PRIVACY POLICY FOR THE PROCESSING OF PERSONAL DATA

Isa Grisales Legal Advisory SAS domiciled in Cali, with email address info@isagrisales.com and wapp (+57) 305 223 4996 (hereinafter the “Signature ”) Informs the Holders of the Personal Data that are treated in any way by the Firm this information treatment policy (the“ Policy ”), thereby complying with Law 1581 of 2012 and Decree 1377 of 2013. The main purpose of this Policy is to inform the Holders of the Personal Data of the rights that assist them, the procedures and mechanisms provided by the Firm to enforce those rights of the Holders, and to inform them of the scope and the purpose of the Treatment to which the Personal Data will be submitted in case the Holder grants his express, prior and informed authorization.

  1. Main definitions

Expressions used in capital letters in this Policy will have the meaning given here, or the meaning that the law or applicable jurisprudence give them, according to said law or jurisprudence is modified from time to time.

  1. a) “Authorization”: It is the prior, express and informed consent of the Holder to carry out the Processing of his Personal Data.
  2. b) “Database”: It is the organized set of Personal Data that is subject to Treatment, electronic or not, whatever the modality of its training, storage, organization and access.
  3. c) “Financial Data”: It is all Personal Data referred to the birth, execution and termination of monetary obligations, regardless of the nature of the contract that gives rise to them, whose Treatment is governed by Law 1266 of 2008 or the rules that complement it, modify or add it.
  4. d) “Personal Data”: Is any information of any kind, linked or that can be associated with one or more natural or legal persons determined or determinable.
  5. e) “Public Data”: It is the Personal Data qualified as such according to the mandates of the law or the Political Constitution and that which is not semi-private, private or sensitive. Public data, among others, are the data related to the marital status of people, their profession or trade, their status as merchant or public servant and those that can be obtained without reservation. By their nature, public data may be contained, among others, in public records, public documents, gazettes and official gazettes, duly enforced judicial sentences that are not subject to reservation.
  6. f) “Sensitive Data”: It is the Personal Data that affects the privacy of the Holder or whose improper use can generate discrimination, such as those that reveal union affiliations, racial or ethnic origin, political orientation, religious convictions , moral or philosophical, belonging to unions, social organizations, human rights or promoting interests of any political party or guaranteeing the rights and guarantees of opposition political parties, as well as data relating to health, sexual life , and biometric data.
  7. g) “Person in Charge of Treatment”: Is the natural or legal person, public or private, that by itself or in association with others, performs the Processing of Personal Data on behalf of the Person Responsible for the Treatment.
  8. h) “Authorized”: It is the Company and all persons under the responsibility of the Company, which by virtue of the Authorization and these Policies have the legitimacy to Treat the Personal Data of the Holder. The Authorized includes the gender of the Enabled.
  9. i) “Habilitation”: It is the legitimacy that expressly and in writing by means of a contract or document that makes its times, the Company grants to third parties, in compliance with the applicable Law, for the Treatment of Personal Data, converting such third parties in Person in Charge of the Processing of Personal Data delivered or made available.
  10. j) “Responsible for Treatment”: Is the natural or legal person, public or private, that by itself or in association with others, decides on the Database and / or the Treatment of Personal Data.
  11. k) “Holder” of the Personal Data: It is the natural or legal person to whom the information that rests in a Database refers, and who is the subject of the right to habeas data.
  12. l) “Transfer”: It is the Treatment of Personal Data that implies the communication of the same within or outside the territory of the Republic of Colombia when it is intended to carry out a Treatment by the Manager on behalf of the Responsible.
  13. m) “Transmission”: It is the activity of Personal Data Processing through which they communicate, internally or with third parties, inside or outside the territory of the Republic of Colombia,