The company MINKA COLOMBIA S.A.S., domiciled in the city of Bogotá D.C. and identified with NIT 901.047.009-7 (after this, the "Company" or "MINKA"), complying with the regulations contained in Statutory Law 1581 of 2012, Decree 1074 of 2015 and the other concordant regulations, by which general provisions are issued for the protection of personal data, in its capacity as Responsible for the Treatment of Personal Data, it is allowed to make known this Policy of Privacy and Protection of Personal Data (from now on the "Policy") to regulate the collection, storage, treatment, administration, transfer, transmission, protection, and deletion of information received from the owners of personal data or third parties through the different channels of data collection that it has arranged in the development of its activities.
For the purposes of this Policy, the words defined below will have the meaning assigned in this chapter, whether or not they are written in capital letters or whether they are in the plural or singular.
Given that the Policy is available to anyone who wishes to consult it, it is established that the Processing of Personal Data carried out by the Company will have the free, prior, express, and informed consent of the Holder of said data and will be previously authorized. When indicated using a physical, electronic document, or any other format, or by any other unequivocal conduct such as the mere fact of supplying your Personal Data, on your behalf or through an interposed person, either i) directly to the Company or ii) to third parties who in turn have the authorization to transfer or transmit them to other people.
If the Holder wants his Personal Data to be deleted from the Company's Databases, he must expressly state it from the moment in which he has provided his Personal Data or becomes aware of this Policy to the email admin@minka.io
The legal person responsible for processing personal data and, therefore, for the database in which they are located is MINKA COLOMBIA S.A.S., a legally constituted company identified with 901.047.009-7, with the primary address in the city of Bogota, DC, Colombia.
The Company, in its capacity as duly authorized Data Controller, and any Data Processor designated by it may process the Personal Data provided, which includes the collection, storage, processing, use, updating, circulation, administration, transfer, transfer, transmission, protection, and deletion of the same.
Likewise, it is highlighted that the Company may, among others:
a) Appoint one or more Persons in Charge of the Treatment of Personal Data;
b) Transfer and/or transmit the Personal Data subject to Treatment to the companies that are part of its business group, that is, to parent companies, affiliates, or subsidiaries, as well as to any other third party, inside or outside the national territory, either they are legal or natural persons, national or foreign, even when in the country of location of the receiver there are no regulations that establish a data protection standard similar to those in force in the national territory;
c) Provide said Personal Data to agents, subcontractors, and other third parties to achieve the purposes listed in the following section and
d) Reveal the information when required by the authorities duly empowered by administrative or judicial order.
The Company will not carry out any processing of sensitive data without the due prior, informed, and express authorization of the Owner of the information, except in cases where the granting of the same is not required by law, and one of the following exceptions is present:
Answers to questions about sensitive data are optional and will not be mandatory. Under no circumstances will the Company condition any activity on delivering Sensitive Data. Sensitive Data will be treated with the greatest possible diligence and with the highest security standards.
The Company will carry out the Processing of Personal Data for the following specific purposes:
a) Perform basic administrative management tasks.
b) Provide services and products required and comply with the other obligations contracted with the Holder.
c) Execute and fulfill the contracts signed with its clients, suppliers, and workers, including paying contractual obligations.
d) Evaluate the quality of the Company's services.
e) Develop marketing or promotional activities.
f) Develop the selection, evaluation, and employment process.
g) Carry out the necessary activities to manage the requests, complaints, and claims presented by customers, users, and/or third parties and direct them to the areas responsible for issuing the corresponding responses.
h) Respond to legal requirements of administrative and judicial entities.
i) Support external or internal audit processes.
j) The control and prevention of fraud, money laundering, and the financing of terrorism.
k) The development of marketing activities, research and market analysis, or any other commercial activity permitted by Colombian law.
l) Consult and access the Holder's information (private, semi-private, sensitive, or reserved) in different databases or Public or Private Entities, whether in Colombia, abroad, or internationally.
m) Consult the Holder's information in Financial Information Centers and report information to these databases when there is merit to do so with complete legal requirements for that purpose.
n) In general, to carry out the Treatment directly, as this term is defined in Law 1581 of 2012, through a treatment manager located in Colombia or in any other country to whom the Holder's data will be provided through international or national transmission or transfers, as the case may be.
The rights that assist the Owners of Personal Data are:
a) Know, update, and rectify the personal data in front of the Persons Responsible for the Treatment of Persons in Charge of the Treatment. This right may be exercised, among others, against partial, inaccurate, incomplete, fragmented, misleading data or those whose Treatment is expressly prohibited or has not been authorized;
b) Request proof of the authorization granted to the Treatment Manager except when expressly excepted as a requirement for Treatment, following the provisions of article 10 of Law 1582 of 2012;
c) Be informed by the Treatment Manager or the Treatment Manager, upon request, regarding the use that has been given to personal data;
d) Submit complaints to the Superintendence of Industry and Commerce for violations of the provisions of Law 1581 of 2012 and other regulations that modify, add, or complement it;
e) Revoke the authorization and/or request the deletion of the data when the principles, rights, and constitutional and legal guarantees are not respected in the Treatment. The revocation and/or suppression will proceed when the Superintendence of Industry and Commerce has determined that in the Treatment, the Responsible or Person in Charge has incurred conduct contrary to the law and the Constitution;
f) Free access to your personal data that has been subject to Treatment.
In turn, the Holder agrees to provide true, truthful, exact, authentic, and in-force content and is responsible for its content and the damages it causes to the company or third parties.
The Company will adopt the security techniques necessary to secure the records, avoiding their adulteration, loss, consultation, use, or unauthorized or fraudulent access. Said measures will respond to the minimum requirements of current legislation, and their effectiveness will be periodically evaluated. However, the Company will not be liable in the event of a violation of its security systems when there is a force majeure or fortuitous event.
The Company does not assume any responsibility for damages of any nature that may arise from viruses or other harmful elements in the services provided by third parties that may cause alterations in the user's computer system, electronic documents, or files.
The Administration and Finance area will handle requests, queries, and claims before which the Holder of the information may exercise their rights and, therefore, know, update, modify, rectify, correct, or delete the information provided at any time. For this purpose, you must email your request to admin@minka.io or call 350 538 9480.
The data owner may know, update, rectify, and delete the information provided. They may also exercise their right to revoke the authorization provided for their treatment by sending the respective request to the email admin@minka.io or the telephone line 350 538 9480. For this purpose, the Holder must at least indicate the names and surnames, type of document and number, telephone, email, description of the matter, and the specific changes you want to make. This will ensure that we process your request correctly.
The query will be answered within ten (10) business days from the date of receipt. When it is not possible to attend to the query within said term, the interested party will be informed, stating the reasons for the delay and indicating the date on which their query will be attended, which in no case will exceed five (5) business days following the due date of the first term.
When the data owner considers that their information should be corrected, updated, or deleted or notices an alleged breach of any of their rights, the maximum term to address the complaint or claim will be fifteen (15) business days from the day following the date of receipt of the document.
When it is not possible to address the complaint or claim within said term, the interested party will be informed of the reasons for the delay and the date on which it will be attended to, which in no case may exceed eight (8) business days following the expiration of the first term. If the claim is incomplete, the interested party will be required to correct the deficiencies within five (5) days following receipt of the complaint and/or claim. If two (2) months have elapsed from the date of the request without the applicant presenting the required information, the complaint or claim will be deemed withdrawn.
The Company does not accept or process the Personal Data of children under eighteen years of age since the services offered are reserved for those with the legal capacity to contract. Therefore, minors must refrain from contracting the services.
The Company, upon prior written request from the competent authority, will provide information on its management related to the storage, use, and processing of personal data to authorities and control bodies that require it.
The Company may provide the information found in its Databases additionally to:
To respond to requests for the delivery of personal information from public entities and control entities, the Company will validate that the delivery is (i) based on a legal duty, (ii) is presented in a format and through an official channel, whether physical or digital, designated by the Company for this purpose, (iii) has been requested by the entity, and (iv) is subscribed by personnel authorized to make the request, with prior validation of their identity. This information delivery will follow the greatest possible diligence and with the highest security standards.
Additionally, the Company will review:
If delivery is viable, formal methods will be used for sending it (corporate email), complying with the file transfer security protocol (FTPS/SFTP), or any other means that provide security measures for delivering equal or superior information.
The Company may share personal data information with those third parties necessary for the development of its activities and corporate purpose, always protecting the rights and information of the data owner. The Transmission or Transfer of Personal Data that is carried out will observe the rules established for this purpose by the applicable regulations and the control authority, especially the following:
The Company may modify or amend this Policy at its discretion. When modifications or changes are made to it, the date of the change will be updated, and the modification or amendment will be effective as of the updated date. It is recommended that you periodically review this Policy to be informed about any changes that may occur.
This Policy will become effective on July 16th, 2024. Both the Policy and the Databases containing the information provided may remain in force for the duration of the company MINKA COLOMBIA S.A.S. without prejudice to the fact that the company may modify this policy at any time and unilaterally.