Policies

Pyramid Consulting's commitment to quality, information security, cybersecurity and personal data protection.

This is a courtesy translation. In case of any discrepancy, the Spanish version of these policies shall prevail as the legally binding text.

Quality Policy

At Pyramid Consulting we offer consulting services for projects and administration on Cloud and SAP technology platforms. We commit to helping our clients meet their requirements and needs in changing technology environments through skilled professionals and a strong customer service focus.

We work with continuous improvement and standards compliance to deliver exceptional results and build lasting relationships.

Quality Management System scope

Project management and administration services for technology platforms, technical and functional support for SAP All-In-One, SAP B1 and non-SAP workloads, both on-premise and in the cloud (multi-cloud).

Quality objectives

  • Attract and hire competent personnel.
  • Improve customer satisfaction.
  • Maintain and improve perceived satisfaction.
  • Increase profitability through operational efficiency.
  • Foster development in strategic areas.
  • Ensure trained personnel for projects.

Revision R:1 V:1 — 2021/04/08.

Information Security Policy

At Pyramid Consulting S.A.S. we provide consulting services on SAP and Cloud technology platforms, committing to meet our clients' requirements while protecting the confidentiality, integrity and availability of information.

We apply continuous improvement, compliance with ISO 9001 and ISO 27001 standards, risk management and protection of critical information assets.

Information Security scope

The ISMS applies to security, cybersecurity and data analytics services, including administration of technology platforms supporting SAP All-In-One, SAP B1 and non-SAP, both on-premise and in multi-cloud environments. Based on ISO 27001:2013 to guarantee security, confidentiality and integrity, mitigating risks and protecting critical data assets.

Information Security objectives

  • Manage risks to ensure confidentiality, integrity and availability.
  • Train and raise awareness among staff about information security.
  • Improve performance through corrective actions following audits.
  • Manage incidents while documenting lessons learned.
  • Comply with legal, regulatory and contractual requirements.

Revision R:2 V:2 — 2023/06/08.

Cybersecurity Policy

1. Introduction

Establishes the guidelines to protect Pyramid Consulting S.A.S.'s digital assets, guaranteeing the confidentiality, integrity and availability of information and maintaining operational continuity in SAP ERP and multi-cloud consulting services.

2. Definitions

  • Cybersecurity: measures and practices to protect systems, networks and data from cyber threats.
  • Digital assets: the company's information, data, systems, networks, devices and technology resources.
  • SAP ERP consulting: advisory services for the implementation and maintenance of SAP systems.
  • Multi-cloud services: administration of platforms across multiple cloud providers.

3. Cybersecurity principles

  • Confidentiality: controls for authorized access only.
  • Integrity: mechanisms to prevent unauthorized modifications.
  • Availability: measures to ensure information is available when needed.
  • Accountability: each user is responsible for protecting the information.

4. Applicable regulations (Colombia)

  • Ley 1273 de 2009 (Colombian Law on cyber crimes).
  • Decreto 620 de 2020 (Colombian Decree on information protection).
  • Resolución 276 de 2021 (National Cybersecurity Strategic Plan).

In force since 08/06/2023 — V:02.

Personal Data Protection Policy

In compliance with Ley 1581 de 2012 (Colombian data protection law) and its regulatory decrees, Pyramid Consulting adopts the following policy to ensure the effective exercise of the rights of data subjects.

How do we collect your information?

We only collect your personal data when you provide it directly, within the framework of commercial relationships or through voluntary delivery at commercial events.

How do we use your information?

Information is used for the development of the corporate purpose, including statistical, contractual, informational, service follow-up and satisfaction-survey purposes.

Who has access?

Information may be shared internally and with commercial allies, subsidiaries and affiliates at national and international level, respecting our security and privacy policies.

Exercising your rights

By providing your data you authorize its use in accordance with this policy. To limit use or request deletion, you can contact us via:

Minors

Minors must obtain permission from their parents or guardians before disclosing any personal data.

Read the full version of our Personal Data Protection Policy:

Download full policy (PDF)

Contact

Corporate communications: comunicaciones@pyramidconsulting.co