Esta página utiliza cookies propias y de terceros para mejorar la navegabilidad y accesibilidad de nuestro sitio web y optimizar la experiencia del usuario. Puedes aceptar todas las cookies pulsando el botón “Aceptar” o pulsar en Configuración. para obtener más información sobre éstas y configurar o rechazar su uso.

Aceptar
Rechazar

Amazon Protection Policy

Data Protection Policy for Our WeWeb & Xano-Based Project

1. Introduction
We are committed to protecting the privacy and security of user data in our project, which utilizes WeWeb for the frontend and Xano for the backend. Our data protection practices align with industry standards and best practices to ensure the confidentiality, integrity, and availability of user information. We prioritize user privacy and transparency in how we collect, store, and use data.

2. Data Collection & Storage

  • We collect user data necessary for providing our services, including account details, usage history, and interactions within the platform.
  • All sensitive data is securely stored in Xano using encryption mechanisms such as AES-256 for data at rest and TLS for data in transit.
  • Personally identifiable information (PII) is stored only for as long as needed to provide the required services and is periodically reviewed for deletion when no longer necessary.
  • We implement database security best practices to prevent unauthorized access and data breaches.

3. Access & Security

  • Access to user data is restricted to authorized personnel only, following the principle of least privilege.
  • Role-based access controls (RBAC) are enforced to manage permissions effectively.
  • We enforce strong authentication policies, including password complexity requirements and multi-factor authentication where applicable.
  • Data transmitted between WeWeb and Xano is encrypted using secure communication protocols to prevent unauthorized interception or tampering.
  • Regular security audits and monitoring mechanisms are in place to detect and respond to potential threats.

4. Compliance & User Rights

  • Users have the right to access, modify, or request the deletion of their personal data at any time.
  • We comply with data protection regulations such as GDPR, CCPA, and other applicable laws to ensure user rights and privacy.
  • If a security breach occurs, we have an incident response plan in place, including immediate investigation and notification to affected users as required by law.
  • Users can review our privacy policy for additional details on data handling and their rights.

5. Third-Party Services & Integrations

  • If third-party services are integrated, we ensure they comply with strict security and privacy policies.
  • External APIs and service providers are evaluated for compliance with data protection standards before integration.
  • We do not sell or share user data with external parties without explicit user consent unless required by law.

6. Data Retention & Deletion

  • User data is retained only for the necessary duration to meet operational, business, and legal requirements.
  • Upon user request, personal data will be securely and permanently deleted from our systems within a defined timeframe.
  • Logs and backups containing sensitive information are securely managed and periodically purged following best practices.

7. Continuous Improvement & Security Measures

  • We regularly review and update our security practices to adapt to emerging threats and technological advancements.
  • Security training and awareness programs are conducted for our team to maintain compliance with industry standards.
  • Automated monitoring tools are employed to detect suspicious activities and prevent unauthorized access.

8. Contact Information
For any questions, concerns, or requests regarding data protection, users can contact our support team via email or through our designated communication channels.

By using our services, users acknowledge and agree to this data protection policy, ensuring a secure and privacy-focused experience.