CIDENET S.A.S, hereinafter referred to as THE COMPANY, a commercial company identified with NIT. 900.574.473-8 and created by public deed 5135 on November 14, 2012, registered in the Chamber of Commerce on November 14, 2012.
Domicile and address
THE COMPANY has its domicile in the city of Medellin, and its main office is located at Carrera 69 #49A - 11 Suramericana neighborhood.
In all processing of personal data carried out by THE COMPANY, the principles established in the Colombian General Regime for the Protection of Personal Data shall be applied, especially the following:
The treatment of the personal data of the person with whom THE COMPANY has established or establishes a relationship, permanent or occasional, will be carried out within the legal framework that regulates the matter. In any case, personal data may be collected and processed for the following purposes:
Biometric data related to the health and identification of individuals are considered to be of a sensitive nature and therefore are protected more rigorously by the individuals who have access to them in their capacity as persons in charge of handling the information.
The treatment of sensitive personal data will be exclusively for use in relation to the prevention of the spread of contagious diseases, such as covid-19, health controls and cooperation with state entities and provisions, cases such as submission of indicators to control entities, population health analysis and risk analysis in the examinations performed. at no time, without prior authorization, such sensitive data would be used for marketing purposes, sale of databases and/or other purposes unrelated to those expressed in this policy.
In accordance with the provisions of the current applicable regulations on data protection, the holders of personal data have the right to:
These rights may be exercised by:
The company will be responsible for the processing of personal data. the administrative department will be responsible for the processing of personal data.
Any communication on the matter should be made through the e-mail email@example.com
The holders or their assignees may consult the personal information of the holder that is held by the company, who will provide all the information contained in the individual record or that is linked to the identification of the holder. likewise, the company provides the mechanism through which the holder may file claims to update, rectify, delete the data or revoke the authorization definitively.
In any case, regardless of the mechanism implemented for the attention of consultation requests, they will be attended within a maximum term of ten (10) working days from the date of receipt. when it is not possible to attend the consultation within such term, the interested party shall be informed before the expiration of the 10 days, stating the reasons for the delay and indicating the date on which the consultation will be attended, which in no case may exceed five (5) business days following the expiration of the first term.
inquiries may be sent to the e-mail address firstname.lastname@example.org
In accordance with the principle of security established under the current legislation, THE COMPANY shall adapt the necessary technical, human and administrative actions for the security of all record and data collected, avoiding its non-authorized or fraudulent alteration, loss, access or use.
The company is committed to the correct use and treatment of the personal data of its customers and users, avoiding unauthorized access to third parties that would allow them to know or violate, modify, disclose and/or destroy the information contained in the company’s databases. for this reason, the company has security protocols and access to its information, storage and processing systems, including physical measures to control security risks.
Therefore, it must adopt the measures that allow it to comply with the provisions of law 1581 of 2012, and any other law or regulation that modifies or replaces them. as a consequence of this legal obligation, among others, it shall adopt security measures of logical, administrative and physical type, according to the criticality of the personal information to which it has access, to ensure that this type of information will not be used, traded, assigned, transferred and/or will not be subjected to any other treatment contrary to the purpose included in the provisions of the object of this contract. any suspicion of loss, leakage or attack against personal information held in the databases of the company will be reported, notice to be given once it has knowledge of such eventualities through the most relevant or effective mechanisms, such as publication on the website or networks of the company, direct communication to the reported email of the affected or the means established by it for that purpose or in any way that guarantees the right to information of the holder. the loss, leakage or attack against personal information also implies the obligation to manage the security incident according to the legal guidelines on the matter.
This policy is effective as of november 14, 2012.
Bryan Zapata Ceballos