1. Introduction
SuiteHub operates the website suitehub.net and the SuiteHub platform. SuiteHub is a PROOQ LLC product (headquartered at Elmwood Park, Chicago IL, USA), with local operations in Panama through PROOQ S.A. (Vía Argentina, Bella Vista, Panama City), which acts as the local data controller in Panamanian territory. This policy describes how we collect, use and protect your personal data and that of your customers.
For residents in Panama we comply with Panama Law 81 of 2019 on Personal Data Protection. For residents in USA, Spain, Venezuela, and Colombia we apply best practices aligned with the applicable local regulations (GDPR / LOPDGDD for Spain, CCPA for California, etc.) according to the jurisdiction of the data subject.
For residents in Colombia, the processing of personal data is governed by Law 1581 of 2012 (General Personal Data Protection Regime / Habeas Data) and its implementing Decree 1377 of 2013, under the supervision of the Superintendency of Industry and Commerce (SIC). We honor the data subject's rights to access, update, rectify and delete their data, as well as to revoke the authorization granted. Where applicable, we will register our databases in the National Database Registry (RNBD).
2. Data we collect
We collect different categories of data depending on your interaction with us:
- Commercial contact data: name, company, email, phone when you reach out via form, WhatsApp or email requesting information.
- SuiteHub customer data: information about your business (RUC, address, branches), authorized users, e-invoicing configuration (Digifact/HKA/Factura Fácil/eFacturapty), templates and reports you generate.
- Operational data: invoices, quotes, customers, products, transactions you record on the platform. This data is your property; we are custodians.
- Technical data: IP address, browser, operating system, visit times, audit logs inside SuiteHub.
- Necessary cookies: user session, CSRF, language preferences. We don't use third-party advertising cookies.
3. How we use your data
- Provide the SuiteHub service you contracted (operations, support, billing).
- Comply with Panamanian tax and regulatory obligations (DGI, accounting).
- Communicate with you about commercial matters, technical support and system notices (maintenance, contractual changes).
- Improve the platform by analyzing aggregate usage patterns (without identifying individual users).
- Comply with legal requirements: we respond to court orders, DGI requirements or requests from the National Authority for Transparency and Access to Information when required by law.
We do not sell your data. We don't share it with advertisers or third parties for commercial purposes unrelated to providing the service.
4. Whom we share data with
We share data only with the following third parties, and only what is strictly necessary:
- DGI-certified PAC (Digifact, The Factory HKA, Factura Fácil or eFacturapty): to issue electronic invoices. You choose which PAC to work with and sign their own contract directly.
- Hostinger (infrastructure provider): where your database physically resides. Hostinger is GDPR-compliant and certifies data center security.
- Meta Business (WhatsApp Business API): only when you enable the WhatsApp integration and under your own control of approved templates.
- Panamanian authorities: only under court order or formal DGI request related to tax compliance.
5. Your rights (Law 81)
As a personal data subject you have the right to:
- Access: request a copy of the personal data we hold about you.
- Rectification: correct inaccurate or incomplete data.
- Cancellation: request deletion of your data when no longer needed.
- Opposition: object to processing for commercial purposes.
- Portability: receive your data in a structured format (JSON, CSV) to take it elsewhere.
To exercise any of these rights, write to info@suitehub.net. We respond within a maximum of 15 business days.
6. Security
- HTTPS/TLS 1.3 encrypted connection on all traffic.
- Passwords stored with bcrypt hashing (never plain text).
- Daily encrypted backups, minimum 30-day retention.
- Per-customer isolation: each client has its own database, with no risk of mixing with others.
- Internal access auditing (audit_log) with IP, user, action and timestamp.
7. Data retention
We keep your data while you have an active SuiteHub contract and for an additional 5 years after termination, per the Panamanian Tax Code. After that period, we anonymize or definitively delete it. Data required by DGI for e-invoicing (XML, CUFE) is retained per current regulation (minimum 5 years).
8. Changes to this policy
If we update this policy, we'll notify you by email at the registered contact address with at least 30 days of advance notice. The last-updated date is always shown at the top.
9. Privacy officer contact
For questions, complaints or to exercise your rights: