number, residential address, email address, and phone number.
Sensitive Data are those personal data that, due to their nature, require special protection because they can affect the privacy of the data subject or lead to discrimination. Examples of sensitive data include health information, religious beliefs, political affiliation, ethnic origin, and sexual orientation.
The Data Subject is the natural person whose personal data is subject to processing. This person has rights recognized by law to control the use and handling of their information.
The Data Controller is Elipti Inc., the entity that decides on the use and handling of personal data, determining the purposes and means of processing.
The Data Processor refers to any natural or legal person who performs the processing of personal data on behalf of the data controller. This may include technology service providers, outsourcing companies, and other third parties who collaborate with Elipti Inc. in handling personal information.
Consent is the free, express, and informed manifestation of will by the data subject to authorize the processing of their personal data for one or more specific purposes. This is a fundamental requirement for data processing, except in cases where the law provides otherwise.
Finally, Data Transfer implies any operation that allows the disclosure, transmission, circulation, or access to personal data to third parties, whether within or outside the national territory. This includes transfers for commercial, operational, or legal reasons.
At Elipti Inc., the processing of personal data is carried out under a series of fundamental principles that seek to guarantee respect and protection of the data subjects' information. These principles are aligned with what is established in applicable privacy laws and constitute the basis of our data handling practices.
The principle of Legality implies that all processing of personal data is carried out in accordance with current laws and regulations, and always with the prior authorization of the data subject, except in exceptional cases contemplated by law.
The principle of Purpose establishes that personal data will be collected only for legitimate, explicit, and clearly informed purposes to the data subject at the time of collection. This ensures that the information is not used for purposes other than those originally agreed upon.
The principle of Freedom guarantees that the processing of data is carried out without coercion or undue pressure on the data subject, respecting their will and decisions regarding the use of their personal information.
The Truthfulness or Quality of data is another essential principle, which obliges Elipti Inc. to ensure the accuracy, clarity, relevance, and updating of personal information. This implies that data must be correct and up-to-date to avoid errors or misunderstandings in its use.
The principle of Transparency ensures that data subjects are informed clearly and completely about the use that will be given to their personal data, promoting a relationship of trust and clarity between the company and individuals.
The principle of Restricted Access and Circulation limits access to personal data only to those authorized persons who require the information to fulfill the established purposes. This prevents improper or unauthorized use of information.
Data Security implies the implementation of technical, human, and administrative measures that protect personal information against unauthorized access, loss, alteration, or improper disclosure.
Finally, the principle of Confidentiality ensures that all personal information is handled with reserve, maintaining confidentiality and avoiding any type of unauthorized disclosure.
These principles guide all activities of Elipti Inc. related to the handling of personal data, ensuring ethical, secure, and law-compliant processing.
At Elipti Inc., we collect a variety of personal data that is necessary for the efficient provision of our services, administrative management, and to maintain a transparent and effective relationship with our clients, employees, and suppliers. The nature of the collected data varies depending on the established relationship and the activities we perform.
We collect Identification Data, such as full name, identification document number, date of birth, and nationality. This data is essential to identify and authenticate the individuals with whom we interact, ensuring that transactions and services are carried out correctly and securely.
We also collect Contact Data, including physical address, email address, and phone number. This information allows us to maintain effective communication with data subjects, send them updates about our services, respond to their inquiries, and provide technical support when necessary.
In the workplace, we collect Employment Data such as position, department, salary information, and employment history of our employees. This data is necessary for human resources management, payroll and benefits administration, as well as for professional development within the company.
Additionally, we handle Financial Data, which includes banking information and billing data. This data is used to process payments, issue invoices, and manage company finances efficiently and transparently.
Regarding our services, we collect Service Usage Data, which covers information about how clients use our systems and services, browsing data, and preferences. This information helps us better understand our users' needs, optimize our services, and personalize each client's experience, ensuring more effective and tailored attention to their specific requirements.
Additionally, in certain circumstances, Elipti Inc. may collect Sensitive Data, always provided that the data subject gives their explicit consent for its processing and that the specific purpose is justified. This data, due to its nature, is treated with an additional level of security and confidentiality, in accordance with what is stipulated by law.
It is important to emphasize that the collection of this data is carried out transparently and with the sole purpose of fulfilling our contractual obligations, improving our services, and maintaining a relationship of trust and respect with all involved parties.
The personal data collected by Elipti Inc. will be used exclusively for the purposes for which they were collected, in accordance with what is established in applicable privacy laws and regulations. Below are detailed the main purposes for which your personal data will be used.
The main purpose of processing your personal data is the provision of our software development, cloud services, and software technical support services. We use your information to design, implement, and maintain technological solutions that respond to your specific needs, ensuring efficient and high-quality service.
The collected data is also used for administrative purposes within the company. This includes contract management, payroll and benefits administration for our employees, as well as supplier and contractor management who collaborate with us in the execution of projects and services.
With your personal data, Elipti Inc. may send you relevant information about our services, promotions, news, and events. This communication aims to keep you informed about improvements and new offerings that may be of interest to you, facilitating a better experience as a client.
It is imperative for Elipti Inc. to comply with all legal and contractual obligations. Therefore, your personal data may be used to respond to legal and judicial requirements, comply with tax and administrative obligations, and ensure compliance with specific regulations in the technology sector.
We implement the processing of your personal data to implement cybersecurity measures, prevent fraud and illicit activities, and ensure the protection of our systems and the information we handle. This includes access monitoring and the use of advanced technologies to safeguard the integrity and confidentiality of your data.
The information collected about the use of our services allows us to conduct internal analyses and studies that contribute to the continuous improvement of our products and services. This includes personalizing the user experience, identifying areas for improvement, and innovation in our technological solutions.
Data processing is also oriented toward research and development of new technologies and solutions. We use the obtained information to explore new business opportunities, develop innovative products, and stay at the forefront of the technology sector, thus ensuring the competitiveness and relevance of Elipti Inc. in the market.
In all these purposes, Elipti Inc. is committed to handling your personal data ethically, securely, and always respecting your rights as the data subject.
In accordance with what is established in applicable privacy laws, data subjects have a series of rights that allow them to control the use and handling of their information. Elipti Inc. respects and guarantees the exercise of these rights, providing effective mechanisms for their realization.
Data subjects have the right to request from Elipti Inc. information about the use being made of their personal data. This includes knowing what data is being processed, for what purpose, and who are the recipients of such information.
It is possible that the personal data we possess may be outdated or incomplete. Data subjects have the right to request the correction of any information that is inaccurate or needs to be updated, thus ensuring the truthfulness and quality of their data.
Data subjects may request evidence of the authorization granted for the processing of their personal data. This right allows them to have proof that they have given their consent for the use of their information in accordance with the purposes described in this Privacy Notice.
Data subjects have the right to be informed about the use made of their personal data, including details about the purposes of processing, the security measures implemented, and the rights they have regarding their information.
At any time, data subjects may revoke the authorization for the processing of their personal data. Additionally, they have the possibility to request the deletion of their data when they consider that the principles, rights, and constitutional and legal guarantees established by law are not being respected.
Data subjects may request a complete copy of their personal data in a structured and commonly used format. They also have the right to request the transfer of their data to another data controller, thus facilitating data portability according to their needs.
These rights are fundamental to guarantee the control and protection of the personal information of data subjects. Elipti Inc. is committed to respecting and facilitating the exercise of these rights, providing the necessary mechanisms for their effective realization.
To ensure that data subjects can exercise their rights effectively, Elipti Inc. has established a clear and accessible procedure. Below is detailed the process that data subjects must follow to request the execution of their rights regarding their personal data.
The data subject may submit their rights exercise request through the following channels:
The request must include the following information to be processed adequately:
Elipti Inc. is committed to responding to the request within the following timeframes, in accordance with what is established by law:
The response will be delivered through the same channel used for the request, unless another means of communication is agreed upon. Elipti Inc. will ensure that the provided information is clear, complete, and understandable for the data subject.
In case the submitted request is not clear, incomplete, or does not meet the necessary requirements, Elipti Inc. may request additional information from the data subject. This process seeks to ensure that the request is processed efficiently and that an adequate response is provided to the needs presented.
Elipti Inc. guarantees that the exercise of data subjects' rights will not generate any retaliation or discrimination. Any attempt at retaliation will be treated with the seriousness that corresponds and will be subject to appropriate disciplinary measures, ensuring a relationship of mutual respect between them and Elipti Inc.
Information security is a priority for Elipti Inc., which implements a series of technical, human, and administrative measures to protect personal data against unauthorized access, loss, alteration, or improper disclosure.
Elipti Inc. uses advanced technologies to ensure the security of personal data. These include authentication and authorization systems to control access to information, encryption of sensitive data, and regular security updates to our systems and applications.
The protection of personal data is reinforced through internal policies that regulate information handling. Elipti Inc. establishes clear guidelines on who has access to data, under what conditions, and for what purposes. Additionally, we provide continuous training to our employees on data protection and privacy best practices.
To protect physical information, Elipti Inc. restricts access to its facilities to authorized persons only. Areas where personal data is stored have access control systems, and backup copies are maintained in secure locations to ensure data availability and recovery in case of incidents.
In case of security incidents that may affect the confidentiality, integrity, or availability of personal data, Elipti Inc. has established procedures for detecting, responding to, and mitigating such incidents. This includes incident identification and assessment, containment and mitigation measures, and notification to relevant authorities when required by law.
Regularly, Elipti Inc. conducts internal assessments and external audits to review the effectiveness of implemented security measures. These assessments allow us to identify vulnerabilities, implement improvements, and ensure continuous compliance with security standards.
The cybersecurity landscape is dynamic and constantly evolving. Therefore, Elipti Inc. is committed to keeping its security measures updated, adopting new technologies and recommended practices to face emerging threats and effectively protect the personal data of our data subjects.
In summary, Elipti Inc. adopts a comprehensive approach to information security, combining technical, administrative, and physical measures that guarantee the protection of personal data against any type of threat or vulnerability.
Elipti Inc. may transfer or transmit personal data to third parties, whether natural or legal persons, both within and outside the national territory. This process is carried out under strict conditions that ensure the protection and respect of data subjects' privacy.
All data transfers are subject to specific conditions that guarantee adequate protection of personal information. These conditions include:
Personal data may be transferred to the following categories of recipients:
In each data transfer, Elipti Inc. will inform the data subject about the identity of the recipient, the purpose of the transfer, and the guarantees offered to protect their personal data. This information will be provided clearly and transparently, allowing the data subject to make informed decisions about their information.
When Elipti Inc. makes international transfers of personal data, it will ensure that the receiving country offers adequate levels of data protection in accordance with International Data Protection Standards.
Elipti Inc. continuously monitors compliance with data transfer and transmission conditions by recipients. This includes contract review, periodic audits, and verification of security measures implemented by third parties.
In conclusion, Elipti Inc. manages data transfers and transmissions with maximum rigor, always guaranteeing the protection and respect of data subjects' privacy in accordance with applicable laws and regulations.
Elipti Inc. recognizes the special importance of protecting sensitive data due to its delicate nature and the greater risk of discrimination or personal harm that its improper handling can cause.
For the processing of sensitive data, Elipti Inc. requires express, specific, and informed consent from the data subject. This consent must be given freely and voluntarily, without any form of coercion or undue influence.
Given the sensitive nature of this data, Elipti Inc. implements additional security measures for its protection. This includes the use of advanced encryption technologies, stricter access controls, and enhanced security protocols.
Elipti Inc. is committed to not transferring sensitive data to third parties, except when strictly necessary to fulfill a specific purpose and with the express consent of the data subject.
To ensure proper handling of sensitive data, Elipti Inc. conducts periodic internal audits that evaluate compliance with established policies and procedures for its processing. These audits allow us to identify possible vulnerabilities and implement continuous improvements.
Any violation of sensitive data protection policies will be treated with the utmost seriousness and will be subject to appropriate disciplinary and legal measures in accordance with current regulations. Elipti Inc. maintains a zero-tolerance policy regarding improper handling of sensitive data, thus ensuring the integrity and trust of our data subjects.
In summary, Elipti Inc. adopts a rigorous and proactive approach in handling sensitive data, implementing additional security and confidentiality measures to protect this critical information and guarantee the rights of data subjects.
Elipti Inc. is committed to maintaining personal data only for the time necessary to fulfill the purposes for which it was collected and to comply with legal obligations that require its retention.
Personal data will be retained for the following periods:
Once the processing purpose is fulfilled and the established retention period has elapsed, Elipti Inc. will proceed to securely delete personal data. This process is carried out using methods that guarantee the irrecoverability of information, such as secure deletion algorithms and physical destruction of storage media.
Elipti Inc. conducts periodic reviews of its databases to ensure that personal data is not retained longer than necessary. These reviews allow us to identify information that can be deleted and maintain updated and relevant data.
In certain cases, data may be retained longer when required by law, for legal proceedings, or to protect the rights and interests of Elipti Inc. or third parties.
This retention and deletion policy ensures that personal data is handled responsibly and in accordance with applicable legal requirements.
For any questions, concerns, or requests related to this Privacy Notice or the processing of your personal data, you may contact us through the following channels:
Elipti Inc. reserves the right to update this Privacy Notice at any time. Any changes will be communicated to data subjects through appropriate means, such as email notifications or website updates. Continued use of our services after such changes constitutes acceptance of the updated Privacy Notice.
Last updated: January 2024