From 6386ed97a8efd0a171a4667017710fc8641ae12e Mon Sep 17 00:00:00 2001 From: jesusalbujas Date: Sun, 20 Jul 2025 21:31:02 -0400 Subject: [PATCH] docs(erpplus): split security policies and terms of service into Spanish and English files, remove original bilingual files --- .../services/erpplus/security-policies-en.md | 124 ++++++++++++ ...ty-policies.md => security-policies-es.md} | 117 +---------- .../services/erpplus/terms-of-service-en.md | 181 ++++++++++++++++++ ...s-of-service.md => terms-of-service-es.md} | 174 +---------------- 4 files changed, 307 insertions(+), 289 deletions(-) create mode 100644 src/about/services/erpplus/security-policies-en.md rename src/about/services/erpplus/{security-policies.md => security-policies-es.md} (53%) create mode 100644 src/about/services/erpplus/terms-of-service-en.md rename src/about/services/erpplus/{terms-of-service.md => terms-of-service-es.md} (53%) diff --git a/src/about/services/erpplus/security-policies-en.md b/src/about/services/erpplus/security-policies-en.md new file mode 100644 index 00000000000..9770851f5de --- /dev/null +++ b/src/about/services/erpplus/security-policies-en.md @@ -0,0 +1,124 @@ +--- +title: Security Policies - ERP+ Mobile App +category: Producto +star: 9 +sticky: 9 +tag: + - Servicios + - Producto + - Seguridad + - ERP+ + +article: false +--- + +# Security Policies - ERP+ Mobile App + +--- + +## 1. Authentication and Authorization Policy + +### 1.1 Access Control +- Only authorized users with specific permissions can access time tracking features +- Permissions are validated in real-time against ADempiere server +- Differentiated access according to roles: Administrator, Supervisor, Operator + +--- + +## 2. Biometric Data Protection + +### 2.1 Fingerprint Storage +- Fingerprints are stored only on the time tracking device +- Fingerprints are not transmitted or stored on the server +- Only unique identifiers and verification results are transmitted +- Biometric data is locally encrypted on the device + +### 2.2 Data Transmission +- All communications between mobile app and server use HTTPS/TLS 1.3 +- Sensitive data is encrypted in transit using AES-256 algorithms +- Valid and updated SSL certificates in all communications + +--- + +## 3. Command and Operations Management + +### 3.1 Authorized Commands +- **Send Employee**: Only users with administration permissions +- **Read Fingerprints**: Read-only operation, no data modification +- **Delete Employees**: Requires confirmation and audit logging +- **Clear Records**: System administrators only + +### 3.2 Audit Logging +- All operations are logged with timestamp and user +- Audit logs are stored for a minimum of 2 years +- Log access restricted to system administrators + +--- + +## 4. Employee Information Protection + +### 4.1 Personal Data +- Compliance with personal data protection laws +- Employee information accessible only to authorized personnel +- Employee contracts protected with additional encryption +- Access to personal information limited by need-to-know basis + +### 4.2 Local Storage +- Sensitive data is not permanently stored on the device +- Temporary cache is automatically cleared when closing session +- Employee information is downloaded on-demand + +--- + +## 5. Device Security + +### 5.1 Device Requirements +- Updated operating system (Android 8.0+ / iOS 12+) +- Application installed from official stores only +- Device not rooted/jailbroken +- Active antivirus recommended + +### 5.2 Application Protection +- Obfuscated code to prevent reverse engineering +- Detection of compromised devices +- Automatic lockout after multiple failed access attempts +- Remote wipe capability in case of device loss + +--- + +## 6. Monitoring and Incident Response + +### 6.1 Continuous Monitoring +- 24/7 monitoring of access and operations +- Automatic alerts for suspicious activities +- Usage pattern analysis to detect anomalies + +### 6.2 Incident Response +- Immediate response protocol for security incidents +- Notification to affected users in case of data breach +- Recovery and service restoration procedures +- Post-incident analysis and security measure improvement + +--- + +## 7. Legal Compliance + +### 7.1 Applicable Regulations +- Compliance with local data protection laws +- Information security regulations +- Industry standards for enterprise mobile applications + +### 7.2 Certifications +- Regular security audits +- Industry compliance certifications +- Periodic vulnerability assessments + +--- + +## 8. Security Contact + +To report security incidents or queries related to ERP+ application security: + +**Email**: info@erpya.com +**Phone**: +58 414-5697183 +**Hours**: Monday to Friday 08:00 - 17:00 (GMT-4) \ No newline at end of file diff --git a/src/about/services/erpplus/security-policies.md b/src/about/services/erpplus/security-policies-es.md similarity index 53% rename from src/about/services/erpplus/security-policies.md rename to src/about/services/erpplus/security-policies-es.md index 6c2b1bf3703..ae59e331344 100644 --- a/src/about/services/erpplus/security-policies.md +++ b/src/about/services/erpplus/security-policies-es.md @@ -14,8 +14,6 @@ article: false # Políticas de Seguridad - ERP+ Mobile App -## Security Policies - ERP+ Mobile App - --- ## 1. Política de Autenticación y Autorización @@ -123,117 +121,4 @@ Para reportar incidentes de seguridad o consultas relacionadas con la seguridad **Email**: info@erpya.com **Teléfono**: +58 414-5697183 -**Horario**: Lunes a Viernes 08:00 - 17:00 (GMT-4) - ---- - ---- - -# Security Policies - ERP+ Mobile App - -## 1. Authentication and Authorization Policy - -### 1.1 Access Control -- Only authorized users with specific permissions can access time tracking features -- Permissions are validated in real-time against ADempiere server -- Differentiated access according to roles: Administrator, Supervisor, Operator - ---- - -## 2. Biometric Data Protection - -### 2.1 Fingerprint Storage -- Fingerprints are stored only on the time tracking device -- Fingerprints are not transmitted or stored on the server -- Only unique identifiers and verification results are transmitted -- Biometric data is locally encrypted on the device - -### 2.2 Data Transmission -- All communications between mobile app and server use HTTPS/TLS 1.3 -- Sensitive data is encrypted in transit using AES-256 algorithms -- Valid and updated SSL certificates in all communications - ---- - -## 3. Command and Operations Management - -### 3.1 Authorized Commands -- **Send Employee**: Only users with administration permissions -- **Read Fingerprints**: Read-only operation, no data modification -- **Delete Employees**: Requires confirmation and audit logging -- **Clear Records**: System administrators only - -### 3.2 Audit Logging -- All operations are logged with timestamp and user -- Audit logs are stored for a minimum of 2 years -- Log access restricted to system administrators - ---- - -## 4. Employee Information Protection - -### 4.1 Personal Data -- Compliance with personal data protection laws -- Employee information accessible only to authorized personnel -- Employee contracts protected with additional encryption -- Access to personal information limited by need-to-know basis - -### 4.2 Local Storage -- Sensitive data is not permanently stored on the device -- Temporary cache is automatically cleared when closing session -- Employee information is downloaded on-demand - ---- - -## 5. Device Security - -### 5.1 Device Requirements -- Updated operating system (Android 8.0+ / iOS 12+) -- Application installed from official stores only -- Device not rooted/jailbroken -- Active antivirus recommended - -### 5.2 Application Protection -- Obfuscated code to prevent reverse engineering -- Detection of compromised devices -- Automatic lockout after multiple failed access attempts -- Remote wipe capability in case of device loss - ---- - -## 6. Monitoring and Incident Response - -### 6.1 Continuous Monitoring -- 24/7 monitoring of access and operations -- Automatic alerts for suspicious activities -- Usage pattern analysis to detect anomalies - -### 6.2 Incident Response -- Immediate response protocol for security incidents -- Notification to affected users in case of data breach -- Recovery and service restoration procedures -- Post-incident analysis and security measure improvement - ---- - -## 7. Legal Compliance - -### 7.1 Applicable Regulations -- Compliance with local data protection laws -- Information security regulations -- Industry standards for enterprise mobile applications - -### 7.2 Certifications -- Regular security audits -- Industry compliance certifications -- Periodic vulnerability assessments - ---- - -## 8. Security Contact - -To report security incidents or queries related to ERP+ application security: - -**Email**: info@erpya.com -**Phone**: +58 414-5697183 -**Hours**: Monday to Friday 08:00 - 17:00 (GMT-4) \ No newline at end of file +**Horario**: Lunes a Viernes 08:00 - 17:00 (GMT-4) \ No newline at end of file diff --git a/src/about/services/erpplus/terms-of-service-en.md b/src/about/services/erpplus/terms-of-service-en.md new file mode 100644 index 00000000000..0214511ed8c --- /dev/null +++ b/src/about/services/erpplus/terms-of-service-en.md @@ -0,0 +1,181 @@ +--- +title: Terms of Service - ERP+ Mobile App +category: Producto +star: 9 +sticky: 9 +tag: + - Servicios + - Producto + - Términos + - ERP+ + +article: false +--- + +# Terms of Service - ERP+ Mobile App + +--- + +## 1. Acceptance of Terms + +### 1.1 Acceptance +By downloading, installing, or using the ERP+ mobile application ("the Application"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these terms, you should not use the Application. + +### 1.2 Modifications +ERP Consultores y Asociados, C.A ("ERPCYA") reserves the right to modify these Terms at any time. Modifications will take effect immediately after publication. Continued use of the Application after modifications constitutes acceptance of the new terms. + +--- + +## 2. Service Description + +### 2.1 Main Features +The ERP+ application is a mobile solution for fingerprint time tracking management that includes: +- Employee time tracking administration through fingerprints +- Sending commands to the time tracking device (send employee, read fingerprints, delete employees, clear records) +- Viewing employee contracts +- Access to detailed employee information +- Integration with existing ADempiere system + +### 2.2 System Requirements +- Compatible mobile device (Android 8.0+ / iOS 12+) +- Stable internet connection +- Valid ADempiere system credentials +- Connected compatible time tracking device + +--- + +## 3. Acceptable Use + +### 3.1 Authorized Use +- The Application must be used only for legitimate business purposes +- Only authorized personnel can access Application features +- User must maintain confidentiality of access credentials + +### 3.2 Prohibited Use +It is prohibited to: +- Use the Application for illegal or unauthorized activities +- Attempt to access other users' data without authorization +- Modify, decompile, or reverse engineer the Application +- Transmit viruses, malware, or harmful code +- Interfere with ADempiere system operation + +--- + +## 4. User Accounts + +### 4.1 Authentication +- The Application uses existing ADempiere system credentials +- User is responsible for maintaining credential security +- Each user must log out when finished using the Application + +### 4.2 User Responsibilities +- Immediately report any unauthorized account use +- Do not share credentials with third parties +- Keep contact information updated +- Comply with company security policies + +--- + +## 5. Privacy and Data Protection + +### 5.1 Data Collection +The Application may collect: +- Session and usage information +- Employee time tracking data +- Device information for diagnostics +- Audit logs of operations + +### 5.2 Data Use +Collected data is used for: +- Providing and improving the service +- Maintaining system security +- Complying with legal obligations +- Generating business usage reports + +### 5.3 Data Protection +- Implementation of technical and organizational security measures +- Compliance with applicable data protection laws +- Limited access to personal data based on need +- Data retention according to business policies + +--- + +## 6. Intellectual Property + +### 6.1 ERPCYA Rights +- The Application and its content are property of ERPCYA +- All intellectual property rights are reserved +- Software is protected by copyright laws + +### 6.2 Use License +ERPCYA grants a limited, non-exclusive, and revocable license to: +- Use the Application according to these Terms +- Access authorized features +- Use provided documentation + +--- + +## 7. Limitation of Liability + +### 7.1 Warranty Disclaimer +The Application is provided "as is" without warranties of any kind, including: +- Warranties of merchantability or fitness for a particular purpose +- Warranties that the Application will be error-free +- Warranties of continuous service availability + +### 7.2 Damage Limitation +ERPCYA will not be responsible for: +- Indirect, incidental, or consequential damages +- Data loss or service interruptions +- Damages resulting from incorrect Application use +- Third-party connectivity or device issues + +--- + +## 8. Service Availability + +### 8.1 Maintenance +- ERPCYA may perform scheduled maintenance with prior notice +- Service may be temporarily unavailable during updates +- Reasonable efforts will be made to minimize interruptions + +### 8.2 Interruptions +- ERPCYA does not guarantee continuous service availability +- Interruptions may occur for technical or maintenance reasons +- Notification of prolonged interruptions will be provided when possible + +--- + +## 9. Termination + +### 9.1 Termination by User +User may stop using the Application at any time by: +- Uninstalling the Application from the device +- Contacting ERPCYA to request account deactivation + +### 9.2 Termination by ERPCYA +ERPCYA may terminate or suspend access: +- For violation of these Terms +- For improper or fraudulent use +- For security or legal reasons +- With prior notice when possible + +--- + +## 10. Governing Law and Jurisdiction + +### 10.1 Governing Law +These Terms are governed by the laws of Venezuela. + +### 10.2 Jurisdiction +Any dispute will be resolved in the courts of Araure, Portuguesa State, Venezuela. + +--- + +## 11. Contact + +For inquiries about these Terms of Service: + +**Email**: info@erpya.com +**Phone**: +58-2556659451 +**Address**: Av. Municipalidad con Troncal 5 CC Buenaventura, Centro Empresarial Oficina M6, Araure, Estado Portuguesa, Venezuela \ No newline at end of file diff --git a/src/about/services/erpplus/terms-of-service.md b/src/about/services/erpplus/terms-of-service-es.md similarity index 53% rename from src/about/services/erpplus/terms-of-service.md rename to src/about/services/erpplus/terms-of-service-es.md index 63f3a5ce857..147183ec54d 100644 --- a/src/about/services/erpplus/terms-of-service.md +++ b/src/about/services/erpplus/terms-of-service-es.md @@ -14,8 +14,6 @@ article: false # Términos de Servicio - ERP+ Mobile App -## Terms of Service - ERP+ Mobile App - --- ## 1. Aceptación de los Términos @@ -180,174 +178,4 @@ Para consultas sobre estos Términos de Servicio: **Email**: info@erpya.com **Teléfono**: +58-2556659451 -**Dirección**: Av. Municipalidad con Troncal 5 CC Buenaventura, Centro Empresarial Oficina M6, Araure, Estado Portuguesa, Venezuela - ---- - ---- - -# Terms of Service - ERP+ Mobile App - -## 1. Acceptance of Terms - -### 1.1 Acceptance -By downloading, installing, or using the ERP+ mobile application ("the Application"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these terms, you should not use the Application. - -### 1.2 Modifications -ERP Consultores y Asociados, C.A ("ERPCYA") reserves the right to modify these Terms at any time. Modifications will take effect immediately after publication. Continued use of the Application after modifications constitutes acceptance of the new terms. - ---- - -## 2. Service Description - -### 2.1 Main Features -The ERP+ application is a mobile solution for fingerprint time tracking management that includes: -- Employee time tracking administration through fingerprints -- Sending commands to the time tracking device (send employee, read fingerprints, delete employees, clear records) -- Viewing employee contracts -- Access to detailed employee information -- Integration with existing ADempiere system - -### 2.2 System Requirements -- Compatible mobile device (Android 8.0+ / iOS 12+) -- Stable internet connection -- Valid ADempiere system credentials -- Connected compatible time tracking device - ---- - -## 3. Acceptable Use - -### 3.1 Authorized Use -- The Application must be used only for legitimate business purposes -- Only authorized personnel can access Application features -- User must maintain confidentiality of access credentials - -### 3.2 Prohibited Use -It is prohibited to: -- Use the Application for illegal or unauthorized activities -- Attempt to access other users' data without authorization -- Modify, decompile, or reverse engineer the Application -- Transmit viruses, malware, or harmful code -- Interfere with ADempiere system operation - ---- - -## 4. User Accounts - -### 4.1 Authentication -- The Application uses existing ADempiere system credentials -- User is responsible for maintaining credential security -- Each user must log out when finished using the Application - -### 4.2 User Responsibilities -- Immediately report any unauthorized account use -- Do not share credentials with third parties -- Keep contact information updated -- Comply with company security policies - ---- - -## 5. Privacy and Data Protection - -### 5.1 Data Collection -The Application may collect: -- Session and usage information -- Employee time tracking data -- Device information for diagnostics -- Audit logs of operations - -### 5.2 Data Use -Collected data is used for: -- Providing and improving the service -- Maintaining system security -- Complying with legal obligations -- Generating business usage reports - -### 5.3 Data Protection -- Implementation of technical and organizational security measures -- Compliance with applicable data protection laws -- Limited access to personal data based on need -- Data retention according to business policies - ---- - -## 6. Intellectual Property - -### 6.1 ERPCYA Rights -- The Application and its content are property of ERPCYA -- All intellectual property rights are reserved -- Software is protected by copyright laws - -### 6.2 Use License -ERPCYA grants a limited, non-exclusive, and revocable license to: -- Use the Application according to these Terms -- Access authorized features -- Use provided documentation - ---- - -## 7. Limitation of Liability - -### 7.1 Warranty Disclaimer -The Application is provided "as is" without warranties of any kind, including: -- Warranties of merchantability or fitness for a particular purpose -- Warranties that the Application will be error-free -- Warranties of continuous service availability - -### 7.2 Damage Limitation -ERPCYA will not be responsible for: -- Indirect, incidental, or consequential damages -- Data loss or service interruptions -- Damages resulting from incorrect Application use -- Third-party connectivity or device issues - ---- - -## 8. Service Availability - -### 8.1 Maintenance -- ERPCYA may perform scheduled maintenance with prior notice -- Service may be temporarily unavailable during updates -- Reasonable efforts will be made to minimize interruptions - -### 8.2 Interruptions -- ERPCYA does not guarantee continuous service availability -- Interruptions may occur for technical or maintenance reasons -- Notification of prolonged interruptions will be provided when possible - ---- - -## 9. Termination - -### 9.1 Termination by User -User may stop using the Application at any time by: -- Uninstalling the Application from the device -- Contacting ERPCYA to request account deactivation - -### 9.2 Termination by ERPCYA -ERPCYA may terminate or suspend access: -- For violation of these Terms -- For improper or fraudulent use -- For security or legal reasons -- With prior notice when possible - ---- - -## 10. Governing Law and Jurisdiction - -### 10.1 Governing Law -These Terms are governed by the laws of Venezuela. - -### 10.2 Jurisdiction -Any dispute will be resolved in the courts of Araure, Portuguesa State, Venezuela. - ---- - -## 11. Contact - -For inquiries about these Terms of Service: - -**Email**: info@erpya.com -**Phone**: +58-2556659451 -**Address**: Av. Municipalidad con Troncal 5 CC Buenaventura, Centro Empresarial Oficina M6, Araure, Estado Portuguesa, Venezuela \ No newline at end of file +**Dirección**: Av. Municipalidad con Troncal 5 CC Buenaventura, Centro Empresarial Oficina M6, Araure, Estado Portuguesa, Venezuela \ No newline at end of file