Privacy Policy

In compliance with the provisions of Law 1581 of 2012, its regulatory decree 1377 of 2013, the company fatastica s.a.s., identified with the nit. number: 900277236-5, in its capacity as responsible for handling personal information, presents the policy of its treatment with the objective of guaranteeing the rights of the owners of the information, as well as safeguarding all the information that is considered as personal and/or sensitive.

Objective:

This policy is issued in compliance with Law 1581 of 2012, Decree 1377 of 2013 and regulations that modify or add to the personal data protection regime and seeks to ensure that all units of the company fatastica s.a.s., as responsible for the management of personal information, perform the treatment of the same in strict compliance with the applicable regulations, ensuring the rights of the owners of the information.

Safeguard all information considered as personal and/or sensitive that is processed by fatastica s.a.s., or by third parties when there is an agreement between the parties for such purpose.

Principles:

Principle of legality: comply with all local and international legal requirements regarding the collection, processing and final disposal of personal information, as well as the company’s internal policies.

2. Principle of purpose: the treatment of information in the company fatastica s.a.s., obeys a legitimate purpose in accordance with the constitution and the law, which will be framed in the management of information for activities related to its corporate purpose.

3. Principle of freedom: the treatment can only be exercised with the prior, express and informed consent of the owner. personal data may not be obtained or disclosed without prior authorization, or in the absence of a legal or judicial mandate revealing consent.

4. Principle of truthfulness or quality: the information subject to processing must be truthful, complete, accurate, updated, verifiable and understandable. the processing of partial, incomplete, fragmented or misleading data is prohibited.

5. Principle of transparency: the right of the holder to obtain from the controller or processor, at any time and without restrictions, information about the existence of data concerning him/her, must be guaranteed in the processing.

6. Principle of restricted access and circulation: the treatment is subject to the limits derived from the nature of the personal data, the provisions of law 1581 of 2012 and the constitution. In this sense, the processing may only be carried out by persons authorized by the owner and/or by the persons provided for in this law.

7. Principle of security: the information subject to processing by the data controller or data processor referred to in Law 1581 of 2012, shall be handled with the technical, human and administrative measures necessary to provide security to the records avoiding their adulteration, loss, consultation, use or unauthorized or fraudulent access.

8. Principle of confidentiality: all persons involved in the processing of personal data that are not of a public nature are obliged to guarantee the confidentiality of the information, even after the end of their relationship with any of the tasks involved in the processing, and may only provide or communicate personal data when they correspond to the development of the activities authorized in this law and under the terms of this law.

9. Principle of consent: the treatment can only be exercised with the prior, express and informed consent of the owner. personal data may not be obtained or disclosed without prior authorization, or in the absence of a legal or judicial mandate that relieves consent.

Personal data, except for public information, may not be made available on the Internet or other means of dissemination or mass communication, unless access is technically controllable to provide restricted knowledge only to owners or authorized third parties in accordance with law 1581 of 2012.

Rights of the owners of the information:

The holders of personal data contained in the databases of the company fatastica s.a.s., are the following:

Right to know, update and rectify their personal data: the holders of personal data may exercise this right against partial, inaccurate, incomplete, fractioned, misleading or those whose treatment is expressly prohibited or has not been authorized.

2. Right to request proof of authorization: holders of personal data may request proof of the authorization granted for the processing of their data, in accordance with the provisions of Article 9 of Law 1581 of 2012. the data referred to in article 10 of this law are exempted from this obligation

3. Right to be informed of the use that has been made of their personal data: the holders of personal data have the right to know at any time the use that has been made of their personal data upon request to the person responsible for the information.

4. Right to revoke the authorization and/or request the deletion of the data: the holders of personal data may revoke the authorization granted to the company fatastica s.a.s., for the processing of their personal data, if they evidence that the principles, rights and constitutional and legal guarantees have not been respected.

Right to access your personal data:

Personal data subjects may access their personal data that has been processed free of charge.

Holder’s authorization:

All processing of personal data shall be subject to the consent of the owner, which must be prior and informed, except for the exceptions established by law. at the time of obtaining the consent of the owner of the information, he/she shall be informed clearly and expressly of the following:

1. The treatment to which your personal data will be subjected and the purpose of the same, in addition to this, if it is required to share information with other recipients, it must be ensured that such recipients comply with the rules of protection of personal data.

2. The optional nature of the response to the questions asked, when they deal with sensitive data or data of minors.

3. The identification, physical or electronic address and telephone number of the data controller.

4. The rights of the holder of the information should also be informed, including the right to correct, modify, update, access and revoke consent, as well as the right to withdraw the information provided. (except as otherwise provided by law).

Duties of those responsible for the information:

The company fatastica s.a.s., as responsible for the information, is responsible for the following duties:

1. Guarantee the holder, at all times, the full and effective right of habeas data.

2. Request and keep a copy of the authorization granted by the holder.

3. Duly inform the owner about the purpose of the collection and the rights he/she has by virtue of the authorization granted.

4. Keep the information under the necessary security conditions to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access.

5. To rectify the information when it is incorrect and to communicate the pertinent to each data processor.

6. Process inquiries and claims formulated in the terms set forth in Law 1581 of 2012.

Duties of those in charge of the information:

1. Guarantee the holder, at all times, the full and effective right of habeas data.

2. Keep the information under the necessary security conditions to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access.

3. Timely update, rectification or deletion of data in the terms set forth in Law 1581 of 2012.

4. Update the news on the information reported by the owners of the data within (5) working days from its receipt.

5. Process queries and claims made by the owners in the terms set forth in Law 1581 of 2012.

6. Refrain from circulating information that is being disputed by the owner and whose blocking has been ordered by the superintendence of industry and commerce.