Personal Data Protection

Privacy Policy

At Cyberix we take the protection of your personal information and compliance with current privacy regulations very seriously.

Last updated: July 9, 2025

Executive Summary

This Privacy Policy clearly and transparently describes how Cyberix S.A.S collects, uses, stores and protects your personal information when you use our business automation services. Cyberix S.A.S

By using our services, you accept the practices described in this policy. We are committed to complying with all applicable data protection laws, including GDPR (General Data Protection Regulation) and Colombia's Law 1581 of 2012.

Important Definitions

User Account

Unique account created to access our automation and business management services.

Personal Data

Any information that allows a natural person to be identified, directly or indirectly.

Data Controller

Cyberix S.A.S, located at Cl. 7D #43A-40, El Poblado, Medellín, Colombia.

Services

Business automation platform, chatbots, WhatsApp integrations, social media and other tools offered.

Cookies

Small data files stored on your device to improve user experience and analyze service usage.

Device

Any equipment that can access the service: computer, mobile phone, tablet or other connected device.

Information We Collect

Personal Identification Data

Full name
Email address
Phone number
Postal address
Company information
Position and role

Usage and Analytics Data

We automatically collect information about how you use our services to improve experience and functionality:

IP address and approximate geographic location
Browser type, operating system and version
Pages visited, dwell time and navigation paths
Interactions with service features and functionalities
Performance data and technical errors

Use of Your Information

We use your personal information only for the following legitimate purposes:

Service Provision

Provide, maintain and improve our automation services

Account Management

Manage your registration, authentication and preferences

Communications

Send important notifications, updates and technical support

Continuous Improvement

Analyze usage and behavior to improve functionalities

Legal Compliance

Comply with legal and regulatory obligations

Security

Detect and prevent fraud, abuse and security issues

Security of Your Data

We implement high-level technical, administrative and physical security measures to protect your information:

SSL/TLS Encryption

All communications are end-to-end encrypted

Access Controls

Multi-factor authentication and granular permissions

Regular Audits

Periodic security and compliance reviews

Your Rights as Data Subject

You have the following rights over your personal data:

Access

Request a copy of the data we hold about you

Rectification

Correct inaccurate or incomplete data

Erasure

Request the deletion of your personal data

Objection

Object to the processing of your data for certain purposes

Portability

Receive your data in a structured format and transfer it to another provider

Restriction

Restrict the processing of your data under certain circumstances

To exercise your rights: Send an email to [email protected] with your request and we will respond within a maximum of 15 business days.

Use of Google APIs and User Data

Cyberix is undergoing verification with Google and uses Google API services to provide specific functionalities. Below we detail how we use these services and what data we access:

Google OAuth Verification

Cyberix is undergoing official verification with Google for the use of sensitive and restricted APIs. We comply with all Google verification requirements, including the Google API Services User Data Policy.

Scopes and Permissions Requested

Our application requests access to the following Google data. We only access what is strictly necessary to provide our services:

Authentication (openid, userinfo.email, userinfo.profile)

Propósito: Enable secure login with Google Sign-In

Datos accedidos: Name, email address, and profile picture to create and manage your account

Google My Business (business.manage)

Propósito: Manage your Google Business Profile

Datos accedidos: Business profile, posts, reviews, hours, services, photos, and performance metrics

Google Ads (adwords)

Propósito: Manage Google Ads advertising campaigns

Datos accedidos: Ad accounts, campaigns, performance metrics, and ad settings

Google Cloud Platform (cloud-platform)

Propósito: Access Google Places API for business photos

Datos accedidos: Public photos of business locations to display in the dashboard

Google Calendar (calendar.*)

Propósito: Schedule posts and manage appointments

Datos accedidos: Calendar events, availability, calendar lists, and time zone settings

AI/ML Model Training Disclosure

Cyberix DOES NOT use user data obtained through Google APIs (including Gmail, Calendar, My Business or other Google Workspace services) to train, improve or develop artificial intelligence or machine learning models.

Google API data is used exclusively to provide the specific functionalities you request

Any AI function in our platform is trained only with synthetic data or proprietary data with explicit consent

Google data is not shared with external AI/ML service providers

Google Data Usage Policy

Cyberix's use of information received from Google APIs complies with the Google API Services User Data Policy, including Limited Use requirements.

Data Usage Principles:

We only access the minimum data necessary to provide our services

We do not share Google data with third parties without your explicit consent

We do not use Google data to train artificial intelligence or machine learning models

We do not use Google data for personalized advertising or remarketing

Data is encrypted in transit (HTTPS/TLS) and at rest (AES-256)

Only authorized personnel have access to data, with strict audit controls

Data Retention and Deletion

We store Google API data only for as long as necessary to provide our services:

Access tokens are stored securely and encrypted

Cached data is deleted after 24 hours or when no longer needed

You can revoke access at any time from your Google account

When you delete your Cyberix account, all associated data is permanently deleted within 30 days

Full User Control and Right to Deletion

You maintain complete control over your Google data at all times. You can request complete deletion of your information whenever you wish:

You can revoke Google permissions at any time from https://myaccount.google.com/permissions

You can request a complete copy of all data we store by emailing [email protected]

You can request COMPLETE DELETION of your data at any time without needing to provide justification

We comply with all deletion requests within a maximum of 15 business days, at no cost

Compliance with Google's Limited Use Policy