top of page


At Cahero EPC, we hold the privacy and security of personal and sensitive data in the highest regard. Our commitment to maintaining rigorous standards of data protection is central to our operations and is aligned with the evolving landscape of applicable laws and regulations. As a leader in Engineering, Procurement, and Construction (EPC) solutions since our founding by Alfonso Cahero in 2003, we have consistently prioritized the integrity and confidentiality of the information entrusted to us by our stakeholders.


Data protection is more than a compliance requirement for us; it is a fundamental aspect of our business philosophy and a reflection of our commitment to ethical conduct and trust. The trust placed in us by our clients, employees, partners, and other stakeholders is paramount, and we are dedicated to safeguarding their information through robust data protection policies and practices. This dedication ensures that all data handled by Cahero EPC is managed responsibly, securely, and in accordance with the highest standards of privacy.


Our data protection framework is built on several key principles: confidentiality, integrity, and availability. Confidentiality ensures that information is accessible only to those authorized to have access. We employ advanced security measures to protect data from unauthorized access, breaches, and leaks. This includes the use of encryption, secure access controls, and regular security assessments to identify and mitigate potential vulnerabilities.


Integrity involves maintaining the accuracy and consistency of data over its lifecycle. At Cahero EPC, we implement rigorous processes to ensure that data is not altered or tampered with in any unauthorized manner. Regular audits and data validation procedures are conducted to ensure the accuracy and reliability of the information we manage. By maintaining data integrity, we ensure that the information remains trustworthy and accurate, which is crucial for our operations and decision-making processes.


Availability ensures that data is accessible to authorized users when needed. We recognize that timely access to information is critical for our business operations and for serving our clients effectively. To this end, we have implemented robust data management systems and backup protocols to ensure that data is available and retrievable in the event of technical issues or other disruptions. Our disaster recovery plans are designed to minimize downtime and ensure continuity of access to essential information.


Compliance with data protection laws and regulations is a cornerstone of our data protection policy. We adhere to all applicable local, national, and international regulations governing data privacy and security. This includes compliance with frameworks such as the General Data Protection Regulation (GDPR) and other relevant legislation. Our legal and compliance teams work diligently to stay informed about changes in the regulatory environment and to ensure that our policies and practices remain up-to-date and in full compliance.


Training and awareness are critical components of our data protection strategy. We believe that a well-informed workforce is essential to maintaining high standards of data security. All employees undergo regular training on data protection policies, security practices, and their responsibilities in safeguarding information. This training helps to foster a culture of data security awareness and ensures that everyone at Cahero EPC understands the importance of protecting sensitive information.


Our commitment to data protection extends to our relationships with third parties. We recognize that the security of our data can be impacted by the practices of our partners, suppliers, and contractors. Therefore, we require that all third parties who handle data on our behalf adhere to our stringent data protection standards. We conduct thorough due diligence and regularly review the data protection practices of our partners to ensure compliance and address any potential risks.


Transparency is a key aspect of our data protection policy. We are committed to being open and transparent about how we collect, use, and protect personal and sensitive data. Our privacy notices and data protection policies are clearly communicated to our stakeholders, ensuring that they are fully informed about their rights and how their information is being handled. This transparency builds trust and confidence in our data protection practices.


We also recognize the importance of responding promptly and effectively to data breaches or security incidents. Our incident response plans are designed to ensure that any data breach is quickly identified, contained, and addressed. We have procedures in place for notifying affected individuals and relevant authorities in accordance with legal requirements. By taking swift action, we aim to mitigate the impact of any data breach and to prevent future incidents.


In conclusion, data protection is a critical component of our commitment to ethical business practices at Cahero EPC. Our comprehensive data protection policies and practices reflect our dedication to safeguarding the information entrusted to us by our stakeholders. By prioritizing confidentiality, integrity, and availability, and by ensuring compliance with all relevant laws and regulations, we maintain the highest standards of data protection. Our proactive approach, combined with ongoing training and transparency, ensures that we continue to uphold the trust and confidence placed in us. Thank you for joining us in our commitment to privacy and security as we continue to lead the way in ethical and responsible data management.

Ensuring Privacy and Security - Data Protection at Cahero EPC

Our Dedication to Data Protection and Privacy

At Cahero EPC, we prioritize data minimization by collecting only essential information and retaining it only as long as necessary. All data processing is lawful, transparent, and based on a valid legal foundation, with appropriate consent obtained when required. We ensure data security through robust technical and organizational measures, granting individuals access to, and correction of, their data. We support data portability and enforce clear data retention policies. Third-party processors are held to our high data protection standards, and DPIAs are conducted to mitigate risks. In the event of data breaches, we respond swiftly and effectively. Our commitment to continuous compliance ensures your privacy is always protected.

Key Principles of Our Data Protection Policy

Data Minimization: We collect and process only the data that is necessary for the legitimate purposes of our business. We do not retain data longer than required.


Lawful Processing: Cahero EPC ensures that all data processing activities are carried out lawfully and with a valid legal basis. We respect individuals' rights and obtain appropriate consent when required.


Transparency: We are transparent about our data processing activities. We inform individuals about the purposes of data collection and processing, as well as their rights regarding their personal data.


Data Security: The security of personal and sensitive data is a top priority. We implement technical and organizational measures to protect data from unauthorized access, disclosure, alteration, and destruction.


Data Access and Rectification: We provide individuals with the ability to access and correct their personal data held by Cahero EPC. We respond promptly to requests from data subjects regarding their information.


Data Portability: Upon request, we allow individuals to receive their personal data in a structured, commonly used, and machine-readable format, facilitating data portability.


Data Retention: We establish clear data retention policies and procedures. Data is retained only for as long as necessary to fulfill the purposes for which it was collected.


Third-Party Processing: When engaging third-party service providers, we ensure they adhere to the same data protection standards and principles. We conduct due diligence to assess their data handling practices.


Data Protection Impact Assessments: We conduct Data Protection Impact Assessments (DPIAs) to identify and mitigate risks associated with data processing activities, particularly those that may impact individuals' rights and freedoms.


Data Breach Response: In the event of a data breach, we have established procedures to promptly identify, assess, and report the breach to relevant authorities and affected data subjects. We take corrective actions to prevent future breaches.


Continuous Compliance: Cahero EPC is committed to ongoing compliance with data protection laws and regulations. We regularly review and update our data protection policies and practices to adapt to changes in the regulatory landscape.

Our Commitment to You

Cahero EPC views data protection as a fundamental aspect of trust and accountability in our relationships with clients, employees, partners, and all individuals whose data we handle. We pledge to maintain the highest level of data protection to ensure the confidentiality, integrity, and availability of personal and sensitive information entrusted to us. Your privacy matters, and we are dedicated to upholding it.

We are here to assist you. Whether you have inquiries about our services, want to discuss a potential project, or simply need more information, please don't hesitate to get in touch. We look forward to hearing from you.


bottom of page