Policy personal data

PROENFAR S.A.S. PERSONAL DATA POLICY

1. Considerations.

The enactment of Law 1581/2012 and Decree 1377/2013, developed the constitutional right that every person has of knowing, updating and rectifying any information collected about them in databases or physical or digital files. Proenfar S.A.S., as a company responsible for managing personal data by virtue of commercial or other types of relationships with third parties, developed this Personal Data Management Policy document for the personal data of its customers, suppliers, employees and users in general.

 

2. Policy effective date and database validity period.

This Management Policy document was designed and approved according to the provisions in this regard contained in Decree 1377/2013 and came into force on July 27, 2013. The database will be valid over a reasonable and necessary period of time to fulfill with the purposes of the information management.

 

3. Management of personal data and purpose of the same.

Personal data will be managed, i.e., collected, stored, processed, used, updated, deleted, transmitted and/or transferred for the following purposes:

  • Performing activities related to the corporate purpose of Proenfar S.A.S.
  • Maintaining, developing and/or controlling a commercial, labor, or any other type of relationship between the data owner and Proenfar S.A.S.
  • Maintaining historical records of the commercial, labor, or any other type of relationship between the data owner and Proenfar S.A.S.
  • Legal reports to oversight and control authorities, like the DIAN, the Superintendence of Corporations, etc.
  • Other uses framed by the relationship entered into with the data owner.

 

4. Rights of data owners.

The following are the rights of personal data owners:

  • To know, update and rectify their personal data with Proenfar S.A.S.
  • This right may be exercised, among others, regarding partial, imprecise, incomplete, fractured or erroneous data, or to delete any data which management has been expressly forbidden or has not been authorized by the data owner.
  • To request proof of the authorization granted to Proenfar S.A.S. for collecting and using personal data except when this authorization is not required under the terms article 10 of Statutory Law 1581/2012.
  • To be informed by Proenfar S.A.S., upon request, regarding the use given to his/her personal data.
  • To submit complaints to the Superintendence of Industry and Commerce regarding violations of the provisions of Statutory Law 1581/2012 and all other regulations that amend, add to or supplement said regulation.
  • To revoke authorization and/or request deletion of personal data when its collection and/or use has not abided by constitutional and legal principles, rights and guarantees. Revocation and/or deletion will proceed whenever the Superintendence of Industry and Commerce determines that, while collecting and/or using the data, the Company has engaged in conducts contrary to Statutory Law 1581/2012 and the Constitution.
  • To receive information regarding personal data that has been collected and/or used, upon request.

 

5. Inquiries and claims process.

Once the owner’s identity has been verified, the information about his/hers personal data will be supplied as requested. Answers to inquiries must be sent to the petitioner no later than ten (10) business days counting as from the reception of the request. When the inquiry could not be answered within that period, the petitioner will be informed, stating the reasons for the delay and indicating the date on which the inquiry will be answered, which in no event may be more than five (5) business days following the expiration of the initial term.

Claims have the purpose of correcting, updating and/or suppressing personal data upon request by the data owner. All claims will be received to: This email address is being protected from spambots. You need JavaScript enabled to view it.

Proenfar S.A.S. will make available technological tools and mechanisms to data owners, that will allow them to respond in the best way possible to the requirements requested within the term described in the previous paragraph.

 

6. Person or area responsible for personal data protection.

Personal data management will be the responsibility of the corresponding area at Proenfar S.A.S., which may be contacted at:

Corporate name: Proenfar S.A.S.

Domicile or Address: Calle 10 No. 34 A - 13, Bogotá, D.C.

E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

PBX: (57-1) 3648686

Website: In the options menu of website www.proenfar.com and then: “Habeas Data Law".

 

Sincerely,

PROENFAR S.A.S.