PRIVACY POLICY EMPRESAS CAPARRA, INC. EFFECTIVE DATE: May 2016

EMPRESAS CAPARRA, INC., from now on “THE COMPANY”, is aware that users care about how their personal information is stored and/or shared by service providers. This Privacy Policy describes how we safeguard the information THE COMPANY collects about its customers through its website, applications and any other means related to the Services (as described after mentioned) offered by THE COMPANY.

ARTICLE 1. APPLICABILITY

THE COMPANY is a for-profit corporation registered under the laws of the Commonwealth of Puerto Rico. This Privacy Policy applies to all Services offered by THE COMPANY, by itself, and/or through any of its affiliates, being such services offered through a website, application, or other means. Use of THE COMPANY services, website and/or applications carries a tacit acceptance that you are satisfied with our Privacy Policy, and how we handle your personal data, as well as the form and manner in which we share your data.

ARTICLE 2. DEFINITIONS

1. User(s) and/or Customer(s): Means any natural or legal person using the Services offered by THE COMPANY, for which either such services are offered free of charge or not. 

2. Personal Information: Means any name or number that can be used by itself, or together with other information, to identify a specific individual, including, but not limited to: 

Name and surname; 

Gender; 

City and State; 

Email address;

Phone number;

Geo-Location information;

Any other information that can be used to identify, physically or electronically, an individual.

3. Anonymous Information: Means any information collected using the services offered by THE COMPANY which cannot be attributed to a specific person, and its analysis is not tied to the identification of a specific person.

4. Public Information: Means any personal information clients publish that is not related to the procurement of services provided by THE COMPANY.

5. Cookie: Means a piece of information which is stored in the user's Internet browser so that the services provided by THE COMPANY can remember user’s activity and/or credentials.

6. External websites: Means any website not owned by THE COMPANY nor operated by THE COMPANY to provide services.

7. Security System Breach: Means any situation in which it is detected that an unauthorized person has gained access to data files where personal information is stored, compromising in such way the security, confidentiality or integrity of personal information. For a Security System Breach to be established, the personal information of users must not be protected by a cryptographic key beyond a user access password.

ARTICLE 3. TYPES OF SERVICES

THE COMPANY offers a variety of Services through various websites, portals, web applications, software and/or mobile applications, among others, which for purposes of this policy are categorized in two ways:

1. Services that do not require registration: Those services that do not require users to enter their personal information to be used.

2. Services that require registration: Those services provided by THE COMPANY which require users to enter their personal information to be used.

The two (2) services described above will be known for the purposes of this Privacy Policy as "Services".

ARTICLE 4. COLLECTION OF ANONYMOUS INFORMATION

THE COMPANY collects anonymous information of the Services it provides. Anonymous information collected is used to analyze trends, management, tracking, and to gather geographic information. The collection and analysis of anonymous information by THE COMPANY is not linked to a specific user and cannot be used to identify a specific person.

THE COMPANY, from time to time, can share anonymous information with third parties for the purpose of trend analysis and marketing.

ARTICLE 5. COLLECTION OF PERSONAL INFORMATION

THE COMPANY users wishing to use Services that require registration must register on the platform on which such Services are offered and/or provided in order to use them. Depending on the type of Services, the user must enter personal information in order to obtain such Services.

THE COMPANY uses various methods of registration for the different Services it provides. No matter which method of registration is used, all personal information of the user is maintained in a database or databases.

THE COMPANY uses the username to identify which Services a client has access to. The username of a client can be shared with multiple systems that comprise the Services provided by THE COMPANY.

ARTICLE 6. COOKIES

THE COMPANY might use cookies to provide its Services.

THE COMPANY might use cookies to identify a user session. The cookies to identify a user session are used to achieve a more efficient navigation and/or integrated of Services. Generally, a cookie used to identify a user session expires when the user signs-off the Services being used.

Services requiring registration that are offered by third parties on behalf of THE COMPANY, such as Facebook and/or Google login, may use cookies. THE COMPANY has no control over the cookies or privacy policies of third parties. This Privacy Policy applies only to Services which are under the exclusive control of THE COMPANY.

ARTICLE 7. COMMUNICATION BY EMAIL

Users can communicate with THE COMPANY by email. Communication by email is not secure and can be intercepted by third parties without authorization. THE COMPANY does not discourage the use of emails, but acknowledges that emails are susceptible to interception.

From time to time THE COMPANY will use the names of users and/or their email addresses to send promotional material. If a user does not wish to receive promotional communication, the user must send an email to info@sanpatricio.com requesting to be removed from the mailing list.

THE COMPANY uses the email account of its users to send communications related to the Services subscribed by a user. Such communications may be related, but not limited to, advertisement on the functionality of Services, user accounts, transactions, user requests, promotions, and any other communications related to the availability of Services. Such communications are known as important communications and users can not request to be excluded from them unless otherwise provided in this Privacy Policy.

ARTICLE 8. PERSONAL INFORMATION FOR SPECIFIC USES

THE COMPANY uses personal information as part of the subscription process of the Services it provides. As part of such subscription process, additional personal information, not defined on this Privacy Policy, can be requested. The information provided by users to THE COMPANY, regardless of the means used to provide such information, may be used for billing and accounting, history of Services contracted by the user, as well as other purposes. THE COMPANY may use personal information to communicate with users regarding orders, products, services, fees or penalties.

THE COMPANY uses third parties to provide specific services such as customer management. These companies may have access to personal information and financial information of users to carry out their duties.

THE COMPANY has alliances with service providers in order to provide its Services. When users subscribe and/or acquired Services, THE COMPANY may share personal information about users that is necessary to enable service providers to fulfill their functions.

ARTICLE 9. DISCLOSURE OF INFORMATION RELATED TO COMPANIES WITH WHOM WE SHARE INFORMATION 

THE COMPANY uses the services of different companies to process and manage the information provided by its customers, and to offer their own Services. THE COMPANY believes that the contractual relationship with the aforementioned companies, and processes implemented to process and manage information provided by its users, are trade secrets and industrial secrets protected by the Laws of the Commonwealth of Puerto Rico.

In order to protect its assets, trade secrets and industrial secrets, THE COMPANY does not disclose the companies with which it has contractual relations to process and manage information from its clients as well as companies that offer products and services to THE COMPANY. In the event a user needs to know the name of the companies with whom THE COMPANY shares information, the user must send an email to info@sanpatricio.com with a formal request and the reasons why the user needs such information. After received this request, our legal department will contact the user for further instructions.

ARTICLE 10. LINKS TO OTHER WEB SITES

The Services provided by THE COMPANY may contain links to external websites not owned or controlled by THE COMPANY. THE COMPANY is not responsible for the privacy or the security of personal information, or public information that users disclose on external websites to which THE COMPANY provides links. THE COMPANY is not responsible for the security and privacy practices on external websites.

ARTICLE 11. INFORMATION SECURITY

THE COMPANY encrypts communication between its Services and its clients, provided that during that communication THE COMPANY is collecting personal information of users. THE COMPANY encrypts communication in its various Services using encryption protocol Transport Layer Security (TLS) and/or Secure Socket Layer (SSL). THE COMPANY also encrypts personal information stored on its database, but maintains unencrypted personal information to facilitated the proper use of Services.

For more information about how THE COMPANY manages data security, users can write an email to the following address: info@sanpatricio.com.

ARTICLE 12. CHANGES, CORRECTIONS AND UPDATING PERSONAL INFORMATION 

THE COMPANY provides users the ability to make changes, corrections or updates to their personal information within the Services provided by THE COMPANY.

ARTICLE 13. PROTECTION OF MINORS

The Services provided by THE COMPANY are not generally designed for users of less than 21 years old. THE COMPANY does not intentionally collect information of minors.

In the event that THE COMPANY saves minors’ information, such information is protected by the same processes and procedures described in this Privacy Policy.

ARTICLE 14. DISCLOSURE FOR INVESTIGATIVE PURPOSES

THE COMPANY may disclose personal information, anonymous information or public information when such disclosure is required by a Court Order. THE COMPANY may disclose any information of its users when doing it is done in good faith to prevent the commission of crimes, avoid excessive or illegal use of Services, protect rights and property of THE COMPANY, to ensure that the contractual clauses between THE COMPANY and its users are satisfied, or when it is understood that there is a danger that threatens the life or safety of a person.

ARTICLE 15. LIMITED USE

THE COMPANY is not in the business of selling information about you. Therefore, THE COMPANY does not intend to sell, share or rent information obtained through its Services, except for the reasons and the ways indicated in this Privacy Policy.

ARTICLE 16. CHANGES AND AMENDMENTS TO THE PRIVACY POLICY

THE COMPANY may make changes and/or amend this Privacy Policy without prior approval of its users. In the event that THE COMPANY changes or amends this Privacy Policy, THE COMPANY will notify its clients by email and/or publishing an announcement within the Services it provides.

ARTICLE 17. APPLICABLE LAWS TO RESIDENTS OF THE COMMONWEALTH OF PUERTO RICO 

Pursuant to the Notice of Privacy Policy Act of the Commonwealth of Puerto Rico, known in Spanish as “Ley de Notificación de Política de Privacidad”, Act No. 39 of January 24, 2012, all operators of Internet sites must notify users of their privacy policies in a clear, concise, conspicuous and unambiguous manner. By doing so, such privacy policies shall include, but not be limited to: (i) the type of personal information collected and/or maintained; (Ii) persons with whom the personal information collected and/or maintained is shared; (iii) if the operator of an Internet site maintains a process for the user to review or request changes to their personal information collected and/or maintained, including a description of the process; and (iv) description of the process by which the operator notifies users of changes to their privacy policy.

This Privacy Policy complies with the Notice of Privacy Policy Act of the Commonwealth of Puerto Rico to the extent that the requirements of the Act do no lacerate the right that THE COMPANY has over its assets, including, but not limited to, its trade secrets.

-- Revised on March 14, 2017.