Privacy Policy

RET GAS 90902

Version 2.0 · Last updated: May 21, 2026

Back to home

This Privacy Policy describes how Beaver Soluciones Digitales S.A.S. collects, uses, shares and protects personal data when accessing and using RET GAS 90902 in SaaS mode, in compliance with Colombian Law 1581 of 2012, Decree 1377 of 2013 and related regulations.

1Data Controller & DPO

Legal NameBeaver Soluciones Digitales S.A.S.
Tax ID (NIT)901.519.381-9
AddressCalle 70 No. 58-133 Office 725, Itagüí, Antioquia, Colombia
Email (privacy)beaversolucionesdigitales@gmail.com
Data Protection Officer (DPO)Cristian David Chacón Mariano (ID 1.110.523.037 of Ibagué-Tolima)
CapacityAuthorized distributor of RET GAS 90902 (DNDA Book 13, Volume 82, Entry 214)

2Infrastructure & Sub-Processors

The Service operates on the following cloud infrastructure, subject to data processing agreements (DPA) with each provider:

ProviderServiceRegion
Amazon Web Services (AWS)Hosting, storage (S3), databases (RDS, DynamoDB)United States (us-east-1, us-east-2)
Google / FirebaseAuthentication, push notifications, mobile operationUnited States (us-central1)
StripePayment processingUnited States, Ireland

3Data We Collect

Account data (B2B)

  • • Name, role and corporate email
  • • Phone (if provided)
  • • Company info, tax ID, city, billing data

Inspection data

  • • Dates, locations, findings
  • • Photographic evidence and documents
  • • Signatures and certifications

Location and device data

  • • GPS for routes/tracking (when authorized)
  • • IP, device type, OS

Support and security data

  • • Messages and files sent to support
  • • Activity logs and audit

4Processing Purposes

  1. Provide and operate the Service (accounts, authentication, features).
  2. Manage subscriptions, billing and payments (including DIAN electronic invoicing).
  3. Provide technical support and customer service.
  4. Maintain security, prevent fraud and audit.
  5. Improve the Service (analytics, metrics, bug fixing).
  6. Comply with legal obligations and authority requirements.
  7. Send operational and security communications.
  8. Send commercial communications only with prior authorization.

5B2B Relationship (Roles)

Beaver as Controller

Beaver is responsible for the data needed to operate the Customer's account, billing, support and security of the Service.

Beaver as Processor

When the Customer uploads personal data of employees, contractors or third parties (e.g., inspection data), the Customer acts as Controller and Beaver as Processor. Specific conditions are governed by the applicable Data Processing Agreement (DPA).

6International Transfers

Since part of the Service infrastructure is hosted in the United States (AWS, Firebase) and Ireland (Stripe), there is international transfer of personal data under Article 26 of Colombian Law 1581 of 2012 and current doctrine of the Superintendence of Industry and Commerce (SIC).

Safeguards in place:

  • Standard data protection clauses (DPA) with AWS, Stripe and Firebase.
  • Encryption in transit (TLS 1.2+) and at rest (AES-256).
  • Restricted and traceable access through identity and audit controls.
  • Commitment from providers not to transfer data to third parties without legal basis.

By accepting this Privacy Policy and the Terms and Conditions, the Customer expressly authorizes the international transfer of their personal data and that of their Authorized Users for the purposes described.

7Cookies & Similar Technologies

Beaver uses strictly necessary, functional and analytical cookies. Non-essential cookies require explicit user consent, given through the cookie banner on the first visit and reconfigurable at any time.

Full details in our Cookies Policy.

8Legal Basis for Processing

  • Performance of a contract (providing the SaaS Service to the Customer).
  • Compliance with legal obligations (DIAN, withholdings, authority requirements).
  • Legitimate interest (security, fraud prevention, Service improvement).
  • Consent/authorization where required (non-essential cookies, marketing).

9Data Subject Rights

  • ✓ Access and request a copy of personal data
  • ✓ Update and correct inaccurate or incomplete data
  • ✓ Request deletion/erasure where applicable
  • ✓ Withdraw authorization/consent where applicable
  • ✓ File complaints with the Superintendence of Industry and Commerce (SIC)

To exercise any right, write to beaversolucionesdigitales@gmail.com. If the request concerns data where Beaver acts as Processor, Beaver may forward it to the Customer Controller.

10Retention & Deletion

Account and operational data are retained during the contract term and for the time needed to comply with legal obligations. Upon termination:

  • 30 calendar days for the Customer to export their Content.
  • 90 calendar days for definitive deletion from active systems.
  • Backups: up to 180 additional days for security and recovery purposes.
  • Legally mandatory records (billing, audit) are kept for the periods required by law.

11Security & Minors

Beaver implements reasonable administrative, technical and organizational measures (encryption, access control, audit logs, backups) to protect data. No system is 100% secure; the Customer is also responsible for good practices (passwords, control over Authorized Users). The Service is oriented to business use and not designed for minors without authorization under applicable law.

12Changes to This Policy

Beaver may update this policy to reflect legal, technical or operational changes. When changes are material, they will be communicated through reasonable means (within the Service or via email to the account administrator).

Privacy questions?

Contact the Data Protection Officer

beaversolucionesdigitales@gmail.com