Personal Data Protection Policy.
Purpose and principles
1.1 Purpose:
Protect personal data stored in Smartify files or systems (whether public or private), guaranteeing individuals' right to honor, privacy, and informational self-determination, in accordance with Article 1 of Law 172-13.
1.2 Applicable principles:
Smartify adheres to the principles of:
- Legality
- Quality and veracity
- Purpose
- Security
- Confidentiality
- Loyalty
These principles, detailed in Article 5 of the law, regulate all processing of personal data.
Scope and scope
2.1 Application:
This policy covers all personal data collected, stored, or processed by Smartify in the Dominican Republic, for both Odoo and Microsoft products, including customer, supplier, and user data.
2.2 Exclusions:
Does not apply to:
- Data handled exclusively for personal or domestic purposes.
- Data handled exclusively for personal or domestic purposes.
- Intelligence, security or state agency data.
- Data of legal entities limited to professional information (name, position, email, telephone).
Owners' rights
Smartify guarantees the following rights:
- Access: know what data you have.
- Rectification: correcting inaccurate or incomplete data.
- Deletion: Deleting data when it is no longer needed.
- Opposition: refusing treatment except in a legal emergency.
- Habeas data: legal action to demand rectification and deletion.
Holders may exercise these rights by means of a written request to Smartify, which will be responded to within a maximum period of ten (10) business days.
Consent and legal bases
4.1 Consent:
It will be prior, free, unequivocal and specific, except for exceptions provided for by law (for example, when the treatment is necessary by legal mandate)
4.2 Other legal bases:
In certain cases, Smartify may process data without consent if there is a legal justification.
Security and Confidentiality
Smartify adopts appropriate technical and organizational measures to ensure.
- Data integrity and confidentiality.
- Prevention of unauthorized access, destruction, loss or alteration.
- Professional secrecy, even after the termination of the employment or contractual relationship.
Purpose of treatment
Personal data will be used only for:
- Sales, implementation, and support of Odoo and Microsoft solutions
- Administrative management, contact, billing and customer service.
- Compliance with contractual or legal obligations
Transfer and conservation
- Data may not be transferred to third parties without the data subject's consent, except where legally permitted.
- Data will be retained virtually only as long as necessary for the authorized purpose.
Management of non-compliance and sanctions
In the event that Smartify breaches this policy or the law:
- The holder may file legal actions for habeas data.
- Administrative sanctions will be set out in accordance with Chapter V on violations and sanctions of Law 172-13.
Data Controller
Smartify will appoint an internal manager responsible for:
- Respond to requests from the owners
- Maintain treatment records
- Coordinate security measures and compliance with this policy.
Publication and update
This policy will be:
- Published on the website and at all customer touchpoints.
- Regularly reviewed and updated to reflect legal and operational changes.
Last updated: July 24, 2025
Smartify - Your trust, our commitment.
Information Security Policy.
At Smartify, a technology solutions company and official partner of Odoo and Microsoft, we are committed to the protection, integrity, and privacy of the personal data of our users, clients, and collaborators. This policy is based on the principles of legality, loyalty, transparency, minimization, time limitation, confidentiality, and integrity.
The person responsible for the processing of personal data is known as Smartify SRL with RNC number 132498692, located at Angel Severo Cabrales #12, Distrito Nacional, Santo Domingo, Dominican Republic, with email info@smartify.com.do and contact +1 829 766-4889 and +1 809 683-1105.
The personal data collected will be processed for the following purposes:
- Manage requests for information or contact.
- Offer products and services related to Microsoft solutions (Office 365 and Azure).
- Send commercial communications, with prior authorization from the user.
- Provide technical support and specialized consulting.
Data processing is always carried out with the express prior consent of the user.
Principles such as:
- Transparency, Loyalty, and Legality: Data will not be collected or processed without the explicit consent of the data subject.
- Minimization: Only the data strictly necessary for each purpose will be collected.
- Term Limitation: Data will be retained only for as long as necessary to fulfill the purpose for which it was collected.
- Confidentiality and Integrity: We implement appropriate technical and organizational measures to prevent unauthorized access, loss, or alteration of personal data.
Personal data may only be shared with:
- Microsoft Corporation, within the framework of its use of cloud services and licensing, guaranteeing compliance with international data protection standards.
- Technology providers that collaborate with Smartify to properly develop their services (with signed confidentiality agreements).
- Competent authorities when there is a legal obligation.
Smartify does not make automated decisions that produce legal effects on users, nor does it create profiles based solely on automated processing. If this type of activity is carried out in the future, users will be informed in advance and their express consent will be requested.
Smartify reserves the right to update this policy to reflect regulatory or internal operational changes. Users will be notified promptly of any significant changes.
Last updated: July 24, 2025
Smartify - Your trust, our commitment.
Contingency Policy.
Objective
Establish the procedures and controls necessary to ensure the continuity of Smartify's operations in the event of disruptive events such as technical failures, natural disasters, cyberattacks, or any incident affecting essential services.
Scope
It applies to all key Smartify systems, processes, services, and personnel, including critical data, technology infrastructure, cloud services, and customer service.
General principles
- Prevention: Identify potential risks that may affect the operation.
- Preparation: Maintain plans, tools, and trained personnel to deal with contingencies.
- Answer: Take immediate measures to mitigate the impact.
- Recovery: Restore affected services as quickly as possible.
- Continuous improvement: Evaluate and update plans regularly.
Procedures and Controls
1. Business Impact Analysis (BIA)
Identification of critical processes, technological dependencies and maximum acceptable recovery times.
2. Business Continuity Plan (BCP)
Includes:
- Daily automatic data backup protocols.
- Redundancy in servers and cloud services.
- Communication with customers and partners during incidents.
- Remote work plan for key personnel.
3. Disaster Recovery Plan (DRP)
Technical actions to restore technological infrastructure, including:
- Activation of alternate environments.
- Restoring systems from verified backups.
- Post-recovery integrity verification.
4. Contingency Team
Designated team with clear roles to execute the plan in case of incidents.
5. Periodic Tests
Annual drills and quarterly review of the plan to ensure its effectiveness and validity.
Responsibilities
- General Directorate: Approve and supervise the implementation of the plan.
- IT Manager: Execute technical contingency plans and coordinate restoration.
- All personnel: Comply with established procedures during a contingency.
Review and Update
This policy will be reviewed at least once a year or after a significant event that triggers its activation.
Last updated: July 24, 2025
Smartify - Your trust, our commitment.