At AEGRIX, information security, digital asset protection, data confidentiality, and responsible management of technological risks are fundamental principles in our service delivery.
This Security Policy describes the general guidelines AEGRIX adopts to protect its website, digital channels, and information received from users and clients in relation to our software engineering, cybersecurity, AI, and consulting services.
This policy should be read alongside AEGRIX's Privacy Policy, Cookies Policy, and Terms and Conditions.
This policy applies to https://aegrix.com.co, official digital channels, contact forms, commercial communications, and all digital interactions related to AEGRIX.
AEGRIX guides its security management under the principles of Confidentiality, Integrity, Availability, Least Privilege, Necessity and Proportionality, Shared Responsibility, and Continuous Improvement.
AEGRIX implements reasonable measures to protect its website from common risks like unauthorized access, form abuse, and malicious traffic. These include access controls, secure development practices, and regular updates.
Security services are executed according to the contracted scope. Clients acknowledge that no service can guarantee absolute protection or total risk elimination.
Users are responsible for providing truthful information, protecting their credentials, and timely implementing AEGRIX's security recommendations.
Unauthorized access attempts, penetration testing without written consent, malware delivery, and unauthorized scraping are strictly prohibited.
When client access is required, it is handled under confidentiality and least privilege. Clients must revoke access once the service is complete.
Technical and commercial information is treated as confidential and will not be disclosed without authorization except by legal requirement.
Personal information is treated according to our Privacy Policy and applicable Colombian regulations (Law 1581 of 2012).
Software projects apply secure development practices including environment separation, input validation, and secure dependency management.
Security and minimization criteria are applied to AI services. Clients must validate AI-generated results before critical use.
AEGRIX uses reliable external providers but is not responsible for incidents exclusively attributable to these third parties.
Relevant incidents will be managed based on impact and legal duties. Suspected incidents should be reported to contacto@aegrix.com.co.
Ethical reporting is valued. Vulnerability exploitation and access to third-party data are not authorized during reporting.
Unless backup services are explicitly contracted, clients are responsible for maintaining updated copies of their critical information.
AEGRIX strives for channel availability, though it may be affected by maintenance or external provider failures.
Reasonable measures are implemented, but AEGRIX is not responsible for sophisticated attacks, third-party failures, or user negligence.
AEGRIX will cooperate with competent authorities when a legal obligation or formal requirement exists.
This policy may be updated at any time by publishing it on the website.
Email: contacto@aegrix.com.co
Website: https://aegrix.com.co
Confianza y Seguridad
Si tienes alguna duda sobre nuestros documentos legales, puedes contactarnos en info@aegrix.com.co.