We boost your technological development

We boost your technological development
All Rights Reserved.

PERSONAL DATA PROTECTION AND PROCESSING POLICY

CONFÍA DIGITAL S.A.S.

Version 1.0
Effective Date: 25/04/2025
Last Update: 25/04/2025

 

1. OBJECT

This Personal Data Protection and Processing Policy establishes the guidelines under which Personal Data Protection and Processing Policy Establishes the guidelines under which Confía Digital S.A.S. collects, stores, uses, circulates, transfers, and deletes personal data, in order to ensure the protection of data subjects’ rights, in accordance with Law 1581 of 2012, el Decree 1377 of 2013,and other applicable data protection regulations in Colombia.

2. SCOPE

This policy applies to all databases and information systems that contain personal data collected, stored, and processed by Confía Digital S.A.S., including data from:

  • Customers (both legal entities and individuals)
  • Employees and contractors (direct and indirect, including OPS)
  • Suppliers and strategic allies
  • Visitors to physical premises and digital platforms

This policy is mandatory for all employees, contractors and third parties acting on behalf of the company. Confía Digital S.A.S..

3. GLOSSARY

Personal Data: Information that allows the identification of a natural person.
Sensitive Data: Information that may affect privacy or generate discrimination.
Data Subject: Natural person whose data is processed.
Processing: Operations such as collection, storage, use, circulation or deletion.
Data Controller: Natural or legal person who decides on the treatment.
Data Processor: Person who carries out the processing on behalf of the data controller.
Consent: Prior, express and informed consent of the data subject.
Transmission: Sending data to a data processor for processing.
Transfer: Sending data to another data controller, within or outside the country.

4. GUIDING PRINCIPLES

The processing of personal data at Confía Digital S.A.S. is governed by the following principles:

  • Legality: Processing will be conducted in accordance with applicable laws.
  • Purpose: Data will be processed for legitimate, explicit, and informed purposes.
  • Freedom: Processing will only occur with the data subject’s express and informed consent.
  • Accuracy and Data Quality: Data must be accurate, up-to-date, and verifiable.
  • Restricted Access and Circulation: Only authorized persons may access personal data.
  • Security: Technical and organizational measures will be applied to safeguard the data.
  • Confidentiality: Data will be kept confidential and used appropriately.

4.1. GENERAL PURPOSE OF DATA PROCESSING

Confía Digital S.A.S. processes personal data to support its business operations, including service provision, legal and contractual compliance, administrative and commercial management, human resources management, customer experience improvement, and compliance with information security and regulatory requirements.

5. SPECIFIC PURPOSES OF DATA PROCESSING

5.1. CUSTOMERS (LEGAL ENTITIES AND INDIVIDUALS)

Customers' personal data will be used for the following purposes:

  • Provision of technology services (e.g., software implementation, cloud services).
  • Invoicing and payment management.
  • Sending commercial and product-related communications.
  • Consumer analysis, preferences and market research.
  • Service quality evaluations.
  • Legal and contractual compliance.

5.2. EMPLOYEES AND CONTRACTORS

The processing of employee and contractor data will include:

  • Human resource and contract management.
  • Payroll and benefits administration.
  • Social security and labor risk registration.
  • Performance and compliance evaluations.
  • Facility and digital access control.
  • Occupational health and safety (SG-SST).

5.3. SUPPLIERS AND STRATEGIC PARTNERS

Personal data of suppliers and partners will be processed for:

  • Supplier evaluation and onboarding.
  • Fulfillment of contracts and payment management.
  • Audits and performance reviews.
  • Legal and tax compliance.

5.4. VISITORS TO PHYSICAL AND DIGITAL SPACES

Visitor data will be used for:

  • Physical access control.
  • Security monitoring (e.g., video surveillance).
  • Use of cookies and other tracking tools on websites and platforms.

6. SPECIFIC IMPLEMENTATION POLICIES

6.1. CONFIDENTIALITY AND ACCESS CONTROL

  • Access is limited to authorized employees or third parties.
  • Systems use authentication, encryption, and security protocols.
  • Confidentiality agreements are mandatory.

6.2. DATA SECURITY

  • Administrative and technical safeguards will be applied.
  • Secure password policies and encryption are enforced.
  • Regular audits will be conducted.

6.3. DATA RETENTION AND DELETION

  • Data will be stored only as long as required by law or purpose.
  • Secure deletion protocols will be used when data is no longer needed.

6.4. DATA TRANSFER AND TRANSMISSION

Data may only be transferred if:

    • Consent is obtained from the data subject.
    • There is a legal or contractual obligation.
    • The receiving country ensures adequate data protection.

6.5. DATA SUBJECT RIGHTS MANAGEMENT

Data subjects may exercise their rights through:

Email: legal@confiadigital.com.co
Website: www.confiadigital.com.co

Response timeframes:

  • Inquiries: Within 10 business days.
  • Complaints: Within 15 business days, extendable by 8 more days.

6.6. RESPONSIBLE AREA

The Legal and Compliance Area will be in charge of dealing with requests, complaints and claims. Email: legal@confiadigital.com.co.

7. DATA SUBJECT RIGHTS

Data subjects have the right to:

  1. Access their personal data.
  2. Request updates or corrections.
  3. Request proof of authorization.
  4. Receive information about the use of their data.
  5. File complaints with the Superintendence of Industry and Commerce.
  6. Request data deletion if no legal retention obligation exists.
  7. Revoke the consent at any time.

8. OBLIGATIONS OF CONFÍA DIGITAL S.A.S. AS DATA CONTROLLER

  • Guarantee the right to habeas data.
  • Request and keep records of authorizations.
  • Inform data subjects of purposes and rights.
  • Implement security measures.
  • Respond timely to inquiries and complaints.

9. AUTHORIZATION FOR DATA PROCESSING

The processing of personal data shall require the prior, express and informed authorization of the holder. This authorization may be obtained through:

  • Physical or digital forms.
  • Acceptance of terms and conditions in digital platforms.
  • Employment or service contracts.
  • Call recordings or emails.

Additionally, Confía Digital S.A.S. may infer the authorization for the processing of personal data from unequivocal behaviors of the holder, such as continuous navigation in digital platforms, acceptance of terms and conditions, interaction with commercial campaigns or voluntary provision of information in physical or electronic media. These behaviors will allow to reasonably conclude that the holder has given his consent, provided that he has been previously informed about the purpose of the processing.

9.1. SENSITIVE DATA

Sensitive data may only be processed with explicit and informed consent.

Data subjects will be clearly informed:

  • That providing such data is not mandatory.
  • What sensitive data is being collected and for what purpose.

Confía Digital S.A.S. guarantees strict confidentiality and non-conditioning of services based on sensitive data disclosure.

9.2. MINORS’ DATA

Confía Digital S.A.S. limits the processing of children and adolescent data to exceptional cases in the best interest of the minor, with prior consent from a legal guardian. All fundamental rights will be protected and maximum security standards applied.

10. SAFETY AND COMPLIANCE PROCEDURES

  • Access control: Only authorized personnel may access personal data.
  • Training: Ongoing internal awareness on data protection practices.
  • Audits: Regular reviews to monitor and ensure compliance.

11. MODIFICATIONS AND VALIDITY

This policy is effective upon publication and shall remain in effect for as long as Confía Digital S.A.S. Continue with the processing of personal data. Any modifications will be communicated to the data subjects through the established channels. The databases will be retained as long as the purpose of the processing persists or there is a legal or contractual obligation to retain the information.

Don't wait for the future,
create it with us.

Icono 2 Icono 3

Home /
Services /
Who we are? /
Certifications /
Support /
Contact /

Ethics Hotline

2025 @ ConfiaDigital. All rights reserved

Legal notice

Privacy Notice

AML/CFT Policy

Cookie Policy

Data processing policy

Designed by Ache1.com

en_US
en_US es_AR
Open chat
Do you need help?
Powered by Joinchat
Hola!
En que podemos ayudarte?