Privacy Policy

We understand that privacy is the cornerstone of digital trust. Therefore, we handle your information under encryption standards and total transparency.

1. Identity of the Data Controller

Digisecuritas (the "site"), located in Montevideo, Uruguay, is responsible for processing the personal data of its users and clients, in accordance with applicable data protection regulations in the jurisdictions in which it operates, including the General Data Protection Regulation (GDPR) of the European Union and relevant local laws.
For the purposes of this Policy, "the Company" refers to Digisecuritas, which is the owner of the website and provider of the services described herein. The Company may act as the Data Controller or as the Data Processor as appropriate and has designated legal@digisecuritas.tech as the contact channel for privacy matters.

2. Collected Personal Data

The Company may collect and process the following categories of data:
  • Identification data: name, surname, identity document or passport.
  • Contact data: email address, phone number, physical address.
  • Billing and financial data: tax information, payment methods, receipts.
  • Site and software usage data: activity logs, logs, IP addresses, browsing patterns, user settings.
  • Technical information: cookies, online identifiers, operating system, browser.
  • Data derived from communications: support requests, inquiries, and correspondence sent by users.
Under no circumstances will we request or process sensitive data (health, political orientation, religion, etc.) unless strictly necessary and with explicit consent.
When certain services require sensitive data by legal or regulatory mandate (e.g., security or compliance certifications), the Company will inform the user in advance, obtain their explicit written consent, and limit the use of such data exclusively to the authorized purpose.

3. Purposes of Processing

Personal data is used to:
  • Process user registrations and manage accounts.
  • Provide, personalize, and improve our cybersecurity and software services.
  • Issue invoices, manage collections, and accounting obligations.
  • Provide technical support and customer service.
  • Comply with legal, regulatory, or contractual obligations.
  • Prevent fraud, security incidents, and unauthorized access.
  • Send communications related to contracted services or, with explicit consent, commercial and marketing communications.
Under no circumstances will personal data be used for purposes other than those provided herein without prior notification to the user and, where applicable, obtaining their explicit consent.
The collected data may be used for statistical analysis and user experience improvement, always in aggregated or anonymized form, so that direct identification of the holder is not possible.

4. Legal Basis for Processing

Data processing is based on:
  • Explicit consent of the user, granted upon registration or acceptance of this Policy.
  • Execution of a contract or provision of a requested service.
  • Compliance with legal obligations of the Company (e.g., billing, cybersecurity regulations).
  • Legitimate interest of the Company, such as service improvement, site security, and fraud prevention.
If processing is based on consent, it may be withdrawn at any time without affecting the lawfulness of prior processing. The Company will conduct periodic assessments of proportionality and necessity when invoking legitimate interest as the basis for processing, ensuring that the rights and freedoms of users do not prevail.

5. International Transfers and Third Parties

Personal data may be transferred and stored on servers located outside the user's country, including cloud service providers (e.g., AWS, Google Cloud, Microsoft Azure). The Company will adopt contractual, technical, and organizational measures to ensure an adequate level of protection in accordance with applicable regulations (including standard contractual clauses approved by the European Commission, where applicable). Personal data will not be disclosed to third parties other than those mentioned, except by legal obligation or explicit consent of the user.
When the Company hires subprocessors (e.g., technology or support providers), it will require by contract that they apply the same security and confidentiality guarantees established in this Policy.
The Company does not sell or market personal data to third parties under any circumstances.

6. User Rights

Users have the right to:
  • Access their personal data.
  • Rectify inaccurate or incomplete data.
  • Request the deletion of their data when it is no longer necessary or consent has been withdrawn.
  • Object to data processing for legitimate reasons.
  • Request the portability of their data to another provider, where applicable.
  • Withdraw consent at any time without affecting the lawfulness of prior processing.
To exercise these rights, the user may send a request to legal@digisecuritas.tech, accompanied by a document verifying their identity.

7. Ownership and Use of Data

The data, reports, findings, and results generated in the context of service provision are owned by the Client, who will have full rights of use over them.
The Company may retain copies of such results as necessary for archival, legal compliance, or defense of its interests, committing to treat them under strict confidentiality.
Additionally, the Company may use anonymized or aggregated information derived from service provision for statistical, research, or continuous improvement purposes, as long as it is not possible to identify the Client or their users directly or indirectly.

8. Minors

The Company's services are not directed to individuals under 18 years of age. If inadvertent processing of data from minors without valid authorization is detected, the Company will proceed to delete it immediately.

9. Security Measures

The Company implements reasonable technical, administrative, and organizational measures, including encryption, access control, periodic audits, and security policies, to protect personal data against unauthorized access, loss, alteration, improper disclosure, or destruction.
These measures will be reviewed and updated periodically, considering technological evolution, best practices in the industry, and risks detected at any given time.
In the event of a security breach compromising personal data, the Company will notify the user and the competent authorities in accordance with applicable regulations.

10. Responsibility for Client Information Integrity

The Client is solely responsible for the truthfulness, accuracy, completeness, and legality of the information, credentials, data, and documentation provided to the Company for the execution of the services.
The Client guarantees that the information provided does not infringe on intellectual property rights, confidentiality, or data protection of third parties, and will hold the Company harmless against any claims arising from the breach of this obligation.
The Company shall not be liable for errors, failures, or limitations in the results of the services arising from inaccurate, incomplete, or misleading information provided by the Client.

11. Use of Cookies and Similar Technologies

The website uses cookies and equivalent technologies to enhance user experience, personalize content, and analyze traffic. Users can configure their browser to reject cookies or be notified about them. For more information, please refer to our Cookie Policy.

12. Changes to the Privacy Policy

The Company may update this Policy at any time. Changes will be notified on the website, indicating the date of the last update. Continued use of the site and services after such changes will imply acceptance of the new version.
When modifications are substantial or affect users' rights, the Company will notify such changes via email to registered users, in addition to posting them on the website.
In such cases, users will have the right to request the deletion of their personal data if they do not agree with the introduced modifications.

13. Contact

For any inquiries related to this Policy or the exercise of your rights, users can contact us at: legal@digisecuritas.tech

14. Miscellaneous

In case of discrepancy between the provisions in this Privacy Notice and the Terms and Conditions of Use, the Terms and Conditions will prevail.
The nullity, invalidity, or ineffectiveness of any of the provisions contained in this Privacy Notice will not affect the validity of the rest, which will continue to be fully applicable.
The failure of the Company to exercise or enforce any right derived from this Notice will not constitute a resignation from it.

Ready to elevate your security?

Let's talk about how we can protect your critical infrastructure.

Request Consultation View Services