MORE INFO ABOUT

Privacy and Security Policies

La versión en español disponible aquí

Last updated: April 2026

Stratio Big Data Inc. is a company based in:

TThe United States of America, 3500 South Dupont Highway, Dover, County of Kent, Delaware 19901, under registered number 5783383 and Taxpayer Identification Number 47-4562766.
STRATIO BIG DATA INC., SUCURSAL EN ESPAÑA, with offices in Madrid, Pozuelo de Alarcón in Vía de las Dos Castillas 33, Edificio Ática 4, Planta 0 and corporate tax code W4007784-D.
STRATIO BIG DATA COLOMBIA SAS with physical address CR 14 149-67 and identification number NIT 901.044.060-1.
(hereinafter referred to as “Stratio”, “us” and “we”).

Privacy Policy

This Privacy Policy describes what data we collect and what we do with it. It covers our website, our domain, and the use of our services only.

Information you give us

We collect information when you share it with us, for instance by filling out a contact form on our website or by hiring our services. In these cases, you may be asked to provide personal information like your name, email address, telephone number, date of birth, gender or occupation.

Information we get from your use of our services

This information includes:

Cookies Information: When you interact with our website or our domain, we may send one or more cookies – a small text file containing a string of alphanumeric characters – to your computer, smartphone or other device, that uniquely identifies your browser. Read our Cookies Policy below for more information.
Log File Information: When you interact with our website, our domain or use one of our services, our servers automatically record certain information that your web browser sends whenever you visit any website. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, browser language, referring/exit pages and URLs, platform type, number of clicks, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the date and time of your request, and one or more cookies that may uniquely identify your browser.

Information third party services get from our website

Our website and domain use services like Google Analytics and others. These third parties can also use cookies and/or web beacons on our website and online services.

The information gathered by these instruments regarding your use of our website (including your IP Address) and services can be transferred to servers of those third parties and stored on those servers. These parties use this information to analyze your use of our website and services, to create reports on website activity for website owners and to offer other services regarding website activity and internet use. These third parties may disclose this information to others if they are legally obliged to do so or if other parties process this information on behalf of the third parties.

How we use personal data

We may use your information for any of the following purposes:

To reply/contact you. The legal basis for this processing is your consent. We will store your data for 5 years after the communication with you.

To manage contractual or business relationships with you. The legal basis for this processing is the need to perform a contract. We will store your data for 5 years upon the termination of the contract.

To inform you about our services, such as letting you know about upcoming changes or improvements and to monitor the effectiveness of our marketing campaigns. The legal basis for this processing is your consent or a legitimate interest. We will store your data until you retire your consent or you oppose to the processing.

To monitor aggregate metrics such as total number of visitors, pages viewed, etc. and to analyze the traffic to our websites, apps and services. The legal basis for this processing is your consent.

To post your comments in our blog. The legal basis for this processing is your consent, which you give when you post a comment. In addition, if you tick the appropriate box, we may also publish your name next to your comment. If you do not give your consent, your name will not be visible to third parties. We will store your data until you retire your consent or you oppose to the processing.

We may process professional contact details obtained from professional or public sources for the purpose of establishing and developing commercial relationships in the B2B (business-to-business) sphere. The legal basis for this is Stratio’s legitimate interest. The data will be kept for as long as there is active commercial interest or until the data subject objects.

Sharing/disclosing personal data

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. This does not include trusted third parties who assist us in operating our services, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. STRATIO relies on the services of the rest of the Group companies who provide services as Treatment Managers.

We may also release your information if we believe it is reasonably necessary to comply with law enforcement, government officials, or other third parties in the event of a subpoena, court order or similar legal procedure, as long as the transfer is authorized by law, or to protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Data processed on behalf of our clients

We are considered Data Processors when we carry out operations for our clients that justify the access to personal information under its responsibility. As Data Processors, we agree to the following:

We shall only process the personal data to which we have access in accordance with our Client’s instructions and shall always treat personal data as confidential information.

We shall only access and process the personal data for the purpose of providing the service as covered in our agreement with the client.

We shall not reveal or transfer the personal data to any third parties, except to a subcontractor processor if we reasonably consider such access and processing necessary to the performance of the Services. In the event of such access, we shall ensure that an agreement the subcontractor is in place to regulate the services contracted and guarantee the proper use of the data.

We are committed to protecting our clients’ data and use commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of their personal information, having regard to the state of the art, the nature of the data stored and the rishich they are exposed, whether these may be derived from human actions or the physical or natural environment.

Once our contractual relation is finished, we shall return all personal information to our client and/or delete it in accordance with our own procedures and to Data Protection Laws.

Third-party links.

Occasionally, at our discretion, we may link to or offer third-party products or services on our Website. These third-party websites have separate and independent privacy policies. We therefore have no responsibility over or liability for their content and activities. Nonetheless, we seek to protect the integrity of our website and services and welcome any feedback on these sites.

Exercising individual rights

The data protection regulations guarantee users the fundamental rights such as:

Access: Allows the user to know what information is held, where it has been obtained, to whom it has been provided and with what uses it has been treated.
Rectification: Allows the user to rectify any erroneous or outdated data.
Erasure: Allows the user to stop processing his or her data.
Objection: Allows the user to stop using his data for a specific purpose.
Limitation: Allows the user to restrict the processing of his or her data, but in such a way that they are kept for a later purpose.
Portability: Allows the user to obtain a copy of his/her data in electronic format and, in certain circumstances, request it to be communicated to another service provider. It is only applicable for computerized processing carried out with the User’s consent or for the fulfilment of a contract.

These rights require the possibility of identifying the user requesting them and linking his or her identity to the data processed by us.

However, we may not establish this link to any of the data it processes for the sole purpose of accessing the website, unless user is able to provide certain identifying documentation (e.g., a certificate from its Internet Service Provider indicating the IP address assigned to the user at a specific date and time).

To exercise the above mentioned rights, you can contact us through:

If you are a USA citizen, write to the Data Protection Officer (privacy@stratio.com), or send us a letter by post to Stratio Big Data, Inc., 3500 South Dupont Highway, Dover, County of Kent, Delaware 19901, USA.
If you are an EU citizen, write to the Data Protection Officer (privacy@stratio.com) or please post a letter to STRATIO BIG DATA INC., SUCURSAL EN ESPAÑA, with offices in Madrid, Pozuelo de Alarcón in Vía de las Dos Castillas 33, Edificio Ática 4, 3º Planta.
If you are a citizen of Colombia, write to the data protection officer (privacy_colombia@stratio.com) or send a letter to STRATIO BIG DATA COLOMBIA SAS, CL 145 17 75 OF 401.

You also have the right to withdraw your consent for all the processing carried out based on that legal basis.

If you consider that your right to personal data protection has been violated, you may file a complaint with the competent supervisory authority of your country.

Security measures

We have adopted the necessary technical and organizational measures to ensure the security of all personal data and avoid its alteration, loss, or unauthorized access, having regard to the state of the art, the nature of the data stored and the risks to which they are exposed, whether these be derived from human actions or the physical or natural environment. However, you should be aware that Internet security measures are not impregnable.

Commitment to your privacy

At Stratio, we value your privacy. We manage your personal data in accordance with the California Online Privacy Protection Act, and the European General Data Protection Regulation (679/2016) and the Personal Data Protection Law of Colombia (1581 of 2012), and will therefore not distribute your personal information to outside parties without your consent.

In compliance with the Colombian Data Protection Law, STRATIO has a General data processing policy.

Collection of Data from children

Our website, products and services are all directed to people of legal age.

Your Commitment

By using our website and services, you consent to our privacy policy and you guarantee:
That you are of legal age.
That all information you provide is accurate and truthful.
That you undertake to store the passwords and identification codes and, in case you lose them, to report it to us in the shortest time. While there is no such communication, we are relieved of responsibility for any misuse by unauthorized third parties.

Cookie Policy

Security Policy

Stratio, as a company in the technology sector and landmark in Big Data and Artificial Intelligence, ratifies its commitment to ensure the security of information in all its business processes. This Document is a framework for this commitment, which is of application in all phases of the information life cycle: generation, distribution, storage, processing, transport, consultation and destruction, as well as to the information systems that support them.

Stratio adopts security controls to preserve, in each moment, the five basic dimensions of information security:

Confidentiality: Guarantee that data and systems are only accessed by duly authorized persons.
Integrity: Guarantee the accuracy of the information and systems against alteration, loss or destruction, whether accidentally or fraudulently.
Availability: Guarantee that the information and systems can be used in the manner and time required.
Traceability: Guarantee that the actions of an entity can be attributed exclusively to that entity.
Authenticity: Guarantee that an entity is who it claims to be, or that it guarantees the source from which the data comes.

The basic principles that govern this policy are the following:

Provide the material, economic and human resources necessary to carry out tasks related to Security.
Define the information and the systems that support the strategic assets of the company, expressing the determination to achieve the levels of security and risks necessary to profitably certify its protection, guaranteeing security and controlled access to information, and thus improve the quality of services offered by the company to its customers.
Implement the appropriate controls to ensure the secure treatment of information in operations and the appropriate security measures in the networks through which the information is transmitted.
On the part of the organization’s personnel, with the appropriate aspects of awareness so that the Information Security Policy has the maximum diffusion within the organization, developing short, medium and long-term goals and incorporating techniques specific motivation and training.
The Information Security Policy is the main tool to guarantee Information Security and the objectives of the system. Furthermore, regulations, standards, procedures, attributions of each person in charge will be defined, together with the conflict resolution mechanisms with a specific scope within the Management System.
Establish the appropriate security requirements in contractual relationships with suppliers and collaborators. Security incidents will be managed quickly, effectively and appropriately to minimize their impact.
Compliance with legal requirements, contractual regulations and any other requirement related to information security and that is applicable to Stratio shall be mandatory.
Observe the commitment and promotion of the continuous improvement of the Information Security management system.