<img height="1" width="1" src="https://www.facebook.com/tr?id=133206463822786&amp;ev=PageView &amp;noscript=1">

We give you control over your data.

Since we began our journey back in 2012, at Captio we have been committed to privacy, security and transparency in the processing of the data of those companies and people who place their trust in us, whether individuals, clients or partners. This commitment implies, of course, adapting to the new requirements imposed by the General Data Protection Regulation (RGPD), which will go into force on May 25th.

Te damos el control de tus datos

Current situation

Before talking about what we are going to do to comply with the requirements of the new legislation, let us remind you of everything we have in place regarding security and privacy.

As a company that stores information in the Cloud, we are entrusted with very valuable data, which is why we have established very high standards in terms of security.

Situación actual
Nuestros compromisos

Our commitments

As we indicate in our information security policy, at Captio we are committed to:
  • Preserving the confidentiality of the information of parties, clients and users, preventing their disclosure or access to it by unauthorised persons.
  • Maintaining the integrity of the information of partners, clients and users, ensuring its accuracy and averting its deterioration
  • Ensuring the availability of our clients’ information, in all media, whenever necessary.

Our infrastructure

  • Our database technology partner is Microsoft Azure, which gives us an extra level of strength and security. Captio's applications and data are stored in Microsoft's Azure Cloud; specifically at the Northern Europe data centre, in Dublin, Ireland.
  • All the data is stored in SQL Server databases. The database is replicated, forming an AlwaysOn architecture with who nodes, one for writing and reading, and another just for reading. This makes it possible to guarantee high performance in data consultation and its immediate availability.
  • Communication in both the web and the mobile application is ensured with a 256-bit Secure Socket Layer (SSL AES-256, 256-bit keys).
  • All connections are protected via authentication and secure authorisation, under HTTPS. At Captio we perform a total back-up daily and an incremental back-up every 30 minutes, and copies are saved in Azure, with restricted access.
nuestrainfraestructua.jpg
Nuestras certificaciones

Our certifications

As we told you at the time, at Captio we have promoted the establishment of a Security Management System in accordance with the requirements of the UNE-ISO/IEC 27001: 2014 standard. This certificate it is an international security standard that aims to place the security of information under specific control for its management, in order to identify, evaluate and minimize the risks to which our information and that of our clients is exposed.

Adjustments and news

Now that you know the background, let's look at what important changes we are going to introduce in order to meet the requirements of the General Data Protection Regulation (GDPR). 

Changes to our privacy policy

We have updated our privacy policy, with much more information that is useful to you. In addition to specifying why we collect data from people who register on our website or request information from us, we specify the rights of those same people, and how they can exercise them

Cambios en nuestra política de privacidad
Cambios en nuestra política de cookies

Change to our cookies policy

As we indicate in our cookies policy, from now on we will inform all those who visit or use our website about what cookies will be stored, grouping them according to their function: commercial, tracking or service.

Very important facts to consider:

  • It is mandatory for all those who use or visit our website to provide their consent .
  • All cookies will be valid for a maximum of 365 days.

New features and tools

At the product level, we are working on new features and tools that guarantee our compliance with the GPRD:

Encryption of our database:

We are working on the encryption of our database using a strategy of encryption at rest with AES algorithms. This method removes the risk of information leakage in the event of database theft. This means that all user, partner and client data is properly coded.

Masking of bank cards:

Although we were already doing it, it is important to remember that the cards of those who use our bank reconciliation service are encrypted as shown in this example: 1234 .....123456

Data destruction protocol:

We provide mechanisms that allow clients and partners to delete their personal data, like their name and surname, or email address. Thus:

  • An individual user can delete his account from the Configuration section of the web application.

  • An administrator can eliminate a final user’s account from the web application’s administration panel. .

  • Captio accounts are eliminated according to the data destruction policy implemented: 30 days after the deletion of an account, an automatic process is responsible for deleting all user data, except for when its storage is necessary to comply with other rules.

Nuevas funcionalidades