Legal document

Privacy Policy

Last updated: May 2, 2026

1. Introduction

SuiteHub operates the website suitehub.net and the SuiteHub platform. SuiteHub is distributed in Panama by PROOQ S.A., a Panamanian company headquartered at Vía Argentina, Bella Vista, Panama City, acting as the local data controller in Panamanian territory. This policy describes how we collect, use and protect your personal data and that of your customers.

We comply with Panama Law 81 of 2019 on Personal Data Protection and apply international best practices (GDPR-aligned) when working with data subjects in other jurisdictions.

2. Data we collect

We collect different categories of data depending on your interaction with us:

  • Commercial contact data: name, company, email, phone when you reach out via form, WhatsApp or email requesting information.
  • SuiteHub customer data: information about your business (RUC, address, branches), authorized users, e-invoicing configuration (Digifact/HKA/Factura Fácil), templates and reports you generate.
  • Operational data: invoices, quotes, customers, products, transactions you record on the platform. This data is your property; we are custodians.
  • Technical data: IP address, browser, operating system, visit times, audit logs inside SuiteHub.
  • Necessary cookies: user session, CSRF, language preferences. We don't use third-party advertising cookies.

3. How we use your data

  • Provide the SuiteHub service you contracted (operations, support, billing).
  • Comply with Panamanian tax and regulatory obligations (DGI, accounting).
  • Communicate with you about commercial matters, technical support and system notices (maintenance, contractual changes).
  • Improve the platform by analyzing aggregate usage patterns (without identifying individual users).
  • Comply with legal requirements: we respond to court orders, DGI requirements or requests from the National Authority for Transparency and Access to Information when required by law.

We do not sell your data. We don't share it with advertisers or third parties for commercial purposes unrelated to providing the service.

4. Whom we share data with

We share data only with the following third parties, and only what is strictly necessary:

  • DGI-certified PAC (Digifact, The Factory HKA or Factura Fácil): to issue electronic invoices. You choose which PAC to work with and sign their own contract directly.
  • Hostinger (infrastructure provider): where your database physically resides. Hostinger is GDPR-compliant and certifies data center security.
  • Meta Business (WhatsApp Business API): only when you enable the WhatsApp integration and under your own control of approved templates.
  • Panamanian authorities: only under court order or formal DGI request related to tax compliance.

5. Your rights (Law 81)

As a personal data subject you have the right to:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: correct inaccurate or incomplete data.
  • Cancellation: request deletion of your data when no longer needed.
  • Opposition: object to processing for commercial purposes.
  • Portability: receive your data in a structured format (JSON, CSV) to take it elsewhere.

To exercise any of these rights, write to info@suitehub.net. We respond within a maximum of 15 business days.

6. Security

  • HTTPS/TLS 1.3 encrypted connection on all traffic.
  • Passwords stored with bcrypt hashing (never plain text).
  • Daily encrypted backups, minimum 30-day retention.
  • Per-customer isolation: each client has its own database, with no risk of mixing with others.
  • Internal access auditing (audit_log) with IP, user, action and timestamp.

7. Data retention

We keep your data while you have an active SuiteHub contract and for an additional 5 years after termination, per the Panamanian Tax Code. After that period, we anonymize or definitively delete it. Data required by DGI for e-invoicing (XML, CUFE) is retained per current regulation (minimum 5 years).

8. Changes to this policy

If we update this policy, we'll notify you by email at the registered contact address with at least 30 days of advance notice. The last-updated date is always shown at the top.

9. Privacy officer contact

For questions, complaints or to exercise your rights:

Vía Argentina, Bella Vista, Panama City