Legal & Compliance

Privacy Policy

Effective Date: June 1, 2026

I. General Information

ALTOLOGIT LLC, a company duly incorporated under the laws of the State of Florida, United States of America, recognizes the importance of protecting the privacy and personal data of all individuals who interact with its digital platforms and business activities.

This Privacy Policy has been developed in compliance with applicable United States regulations on privacy and data security (including, but not limited to, the Federal Trade Commission Act - FTC Act, the Children's Online Privacy Protection Act - COPPA, the Gramm-Leach-Bliley Act - GLBA, and the Health Insurance Portability and Accountability Act - HIPAA, where applicable), as well as in alignment with internationally recognized data protection standards, such as:

  • The General Data Protection Regulation (GDPR) of the European Union.
  • The OECD Privacy Guidelines.
  • The APEC Privacy Framework.

ALTOLOGIT LLC voluntarily commits to adopting global privacy standards to ensure that the collection and processing of personal data are always carried out under the principles of lawfulness, transparency, purpose limitation, proportionality, security, and accountability, regardless of the country of residence of the data subjects.

II. Data Controller

The data controller is ALTOLOGIT LLC, a company duly incorporated and existing under the laws of the State of Florida, United States of America, registered in the corresponding corporate registry and with its principal office located in Miami, Florida.

ALTOLOGIT LLC is responsible for the collection, storage, use, processing, transmission, transfer, and, in general, for all operations carried out with the personal data provided by data subjects. The company ensures that all data processing activities are performed in accordance with applicable U.S. laws and international privacy standards, with a strong commitment to confidentiality, integrity, and security of the information.

III. Definitions

For a better understanding of this Privacy Policy, the following definitions apply, based on international privacy and data protection standards:

  • Consent: The free, specific, informed, and unambiguous agreement given by the data subject to allow ALTOLOGIT LLC to process their personal data for the purposes described in this Policy. Consent may be withdrawn at any time.
  • Database: A structured collection of personal data organized in a way that allows access, management, and processing by physical or digital means.
  • Data Sharing: The act of disclosing personal data to a third party, whether for commercial or non-commercial purposes, always under proper confidentiality and security safeguards.
  • Access Request: The right of a data subject to know what personal data is being processed, how it is used, and with whom it is shared.
  • Personal Data: Any information relating to an identified or identifiable natural person, such as name, email address, phone number, postal address, online identifiers (including IP addresses), financial data, or similar information.
  • Public Data: Information that is lawfully available to the public without restrictions, such as data from official public records or information the individual has made public.
  • Private Data: Information that, by its nature, belongs exclusively to the private or intimate sphere of the data subject, such as personal contact details or financial information.
  • Sensitive Data: Information that may give rise to discrimination or impact an individual's privacy, including data about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, genetic or biometric data, or sexual orientation.
  • Data Controller: The natural or legal person who determines the purposes and means of processing personal data. In this case, ALTOLOGIT LLC.
  • Data Processor: The natural or legal person who processes personal data on behalf of the controller, following its instructions.
  • Data Subject: The natural person to whom the personal data relates.
  • Complaint: A request submitted by a data subject to correct, update, delete their personal data, or report a potential breach of this Policy.
  • International Data Transfer: The transfer of personal data from one country to another, where the recipient acts as a controller.
  • International Data Transmission: The transfer of personal data from one country to another, where the recipient acts as a processor.
  • Processing: Any operation performed on personal data, such as collection, storage, organization, use, access, transfer, or deletion.
  • Data Breach: Unauthorized access, use, disclosure, alteration, or destruction of personal data, whether accidental or unlawful.
  • Security Measures: Technical, organizational, administrative, and legal safeguards implemented to protect personal data against unauthorized access, misuse, loss, or alteration.
  • Privacy Policy: The set of rules, principles, and commitments adopted by ALTOLOGIT LLC to govern the processing of personal data of its users, customers, employees, and other stakeholders.

IV. Scope

This Global Privacy and Data Protection Policy applies to all activities involving the collection, use, storage, transmission, transfer, and overall processing of personal data carried out by ALTOLOGIT LLC, either directly or through third parties acting on its behalf.

The scope of this Policy includes, but is not limited to:

  • Personal data of users and visitors of our digital platforms worldwide.
  • Personal data of customers, business partners, suppliers, contractors, and employees, in any country where we operate or maintain commercial relationships.
  • Information collected through online forms, emails, electronic communications, cookies, web analytics tools, browsing records, and any other legitimate mechanism.
  • Data processed in the context of contracts, commercial agreements, employment relationships, and internal organizational processes.

This Policy applies regardless of the country of residence of the data subject. ALTOLOGIT LLC will take the necessary measures to ensure that, whenever local data protection laws require higher standards, such provisions are respected and complied with. It is also clarified that information relating to legal entities (such as company name, tax identification number, corporate addresses, or corporate email accounts) is not considered "personal data" under international standards. Nevertheless, ALTOLOGIT LLC is committed to handling such information with appropriate confidentiality and security measures.

V. Data Subjects, Data, and Purposes

To ensure transparency with data subjects and in compliance with international privacy standards, ALTOLOGIT LLC clearly informs which categories of individuals' personal data may be collected, the types of information requested, and the specific purposes for which such data will be used. The processing of personal data will always follow the principle of data minimization, meaning that only the data strictly necessary to fulfill the informed and legitimate purposes will be collected.

The following table provides an overview of the scope of data processing carried out by the company:

Data Subjects Data Collected Purposes of Processing
Website users and customers Name, email address, contact number, IP address, browsing information (cookies), payment details (where applicable).
  • Manage contractual and/or commercial relationships.
  • Provide the services offered through the platform.
  • Respond to inquiries, requests, complaints, or claims.
  • Send relevant information about products or services.
  • Comply with legal or regulatory obligations.
Suppliers and contractors Name or company name, tax identification number, address, email address, phone number, banking information.
  • Make payments and manage contractual relationships.
  • Comply with legal, accounting, and tax obligations.
  • Maintain administrative and audit records.
Business partners and affiliates Contact details (name, job title, email, phone number).
  • Establish business relationships.
  • Coordinate joint projects or activities.
  • Share necessary information for the provision of services or execution of agreements.
Employees and job applicants Contact information, résumé/CV, academic and professional background, personal references, sensitive data related to occupational health or biometric data (where applicable).
  • Manage recruitment, hiring, and termination processes.
  • Fulfill employment, social security, and applicable regulatory obligations.
  • Ensure employee safety and well-being.
Website visitors IP address, geolocation data, cookies, browsing logs.
  • Improve user experience on the website.
  • Perform statistical analysis of traffic and behavior.
  • Implement cybersecurity and fraud-prevention measures.

VI. Specific Purposes of Processing

In the course of its business and operational activities, ALTOLOGIT LLC may process personal data for the following additional and specific purposes:

  • Interaction with Affiliated Companies and Strategic Partners: Share information with affiliates, subsidiaries, controlled entities, or business partners, in order to send corporate, informational, advertising, or promotional communications related to services or projects of the organization or of third parties with whom it maintains partnerships.
  • Relationship with Suppliers and Contractors: Provide suppliers, consultants, advisors, or contractors with the information necessary for the proper performance of their duties and the fulfillment of contractual, legal, and administrative obligations.
  • International Data Flows: Carry out the transmission or transfer of personal data to third parties located inside or outside the United States, whenever necessary for the company's operations or to comply with legal, regulatory, or contractual commitments.
  • Security and Access Control: Collect and retain data obtained through security systems, access records, electronic controls, or video surveillance, in order to safeguard individuals, assets, and company facilities, and to use such data as evidence in administrative, disciplinary, judicial, or compliance processes.
  • Verification and Compliance Processes: Use data as support in internal or external audits, regulatory reviews, quality control activities, and other processes necessary for organizational risk management and compliance.
  • Institutional and Commercial Communications: Contact data subjects through physical, electronic, or digital means to send messages related to marketing campaigns, promotional activities, event invitations, satisfaction surveys, newsletters, and other communications linked to contractual or pre-contractual relationships.
  • Administrative Management and Customer Service: Process requests, inquiries, complaints, and claims; conduct risk assessments, satisfaction surveys, or market research; and carry out actions aimed at improving user experience and strengthening internal processes.
  • Access to External Databases: Consult information contained in records managed by public or private entities, whenever necessary to comply with legal or contractual obligations or to perform background checks.
  • Financial and Credit Information: Collect, update, report, and manage information in financial, credit, commercial, or service databases, in accordance with applicable regulations in each jurisdiction.
  • Disclosure of Personal Data: Provide or share personal data with third parties when there is a legal, contractual, or regulatory requirement from a competent authority, always ensuring adequate protection of the rights of data subjects.

This Global Privacy and Data Protection Policy of ALTOLOGIT LLC is based on the applicable laws of the United States of America, the regulations of the State of Florida, and the most relevant international standards on privacy and data protection. These include:

  • Federal Trade Commission Act (FTC Act): Establishes consumer protection principles against unfair or deceptive practices, including those related to the handling of personal information.
  • Children's Online Privacy Protection Act (COPPA): Regulates the collection and processing of data from children under the age of 13 on digital platforms.
  • Gramm-Leach-Bliley Act (GLBA): Imposes confidentiality and security obligations on companies handling consumers' financial information.
  • Health Insurance Portability and Accountability Act (HIPAA): Contains specific provisions for the protection of personal health information, applicable in medical and insurance contexts.
  • Florida State law: In the absence of a comprehensive state-level data protection law, ALTOLOGIT LLC commits to adopting best practices in privacy, as well as complying with applicable provisions on e-commerce, consumer protection, and information security in the State of Florida.
  • General Data Protection Regulation (GDPR) of the European Union: An internationally recognized framework that enshrines principles of lawfulness, transparency, data minimization, security, and accountability.
  • OECD Privacy Guidelines: Establish global guiding principles on the responsible collection and processing of personal data.
  • APEC Privacy Framework: Provides guidelines for cross-border data transfers within the Asia-Pacific region.
  • Complementary International Laws and Standards: Includes any other regulation, treaty, or standard that, directly or indirectly, strengthens the obligations of organizations regarding the protection of personal data and the privacy of users worldwide.

Based on this framework, ALTOLOGIT LLC undertakes to ensure that all personal data processing activities are carried out under international standards of security, confidentiality, and transparency, always safeguarding the fundamental rights of data subjects.

VIII. Principles for the Processing of Personal Data

The processing of personal data carried out by ALTOLOGIT LLC shall be guided by the following internationally recognized privacy and data protection principles:

  • Lawfulness: All data processing activities shall comply with applicable U.S. laws, the regulations of the State of Florida, and recognized international data protection standards.
  • Transparency: Data subjects shall be clearly, accessibly, and understandably informed about how their data is collected, used, shared, and protected.
  • Purpose Limitation: Personal data shall only be collected for legitimate, specific, informed, and explicit purposes and shall not be further processed for incompatible purposes.
  • Data Minimization: Only the personal data strictly necessary to fulfill the stated purposes shall be collected, avoiding excessive or irrelevant data collection.
  • Accuracy: Personal data must be accurate, complete, and up to date. Reasonable measures shall be taken to correct or delete inaccurate information.
  • Storage Limitation: Personal data shall only be retained for as long as necessary to fulfill the purpose for which it was collected, or as required by legal or contractual obligations.
  • Security and Integrity: Personal data shall be protected by technical, administrative, and legal measures that ensure confidentiality, integrity, and availability, preventing unauthorized access, loss, alteration, or misuse.
  • Accountability: ALTOLOGIT LLC shall take responsibility for ensuring and demonstrating compliance with this Policy and with applicable data protection regulations.
  • Non-Discrimination: Personal data shall never be processed for discriminatory purposes based on race, gender, sexual orientation, religion, socioeconomic status, nationality, political beliefs, disability, or any other personal characteristic.
  • Privacy by Design and by Default: The company's processes, products, and services shall incorporate privacy safeguards from the outset and by default, ensuring the highest possible level of protection for data subjects.

IX. Rights of Data Subjects

ALTOLOGIT LLC recognizes and guarantees the following fundamental rights to all individuals whose personal data is processed, in line with international standards and best privacy practices:

  • Right of Access: To know, at any time, what personal data is being collected, how it is being used, with whom it is shared, and how long it will be retained.
  • Right to Rectification: To request the correction or updating of personal data that is inaccurate, incomplete, or outdated.
  • Right to Erasure - "Right to be Forgotten": To request the deletion of personal data when it is no longer necessary for the purposes for which it was collected, when consent is withdrawn, or when processing is unlawful or contrary to this Policy.
  • Right to Restriction of Processing: To request that the processing of personal data be temporarily limited in certain circumstances, for example, while its accuracy is being verified or when there is an objection to the processing.
  • Right to Data Portability: To receive a copy of personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible.
  • Right to Object: To object at any time to the processing of personal data on legitimate grounds, except where a legal obligation requires such processing.
  • Right to Withdraw Consent: To revoke consent for the processing of personal data at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to File Complaints: To lodge complaints directly with ALTOLOGIT LLC regarding the processing of personal data and, if necessary, with the competent data protection authority in their country of residence.
  • Right to Confidentiality and Security: To demand that personal data be handled with strict confidentiality and that appropriate measures are taken to protect it against unauthorized access or misuse.
  • Right to Clear and Transparent Information: To receive clear, comprehensive information about the purposes of processing, the identity of controllers and processors, and the mechanisms available to exercise their rights.

X. Procedure for Exercising Data Subject Rights

To ensure the effective exercise of the rights recognized in this Policy and under international data protection standards, ALTOLOGIT LLC has established a clear, accessible, and free procedure for data subjects to submit inquiries, requests, complaints, or objections regarding the processing of their personal data.

Available Contact Channels:

Inquiries (Access Requests):

Data subjects may request information about the personal data processed by ALTOLOGIT LLC. Requests must be submitted through the authorized channels and will be answered within a reasonable timeframe, not exceeding 30 calendar days from receipt.

Complaints

If a data subject believes their information is inaccurate, incomplete, being misused, or that this Policy has been breached, they may file a complaint. The complaint should include:

  • Identification of the data subject.
  • A clear description of the facts and the request.
  • Supporting documents or evidence (if applicable).

ALTOLOGIT LLC will review the complaint and respond within 30 calendar days of receipt. If, for justified reasons, it is not possible to respond within this period, the data subject will be informed of the delay, the reasons behind it, and the new response date, which will not exceed a total of 60 calendar days.

Withdrawal of Consent and Data Erasure:

Data subjects may request the withdrawal of their consent and/or the deletion of their personal data at any time, unless a legal or contractual obligation requires their retention.

Complaints before Competent Authorities:

If the data subject is not satisfied with the response provided by ALTOLOGIT LLC, they may file a complaint with the competent data protection authority in their country of residence or, in the United States, with the Federal Trade Commission (FTC) or the relevant authority depending on the nature of the data processed.

XI. Duties of the Data Controller

As the data controller, ALTOLOGIT LLC assumes the following duties toward data subjects and competent authorities:

  • Guarantee Data Subject Rights: Adopt measures to ensure the full and effective exercise of the rights of access, rectification, erasure, portability, restriction, and objection to the processing of personal data.
  • Obtain Prior and Informed Consent: Secure the explicit authorization of the data subject before collecting and processing their personal data, except in cases where the law allows processing without such consent.
  • Provide Information on Data Use: Clearly and transparently inform data subjects of the specific purposes for which their personal data is collected and the scope of processing.
  • Maintain Data Under Secure Conditions: Implement appropriate technical, administrative, organizational, and legal measures to protect personal data against unauthorized access, loss, alteration, or misuse.
  • Update and Rectify Data: Correct, update, or delete personal data when appropriate, either at the request of the data subject or on the company's own initiative, to keep the information accurate and reliable.
  • Respond to Inquiries and Complaints: Provide timely, complete, and effective responses to data subjects' requests, complaints, or objections regarding the processing of their data.
  • Report Security Incidents: Notify the competent authorities and, when appropriate, the affected data subjects of any security breach that compromises the confidentiality, integrity, or availability of personal data.
  • Comply with Applicable Regulations: Abide by the provisions of United States law, Florida state law, and internationally recognized data protection standards.
  • Accountability: Document, implement, and demonstrate compliance measures, including audits, internal policies, training programs, and contractual clauses with third parties.
  • Ensure Proper Use of Data Shared with Third Parties: Guarantee that third parties to whom personal data is transmitted or transferred comply with the same privacy and security standards adopted by ALTOLOGIT LLC.

XII. Security Levels and Measures Adopted

ALTOLOGIT LLC recognizes the importance of ensuring the security of personal data under its custody. For this reason, the company implements technical, administrative, organizational, and legal measures designed to protect information against unauthorized access, loss, alteration, improper disclosure, or any other form of unlawful processing. The security measures adopted are structured across the following levels:

Technical measures:

  • Use of IT security systems, encryption of sensitive data, and authentication protocols.
  • Implementation of firewalls, antivirus software, and intrusion detection and prevention tools.
  • Secure and periodic data backups.

Administrative and organizational measures:

  • Internal privacy and confidentiality policies applicable to all personnel.
  • Training and awareness programs on data protection and security.
  • Data protection impact assessments and risk analyses related to personal data processing.

Physical measures:

  • Access controls to facilities and secure storage of physical documents.
  • Video surveillance systems and security protocols to safeguard assets and facilities.

Legal and contractual measures:

  • Inclusion of data protection clauses in contracts with suppliers, partners, and third parties accessing personal data.
  • Confidentiality agreements signed by employees and contractors.
  • Monitoring compliance by third parties receiving personal data.

These measures are subject to continuous review and improvement, in line with international standards such as ISO/IEC 27001 on information security management and the guidelines of the U.S. National Institute of Standards and Technology (NIST).

XIII. Privacy Notice

ALTOLOGIT LLC, headquartered in the State of Florida, United States of America, informs that personal data collected through its digital platforms, communication channels, or business relationships will be processed responsibly and in accordance with the principles of lawfulness, transparency, minimization, security, and confidentiality set forth in this Policy.

Personal data will be used exclusively for the legitimate and specific purposes described in this document, such as managing contractual relationships, providing services, responding to inquiries and complaints, complying with legal and regulatory obligations, and carrying out business or marketing activities previously authorized by data subjects.

This notice ensures that all individuals are informed about the existence of this Privacy Policy, the rights they are entitled to as data subjects, and the available contact channels to exercise those rights. By providing their information, data subjects acknowledge having been informed of these conditions, and ALTOLOGIT LLC reaffirms its commitment to protecting privacy and ensuring the ethical handling of personal data in all countries where it operates.

XIV. Mandatory Compliance

This Global Privacy and Data Protection Policy is binding for ALTOLOGIT LLC, its employees, executives, contractors, suppliers, strategic partners, and any third party that, within the framework of a contractual, commercial, or service relationship, has access to personal data under the company's responsibility.

Lack of knowledge of the provisions contained in this Policy does not exempt obligated parties from their legal, contractual, or administrative responsibilities arising from the improper handling of personal data. ALTOLOGIT LLC requires all third parties with whom it shares personal information to comply with equivalent standards of security and privacy, ensuring that data subjects' personal information is protected with the same level of diligence and commitment applied by the company itself.

XV. Retention of Databases

The databases managed by ALTOLOGIT LLC will be retained only for as long as necessary to fulfill the purposes outlined in this Policy, or for as long as there is a legal, contractual, or regulatory obligation that justifies their preservation. Once the purposes for which the data was collected no longer exist, or the contractual, commercial, or employment relationship with the data subject has ended, the data will be securely deleted, unless applicable law requires its retention for an additional period.

ALTOLOGIT LLC will apply procedures for deletion, anonymization, or blocking of information, as appropriate, to ensure that personal data is not processed beyond the strictly necessary period, thus reaffirming its commitment to the principle of storage limitation recognized internationally.

XVI. Modification or Update of the Policy

ALTOLOGIT LLC reserves the right to modify, update, or supplement this Global Privacy and Data Protection Policy at any time, in response to regulatory changes, guidelines issued by competent authorities, technological developments, or the company's own operational needs. Any modification will be promptly communicated to data subjects through the company's usual communication channels, such as the official website, email notifications, or institutional announcements, always ensuring access to the most up-to-date version of the Policy.

Continued use of ALTOLOGIT LLC's platforms, services, or communication channels after the publication of updates shall constitute acceptance of the modifications introduced, without prejudice to the data subjects' right to exercise their privacy rights at any time in accordance with this Policy.