Skip to content

PERSONAL DATA PROCESSING POLICY

MULTIPARTES DE COLOMBIA SAS (hereinafter “MULTIPARTES”), a simplified joint-stock company, identified with NIT 900.554.691-1, with registered office
main address: Cra 2 # 21 – 84, Santiago de Cali (Valle del Cauca) Colombia, recognizes the importance of
the security, privacy and confidentiality of the personal data of its clients, users, collaborators, suppliers, shareholders, allies and in general of all its interest groups with respect to which it processes information, therefore in compliance with the constitutional and legal provisions, it adopted this POLICY FOR THE TREATMENT
OF PERSONAL DATA.

1. INTRODUCTION

The Colombian Constitution enshrines the right of all persons to know, update, and rectify information held about them in databases or files of public or private entities. It also mandates that those who hold personal data of third parties respect the rights and guarantees provided for in the Constitution when handling this type of information.

Likewise, the Political Constitution of Colombia enshrines the right
from any person to the information, in such a way that they receive information
truthful and impartial.

MULTIPARTS is committed to complying with Personal Data Protection regulations and respecting the rights of data subjects. For this reason, it adopts this Personal Data Processing Policy, which is mandatory for all activities involving the processing of personal data and is binding on the Company, its Administrators, Collaborators, and third parties with whom it has contractual or commercial relationships.

MULTIPARTES, in the course of its corporate purpose, receives, transmits, and processes Personal Data on a daily basis, so it is essential to have this policy in place and strictly comply with it.

2. APPLICABLE REGULATIONS

MULTIPARTES is based on all Colombian legal provisions and international recommendations for the construction and management of personal data within its organization. The main regulations in force in the country for the protection of personal data are listed below:

  • Article 15 of the Political Constitution of Colombia
  • Statutory Law 1266 of 2008
  • Law 1273 of 2009
  • Statutory Law 1581 of 2012
  • Decree 1377 of 2013
  • Decree 886 of 2014
  • Decree 1074 of 2015

Title V of the Single Circular of the Superintendency of Industry and Commerce

3. SCOPE

MULTIPARTES, as responsible for the
treatment will ensure safety and quality in the treatment of the
information, and compliance with Article 15 of the Political Constitution of
Colombia, the current regulations regarding the protection of personal data, and
especially as established in Law 1581 of 2012, Decree 1377 of 2013 and the
other provisions that modify, add to or complement it.

Without prejudice to compliance with the
duty of documentary confidentiality established in Article 61 and following of the Commercial Code that corresponds to MULTIPARTES, in its capacity as a private company, this Policy describes the guidelines that will be carried out to protect the personal data of the owners of the information and
carry out proper treatment of these.

The treatment carried out by
part of MULTIPARTES, will be based on the authorization granted by the owner and
will take into account the purposes expressly reported.

Likewise, MULTIPARTES, in
development of its activity and management, and in order to provide collaboration to
any business group to which it may belong, during the execution of
Its activities may carry out the processing of personal data jointly with the entities that belong or may belong to its business group, or whoever represents its rights or holds the right in the future.
quality of creditor, assignee, or any capacity vis-à-vis the holders of the information.

4. RECIPIENTS

This policy is directed to our clients, collaborators, suppliers, shareholders, allies, and, in general, to all stakeholders whose personal data MULTIPARTES processes.

5. DEFINITIONS

For the purposes of this policy, the following definitions will be taken into account:

AUTHORIZATION: means the prior, express, and informed consent of the Data Subject to carry out the Processing. This may be (i) written; (ii) verbal; or ( iii) unequivocal conduct that allows
reasonably conclude that the Data Subject has accepted the Processing of his or her data.

PRIVACY NOTICE: is the verbal or written communication that has the purpose of informing the owner of the data.
information on MULTIPARTES’ data protection policy.

DATABASE: Organized set
of MULTIPART data.

CONSULTATION: means the request of the Owner of the Personal Data, of the persons authorized by him, or those authorized by law, to know the information that rests about him in the Databases of
the Company.

PUBLIC DATA: data that the
law or the Constitution determines as such, as well as all those that are not
semi-private or private.

PRIVATE DATA: is that data
which due to its intimate or reserved nature is only relevant to the owner of
the information.

SEMI-PRIVATE DATA: is that data
which is not of an intimate, reserved, or public nature and whose knowledge or disclosure may be of interest not only to its owner but also to a certain sector or group of people.

PERSONAL DATA: Any information linked to or that can be associated with one or more specific or determinable natural persons.

SENSITIVE DATA: Data that affects the privacy of the Owner or whose misuse may lead to discrimination.

DATA PROCESSOR: Natural or legal person, public or private, who, by itself or in association with others, processes personal data on behalf of the Company as the data controller.

TREATMENT POLICY: This document refers to the treatment policy.
processing of personal data applied by the Company in accordance with the guidelines of current legislation on the matter.

SUPPLIER: Any person
natural or legal entity that provides a service to the Company by virtue of a contractual/obligational relationship.

CLAIM: means the request of the Data Owner or the persons
authorized by this or by law to correct, update or delete its
Personal Data or when they notice that there is a presumed breach of the data protection regime, according to article 15 of Law 1581 of 2012.

DATA CONTROLLER: Natural or legal person, public or private, who
by itself or in association with others, decide on the basis of data and/or the
Data processing, for the purposes of this policy, will act as Controller,
in principle, the Company.

REQUIREMENT
OF ADMISSIBILITY: previous step that must be taken by the
Holder before filing a complaint with the Superintendency of Industry and
Commerce. This consists of a direct claim to the Manager or Responsible Party
of your Personal Data.

TRANSFER: Refers to the
sending by the Company as Data Controller or Data Processor, to a third agent or natural/legal person (receiver), within or
outside the national territory for the effective processing of personal data.

TRANSMISSION: refers to
the communication of personal data by the Controller to the Processor,
located within or outside the national territory, so that the Manager, on behalf of the Controller, processes personal data.

PROCESSING: Any operation or set of operations on personal data, such as collection, storage, use, circulation or deletion.

USER: A natural or legal person whose personal data is processed. For MULTIPARTES, the data subjects are clients, users, collaborators, suppliers, partners, shareholders, visitors, our stakeholders, and any other person whose data is processed by MULTIPARTES, whether directly or indirectly.

The above list is made merely as an example, for greater
understanding of the above definitions and other terms that are not
included, you must refer to Law 1581 of 2021, Decree 1377 of 2013
and other regulations applicable to the matter.

6. GUIDING PRINCIPLES FOR THE PROCESSING OF PERSONAL DATA

In accordance with the
current legislation and in accordance with data processing, MULTIPARTES undertakes
with the information holders to comply with the following principles:

6.1. Related to the collection of personal data

PRINCIPLE OF FREEDOM: MULTIPARTES will process data only with the prior, express, and informed consent of the data subject. Personal data may not be obtained or disclosed without prior authorization or in the absence of a legal or judicial order.

PRINCIPLE OF LIMITATION OF THE
COLLECTION: Only Personal Data that is strictly necessary for the fulfillment of the purposes of the Treatment should be collected, in such a way that the registration and disclosure of data that is not closely related to the Treatment is prohibited.
purpose of the processing. Consequently, every reasonable effort should be made to limit the processing of Personal Data to the minimum necessary.
That is, the data must be: (i) adequate, (ii) relevant and (iii) in accordance with the purposes for which they were intended.

6.2. Related to the use of personal data

PRINCIPLE OF PURPOSE: MULTIPARTES will process the data for a legitimate purpose, in accordance with the Constitution and the law,
which will be reported to the owner.

PRINCIPLE OF TEMPORALITY: Personal Data will be kept only for the reasonable and necessary time to fulfill the purpose of the Processing and the legal requirements or instructions of the supervisory and control authorities or other authorities.
Competent authorities. Data will be retained when necessary to comply with a legal or contractual obligation. To determine the end of processing, the rules applicable to each purpose and the administrative, accounting, tax, legal and historical aspects of the processing will be considered.
information.

6.3.Related to the quality of information

PRINCIPLE OF TRUTH OR
QUALITY: the information that is subject to processing must be truthful, complete,
updated, verifiable and understandable. In MULTIPARTES the use of
processing of fragmented or misleading data.

6.4.Related to the protection, access and circulation of
personal data

PRINCIPLE OF LEGALITY
REGARDING DATA PROCESSING: MULTIPARTES is aware that the
The treatment referred to in Law 1581 of 2012 is a regulated activity, which
must be subject to the provisions set forth therein and in the other provisions of the
develop.

PRINCIPLE OF
TRANSPARENCY: MULTIPARTES knows that the information holders have
right to obtain, at any time and without restrictions, information about
of the existence of data concerning him/her.

PRINCIPLE OF ACCESS AND
RESTRICTED CIRCULATION: processing is subject to the limits derived from the nature of the personal data, in accordance with the provisions of Law 1581 of 2012 and the Constitution. In this sense, processing may only be carried out by persons authorized by the owner and/or by the persons provided for in the
law. With the exception of public information, MULTIPARTES will not make available
disposition of personal data on the Internet or other means of disclosure or
mass communication, unless access is technically controllable for
provide restricted knowledge only to the holders or authorized third parties
in accordance with Law 1581 of 2012.

SECURITY PRINCIPLE: MULTIPARTS
will handle the information subject to treatment referred to in Law 1581 of
2012 with the necessary technical, human and administrative measures
to provide security to records, avoiding their adulteration, loss,
unauthorized or fraudulent consultation, use or access.

PRINCIPLE OF CONFIDENTIALITY: All persons involved in the processing of personal data that are not public in nature are required to guarantee the confidentiality of the information, even after their relationship with any of the tasks involved in the processing has ended. They may only provide or communicate personal data when this corresponds to the development of the activities authorized by Law 1581 of 2012 and under the terms thereof.

7. AUTHORIZATIONS

MULTIPARTES will request
authorization so that the owner of the information gives his consent
prior, express and informed of the treatment to which your data are subject
personal.

The authorization also
may be obtained from unequivocal conduct of the data owner,
which reasonably allow us to conclude that the person has given his or her consent for the processing of his or her information. Such conduct must clearly demonstrate the intention to authorize the processing.

The consent of the
The title may be obtained by any means that can be consulted
subsequent, such as written, verbal, virtual or behavioral communication
unequivocal.

By virtue of its
nature and corporate purpose, MULTIPARTES receives, collects, records, preserves,
stores, modifies, reports, consults, delivers, transmits, transfers, shares
and deletes personal information, for which it obtains prior authorization from the
holder.

The authorization that you
granted by the owners of the information to MULTIPARTES allows, among others,
things, the realization of the following purposes: to offer and supply
product information, as well as consult, report and update your
data to information and risk operators; update current contractual relationships and comply with agreed obligations, among others such as those established
in the data purposes regulated in this policy.

MULTIPARTES will keep proof of said authorizations in an appropriate manner, ensuring and respecting the
principles of privacy and confidentiality of information.

MULTIPARTS handles
general form its format of AUTHORIZATION FOR THE PROCESSING OF PERSONAL DATA, however, when it comes to information that is related to the following
data types, the following special considerations will be taken into account:

a. Sensitive data

For the treatment of
sensitive data, the data owner will be informed of the following:

  • The owner may refuse the specific processing of this type of information.
  • The type of data will be explicitly and previously reported
    sensitive will be requested.
  • The processing and purpose for which sensitive data will be used will be communicated.
  • The authorization of sensitive data will be prior, express
    and clear.

b. Data of boys and girls
and teenagers

MULTIPARTES will ensure
that the processing of this type of data is carried out in accordance with the
rights of children and adolescents. In this regard, their special nature will be protected and their fundamental rights will be respected,
in accordance with the provisions of articles 5, 6 and 7 of Law 1581 of 2012, and in
Articles 6 and 12 of Decree 1377 of 2013, and other regulations that the
modify or add.

For the purposes of compliance
the foregoing, MULTIPARTES will act in accordance with the following:

·
Authorization will be requested from the legal representative of the
child or adolescent prior to the minor exercising his or her right to be
heard, opinion that will be valued taking into account the maturity, autonomy and capacity to understand the matter, in order to carry out the treatment of your
personal data.

·
The optional nature of answering questions will be reported.
about data on children or adolescents.

·
The following will be explicitly and previously reported:
data being processed and its purpose.

MULTIPARTES informs
all its stakeholders who, in accordance with article 10 of the Law
1581 of 2012, the authorization of the owner will not be necessary when it comes to:
(1) information required by a public or administrative entity in exercise of its functions
of their legal functions or by court order, (2) data of a public nature,
(3) cases of medical or health emergencies, (4) information processing
authorized by law for historical, statistical, or scientific purposes, and (5)
data related to the Civil Registry of Persons.

8. PURPOSES

The following are the
main purposes for which MULTIPARTES carries out the processing of the
personal information:

a. Clients and/or users

  • Know your financial, commercial and credit behavior
    and compliance with its legal obligations in risk centers and other databases
    of financial data.
  • ·
    Carry out all necessary steps to
    confirm and update customer information.
  • Validate and verify the identity of the client for the
    offering and administration of products and services, as well as to share
    information with various market players.
  • ·
    Establish a contractual relationship, as well as maintain and
    terminate a contractual relationship.
  • ·
    Offer and provide products or services through
    any medium or channel according to the customer profile and technological advances.
  • Receive information from MULTIPARTES and others
    companies that are part of your group regarding current commercial campaigns and
    future, promotion of products and services both our own and those of third parties, and
    other communications necessary to keep the client informed and informed
    via: phone call, text message, email, Facebook,
    Twitter, Instagram or any social network integration or instant messaging,
    inter alia.
  • ·
    Receive messages related to collection management and
    portfolio recovery, either directly or through a contracted third party
    for such a function.
  • ·
    Provide commercial, legal, product, and information
    security, service or any other type.
  • ·
    Know the location and contact information of the client to
    effects of notifications for security purposes and offering benefits and
    commercial offers.
  • ·
    Conduct commercial analysis and research,
    statistics, risks, market, including contacting the client to
    these purposes.
  • ·
    Prevent money laundering, financing of
    terrorism, as well as detect fraud, corruption, and other activities
    illegal.
  • ·
    Conduct satisfaction surveys regarding services
    provided by MULTIPARTES and other companies in its group.
  • ·
    Consult fines and sanctions for the different
    administrative and judicial authorities or public databases that have
    as a function of data management of this nature.
  •  
  • b. Suppliers and allies
  •  
  • ·
    The information requested from the supplier or ally may
    include information about the natural or legal person as appropriate. Thus
    Likewise, information may be requested from the supplier's employees or
    allies who are dedicated to fulfilling some function or relationship with MULTIPARTES
    who, due to the work performed, require access to the facilities or facilitate
    the provision of any product or service of MULTIPARTES or the companies
    that are part of their business group.
  • ·
    Carry out the process of linking the supplier or ally
    with the Organization, generating the development of internal procedures,
    which are relationship, accounting, financial, commercial,
    logistics, among others.
  • ·
    Manage and verify business backgrounds,
    reputational and the risks of money laundering and terrorist financing,
    as well as to detect and/or prevent fraud, corruption and other activities
    illegal, by the supplier or its employees in connection with the operation
    of MULTIPARTS.
  • ·
    Manage and strengthen contractual relationships with the
    supplier or ally, allowing greater control over the obligations assumed
    by the parties.
  • ·
    Review and evaluate the results of the supplier or ally,
    in order to strengthen the contracting processes within MULTIPARTES.
  • ·
    Offer and provide products or services through
    any means or channel according to the profile of the supplier or ally, and
    in accordance with technological advances.
  • ·
    Carry out commercial analysis and research, statistics,
    of risks, of the market based on the results of the supplier or ally.
  •  
  • c. Applicants and
    collaborators
  •  
  • The information that MULTIPARTES
    collection of aspirants or candidates for positions within the organization is
    treated for the purpose of carrying out the admission evaluation, the process of
    the candidate's connection, his disciplinary processes, disengagement from the
    collaborator and other related investigations or actions.
  • The treatment of the
    The personal information of our collaborators is intended for management
    of the existing labor relations with them, as well as the development of the
    different activities established by the organization. Among which
    We highlight the following:
  • ·
    Comply with the obligations and rights derived from
    its activity as an employer, and the activities inherent to its corporate purpose
    main and related, which can be carried out directly or with the support
    of third parties with whom your information will be shared for related purposes
    with the purpose of the contract.
  • ·
    Sharing your personal data with the authorities
    (judicial or administrative) national or foreign when the request is
    based on legal, procedural, and/or tax reasons.
  • ·
    Access and authorization of the benefits established by the
    employer, according to the requirements defined in each case.
  • ·
    Consult your data in the internal control lists, in
    compliance with national standards and internal policies associated with the System
    Money Laundering and Terrorism Financing Risk Management
    – SARLAFT, as well as compliance with ethics and integrity standards
    established by MULTIPARTES.
  • ·
    To deliver your information to employee funds and
    mutual investment funds that have been authorized to know the same.

Being ex
collaborators, MULTIPARTES will store, even after the contract has ended,
work, the information necessary to comply with the obligations that may
arise by virtue of the employment relationship that existed in accordance with the legislation
Colombian, or by virtue of the services that by virtue of the relationship may
to be provided, as well as to provide the work certifications that
are requested by the former collaborator or by third parties against whom he
forward a selection process.

d. Shareholders

 

Information and data
personal information of shareholders, including personal information, contact information, as well as
such as information and documentation provided through virtual channels,
telephone channel, email and information updates will be
collected, consulted, updated, modified and processed directly
by MULTIPARTES and/or by third parties designated by it, for the following
Finnish:

Comply with the obligations and rights derived from its
quality of Issuer and Depositor respectively.

Carry out the comprehensive administration activities of the book of
shareholder register.

Provide information related to procedures, complaints and
shareholder requests.

Provide access to information to judicial authorities or
administrative bodies that request such data in the exercise of their functions.

Manage the risk of Money Laundering and Financing of
Terrorism and corruption.

The fulfillment of the necessary activities and purposes of the
issuer-shareholder relationship.

 

e. Access to buildings,
surveillance and security of own and third-party facilities

 

Have information on each employee, including outsourcing personnel
that works at the service of MULTIPARTES and the visitors who enter the
Headquarters properties, other facilities of the organization or
relevant third-party facilities.

Control and identify access to the administrative headquarters of the
main office.

Maintain security and access control to buildings, points
sales and other facilities.

MULTIPARTES informs you
to all holders that the data collected directly at the points of
security of administrative offices, buildings, branches, points of sale
and other facilities, which are provided in personnel documents
security, and the data obtained from the video recordings made within
or outside MULTIPARTES facilities, are used for security purposes
of people, property and facilities.

9. DURATION OF TREATMENT
DATA

 

Personal data
will be subject to processing by MULTIPARTES during the contractual term in
that the owner of the information has the product, service, contract or
relationship, plus the term established by law.

 

10.
RIGHTS OF THE HOLDER

 

The holders of the information
that is subject to processing by MULTIPARTES may:

Know, update, rectify, delete or revoke your data
personal data and be informed of the treatment that MULTIPARTES carries out on
personal data.

Submit applications and complaints related to regulation
in force regarding the Protection of Personal Data.

Request revocation of authorization and/or deletion of data
staff in the event that it is determined that MULTIPARTES presents a contrary conduct
to the current regulations. The request for deletion or revocation does not
will proceed when the holders have a legal or contractual duty to
remain in the MULTIPARTES database.

In accordance with the
art. 20 of Decree 1377 of 2013, the exercise of the rights previously
mentioned may be exercised by the following persons:

By the holder, who must prove his identity in the form
sufficient by the various means made available to the person responsible.

By their successors in title, who must prove such status.

By the representative and/or attorney of the owner, prior
accreditation of representation or power of attorney.

By stipulation in favor of another or for another.

The rights of children or adolescents will be exercised by
persons who are authorized to represent them.

11. MULTIPARTY DUTIES:

 

MULTIPARTS, such as
responsible for the personal data stored in its databases, undertakes
to:

·
Guarantee the holder the full and effective exercise of his rights
rights.

·
Request and keep a copy of the authorization granted by
the owner or proof thereof.

·
Inform the owner about the purposes of the
collection, the uses of your personal data and your rights based on the
authorization granted.

·
Keep information in safe conditions for
prevent its adulteration, loss, consultation, use or unauthorized access.

·
Ensure that the information provided to third parties or
those in charge of the treatment is truthful, complete, accurate, up-to-date, verifiable
and understandable.

·
Update information held by a third party or
manager, regarding all developments related to the data provided
and take the necessary measures to ensure that the information is up to date.

·
Rectify the information when you become aware that
is incorrect.

·
Ensure that third parties and/or data processors
of the personal information for which MULTIPARTES is responsible,
with effective measures and policies to ensure the proper treatment of
such information. It will also require them to commit to accepting and
apply the provisions of this Personal Data Processing Policy
and other guidelines established by MULTIPARTES or certify that their
internal policies include at least the provisions set out here. In
If the issuance of the certification is not possible, MULTIPARTES must corroborate
that the internal policies of third parties and/or managers include criteria of
security and/or privacy equivalent to or greater than those provided herein. In this
In this sense, third parties and/or managers must adopt the measures and
security and privacy conditions for personal data, which are
shared with these, at least at the same level of protection adopted
by MULTIPARTS.

·
Process queries and complaints made
in accordance with the provisions of this Policy and the law.

·
Inform the data protection authority when
present security violations and there are risks in the administration of the
information of the headlines.

 

12. ATTENTION TO QUERIES,
COMPLAINTS AND CLAIMS

 

The holders of the
information when they need to make a query, complaint or claim, they will be able to
make use of:

to.
 Questions:

 

The headlines, their
successors in title or any other person who may have a legitimate interest,
may request to be informed about the personal data of the owner that
are stored in any MULTIPARTES database.

According to the
previous, MULTIPARTES will guarantee the right of consultation, making known the
personal information linked to the owner.

The queries that deal with
on issues of access to information, evidence of the authorization granted
by the owner, uses and purposes of personal information, or any other
query related to the personal information provided by the
holder, must be submitted through the channels enabled by MULTIPARTES.

The consultation will be
attended to within a maximum period of ten (10) business days from the
date of receipt thereof.

When it is not possible
answer the query within the established period, the interested party will be informed,
stating the reasons for the delay and the date on which the query will be attended to,
which will not exceed five (5) business days following the expiration of the
Firstly, in accordance with the provisions of Article 14 of the Law
1581 of 2012.

b. Claims:

Correction, update,
deletion and revocation:

The headlines, their
successors in title or any other person with a legitimate interest, who considers
that the information contained in any of the MULTIPARTES databases
must be corrected, updated or deleted or that warns of a
possible non-compliance with the duties established in Law 1581 of 2012 and its
regulatory decrees, may file a claim following the
requirements of article 15 of the same law.

Requirements to submit
a claim:

·
Identification of the holder or of the person presenting the
claim, stating your name and identification number.

·
Describe the reason for the claim clearly and expressly,
where the facts that gave rise to it are established, presenting the
documents that you intend to assert.

·
Prove the legitimate interest with which the person acts
Submit the claim and attach, if necessary, the corresponding supporting documents.

·
Provide the telephone number, physical or electronic address to the
that the request must be notified and the response sent.

In any case, if the
If the claim is incomplete, the interested party will be required to do so within five (5) days.
currents following the reception of the same in order to correct the faults. If
after two (2) months have elapsed from the date of the request, without the applicant
present the required information, MULTIPARTES will understand that you have withdrawn from the
claim.

When MULTIPARTS does not
is the competent entity to resolve the claim presented, it will be transferred
to whom it may concern within a maximum term of two (2) calendar days, and will be informed
of this situation to the interested party.

In the event that the
Once the claim is received in full, a legend will be included in the database
say "in process" and the reason for it, in a term no greater than two (2)
current days. This legend will remain until the claim is resolved and
will be adjusted according to internal procedures.

Now, the term
The maximum time to address the claim will be fifteen (15) business days counted from
the day after the date of receipt. When it is not possible to attend to it
Within this period, the interested party will be informed of the reasons for the delay and
the date on which your claim will be resolved, which in no case may exceed
the eight (8) business days following the expiration of the first term.

The headlines, their
successors in title or any other person with a legitimate interest may submit
complaint to the Superintendency of Industry and Commerce, but only once they have
the consultation or claim process has been exhausted before MULTIPARTES, as responsible party and/or
any person in charge, in accordance with the provisions of article 16 of the Law
1581 of 2012.

Suppression of the
information:

In case of requesting the
deletion of all or part of your personal information you should take into account that
MULTIPARTES will analyze the request made. However, the
deletion of information in case the owner has any legal or
contractual to remain in the database managed by MULTIPARTES.

Revocation of the
authorization:

In case of requesting the
revocation of the authorization of your personal data, MULTIPARTES will analyze
the request made and will inform the owner if this revocation is appropriate.

However, it will not proceed
the revocation of the authorization in case the holder has any duty
legal or contractual right to remain in the database managed by MULTIPARTES.

The queries and
Claims submitted will be processed in accordance with the processes and
internal procedures.

 

13. CHANNELS OF ATTENTION
QUERIES, COMPLAINTS AND CLAIMS

 

MULTIPARTS has
enabled for the holders of personal data the following channels of
attention for the exercise of your rights to know, update, rectify
and/or delete your personal information.

PHYSICAL OFFICES: the owners of
information can be approached at the MULTIPARTES headquarters and presented
your request within the terms established by law. The official who
If you receive any news, you must send it directly to the legal department for its review.
procedure.

ATTENTION EMAIL:
 for
make a claim about the handling of personal data of the owners of
The information can be communicated to the following email address: protecciondatos@multipartes.com.

14. TRANSFER AND
TRANSMISSION OF PERSONAL DATA

 

Eventually MULTIPARTS,
as responsible for the personal information stored in its databases and
In the development of the purposes described in this document, it may
carry out national or international transfer or transmission of data.

MULTIPARTS is
committed to verifying the level of protection and safety standards
from the country receiving the personal information, make the declaration of
compliance (when applicable) and sign a transfer contract or other
legal instrument that guarantees the protection of personal data
transfer.

By virtue of this relationship
of exchange, MULTIPARTES has adopted various guidelines for the relationship
with third parties, in order to protect the information subject to this activity.

In order to protect the
information, MULTIPARTES will verify whether the Superintendency of Industry and
Commerce has included the respective country in the list of countries that offer a
adequate level of data protection or will review the regulations in force in the
country receiving the information, to determine if the conditions are met
suitable for ensuring adequate levels of information security
object of transmission or transfer.

15. RELATIONSHIP WITH
THIRD PARTIES AND MANAGERS

?

In development of this
Policy and internal provisions for the proper handling of data
personal, MULTIPARTES will ensure that the third parties with which it is linked or with which
that establishes commercial, labor or alliance relations, adapt their
conduct to the personal data protection regime in Colombia.

In view of the above,
MULTIPARTS, without prejudice to all documentation, models and means provided
for the request for authorization for treatment, the notices of
privacy, records and contractual and/or legal coverage, you may request
third parties and/or managers suitable and relevant information to verify and
observe compliance with the provisions contained herein
policy and the personal data protection regime in Colombia.

In this sense, MULTIPARTES
may request third parties and/or those in charge to certify in advance,
during or after the relationship that binds them, the fulfillment of
the requirements of the personal data protection regime. In such a way that
A review and supervision may be requested on an occasional or periodic basis,
compliance with legal and/or contractual requirements, through
evidence or support of the management carried out, carry out visits to the
third party facilities, among other activities that may be coordinated to
validate compliance.

16. COOKIES

 

MULTIPARTS for the sake of
improve its service on the website and digital applications, use
own and third-party cookies in order to optimize the experience of our
clients and users, monitor statistical information, present content and
advertising related to user preferences when browsing
through our website, platforms and/or technological and/or digital applications.

The information that is
collected through cookies is encrypted and will not be used for
identify and/or reveal user information.

17. VIDEO SURVEILLANCE

The Company uses
Various video surveillance media installed in different internal and external locations
of its facilities, offices, production plants, points of sale, etc. In
For this reason, it informs the general public about the existence of these
mechanisms through the dissemination of video ads on visible sites
surveillance.

The information collected through this mechanism is used
for security purposes, to improve our service and the experience in
the company's facilities, as well as evidence in any type of process before any type of authority or organization.

MULTIPARTES does not deliver video recordings obtained to any party.
third, unless there is a court order or order from a competent authority or the law
allow it.

18. POLICIES AND GUIDELINES
COMPLEMENTARY

By virtue of the
present policy, MULTIPARTES may develop policies on aspects
specific (for example, cookie policy), as well as guidelines, directives and circulars aimed at its implementation, provided that they are consistent with
the regulatory framework and this policy.

This policy may be
modified at any time in order to adapt it to new practices
that are developed or to legislative or jurisprudential developments in the
subject.

Any updates will be made available
disposition of the holders of personal information on the web pages: https://multipartescol.com/ , https://www.multipartes.com.co/es , https://rollercaster.co/ ,
https://ruedasroller.com/, or in any other medium deemed relevant,
indicating the date of entry into force of the corresponding modification or
update, as the case may be.

19. VALIDITY

This policy
It begins to take effect from the date of its approval.

SONIA VILLAMIZAR ANGULO

LEGAL REPRESENTATIVE

Carrera 2 #21 - 84 San Nicolas Cali / Valle del Cauca Colombia +57 318 2263930

Newsletter

©2025 Roller. A brand of Multipartes de Colombia SAS

Coupon
Drawer Title

We use cookies to improve your experience. By continuing, you accept our Personal Data Processing Policy and Privacy Notice .

Similar Products