top of page

At AlphaQuartz, we view cybersecurity as a strategic pillar: all our practices comply with Law 18.331 on Personal Data Protection and the recent National Cybersecurity Strategy 2024-2030 and its Decree 66/025, which extends Agesic's Cybersecurity Framework to the private sector. Furthermore, we adopt the extraterritorial requirements of Regulation (EU) 2016/679 (GDPR) and the NIS2 Directive (2022/2555) to provide equivalent guarantees to our European and international clients. ( IMPO , Government of Uruguay , EY , EUR-Lex , EUR-Lex )

Our program integrates technical and organizational controls based on ISO/IEC 27001:2022—risk management, defense in depth, encryption, continuous monitoring, and incident reporting within 72 hours—along with ongoing training and independent audits. This promotes the confidentiality, integrity, and availability of information, ensuring regulatory compliance, operational resilience, and sustained trust for our users and partners. ( iso.org )

Cybersecurity policies

Objective and scope

The Management of Alpha Quartz recognizes that information security is a priority objective that must be driven and supported by all members of the organization. To this end, Alpha Quartz is committed to developing, implementing, maintaining, and continually improving an Information Security Management System.

Information Security is characterized as the preservation of:

  • Confidentiality, ensuring that only those authorized can access the information.

  • Integrity, ensuring that information and its processing methods are accurate and complete.

  • Availability, ensuring that authorized users have access to the information when required.

The Management of Alpha Quartz has defined and allocated all necessary resources to correctly and timely manage Information Security within the organization. Policies, procedures, and controls have been implemented to help achieve the established Information Security objectives based on the ISO/IEC 27001:2022 specification.

 

Responsibilities

 

  • The Security Manager is responsible for the drafting, updating, publishing, and ensuring compliance with this policy.

  • Management is responsible for the approval of this policy.

  • This Information Security Policy must be known and complied with by all Alpha Quartz personnel, regardless of their position or contractual status.

 

Description

 

It is Alpha Quartz’s policy to:

  • Define the Information Security Policy considering relevant corporate requirements. Define the company's annual Information Security Management System objectives (Strategic Objectives) and Operational Objectives.

  • Review the Information Security Management System annually in accordance with the Management Review Procedure.

  • Formalize a Risk Analysis methodology to identify and manage information security risks.

  • Define the acceptable Risk level for the Information Security Management System. Implement all necessary controls to mitigate risks and achieve a residual risk lower than the maximum acceptable level.

  • Establish an Asset Identification and Valuation Procedure, as well as an asset inventory designating their owners. All Alpha Quartz employees must comply with the Acceptable Use Policy for assets, as well as the information classification, labeling, and handling procedures.

  • Comply with service, legal, or regulatory requirements and contractual security obligations.

  • Establish an annual training plan to maintain the competencies of all employees. Establish that all personnel are responsible for reporting confirmed or suspected security breaches in accordance with the corresponding procedures.

  • Establish the necessary means to guarantee the continuity of Alpha Quartz’s operations.

  • Communicate internally and to the general public the importance of effective information security management and compliance with the Information Security Management System requirements.

  • Promote continuous improvement to meet the objectives established in relation to information security management.

 

Advanced Cybersecurity Implementation – Alpha Quartz

 

At Alpha Quartz, we implement cybersecurity solutions with the highest international standards, integrating state-of-the-art strategies to protect our clients' digital assets. Our approach combines artificial intelligence, advanced encryption protocols, and continuous monitoring to anticipate, detect, and neutralize threats in real-time.

We apply ISO/IEC 27001 regulations and NIST cybersecurity frameworks, ensuring comprehensive management of technological risk. Every solution is customized, scalable, and designed to integrate effectively with existing systems, guaranteeing both operational continuity and information integrity.

Trust, professionalism, and technical excellence are pillars in every implementation. With Alpha Quartz, your organization moves securely toward the digital future.

References

ISO/IEC 27001:2022 – Chapter 5.2 Politics.July 1, 2025

Declaration of partial compliance with the standard due to external content [add only if applicable]

The accessibility of certain pages on the site depends on content that is not owned by the organization, but rather by [insert name of relevant third party] . The following pages are affected by this: [list page URLs] . Therefore, we declare partial compliance with the standard for these pages.

Accessibility measures in the organization [add only if applicable]

[Enter a description of the accessibility arrangements at the physical offices or branches of your organization or business. The description may include all current accessibility arrangements, from the beginning of the service (e.g., parking or public transportation stations) to the end (e.g., the service counter, restaurant table, classroom, etc.). You must also specify any additional accessibility arrangements, such as services for people with disabilities and their location, and any accessibility accessories (e.g., in audio inductions and elevators) available for use.]

Requests, problems and suggestions

Cybersecurity requests, issues, and suggestions

At Alpha Quartz, we value the collaboration of our users and partners to maintain a safe and reliable digital ecosystem. If you need:

  1. To request information about our protection measures, encryption schemes, risk assessments, or compliance certificates, please write to us at info@alphaquartz.net , including your name, organization, and the details of your request.

  2. Report vulnerabilities or incidents on alphaquartz.net or any of our plans (ENTREPRENEUR, IMPULSE, EVOLUTION, QUANTUM, ODO):

    • Describe the activity or discovery step by step.

    • Includes technical evidence (captures, logs, PoC), without exposing third-party personal data.

    • Do not attempt to exploit the vulnerability beyond what is strictly necessary for testing.

    • Send your report to incident@alphaquartz.net or use the secure form available at /security-report.

    We promise to confirm receipt within 24 hours and deliver an initial analysis within three business days. During the remediation process, we may request additional information, and we will keep you informed until closure.

  3. Suggest improvements or best practices for our products and services: Share your recommendations at info@alphaquartz.net . All suggestions are reviewed biweekly and, if relevant, are incorporated into our ongoing update plan.

Our process follows the responsible disclosure guidelines established by ISO/IEC 29147 and the Uruguayan legal framework (Law 18.331 and Decree 66/025), and also complies with GDPR and NIS2 for international clients. Your collaboration strengthens the security of the entire community.

bottom of page