POLICY FOR THE PROTECTION OF PERSONAL DATA

 1. OBJECTIVE 

Establish the technical measures that guarantee the security of the information of the databases in the storage media arranged within the entity, that is, computer equipment, information systems, networks and physical media, protecting them from possible leaks of information that negatively affects those who provided their personal data to the company. The protection, flexibility to access them and their conservation, are first-order requirements for Diarios SecretosIn the same way, information security is a priority and, therefore, it is unavoidable to ensure that the policies and procedures established in this document are complied with. 

2. REACH 

It will apply to databases that contain personal data and that use Diarios Secretos for their operation. The protection procedures cover all administrative and control aspects that directors, employees and third parties who work or have any relationship with the company must comply with. 

3. RESPONSIBLE 

It is directly Diarios Secretos email info@diariossecretos.com

4. PURPOSE 

They will be used for: 

  • Commercial purposes, customer service, organization, consolidation, reporting, statistics, marketing, updating, surveys, processing, surveys, attention and processing.
  • Report before national and district government entities that request it by law.
  • Promotion and marketing of the services and activities developed by the company.
  • Contact via email, or by any other means, to natural and legal persons with whom you have had, have or will have any relationship, such as: workers and family members, shareholders, consumers, allies, suppliers, creditors and debtors .
  • Establishment of alliances and synergies.
  • Interaction with existing and new suppliers.

5. RIGHTS OF THE DATA HOLDERS 

Know, update, rectify and delete personal information, as well as to revoke the consent granted for the treatment of the same, as allowed by the Constitution and the law. Know about those that Diarios Secretos stores and uses, and request updating or rectification when deemed appropriate. 

Have information about the data processing policy stipulated by Diarios Secretos.

6. RESPONSIBLE FOR IMPLEMENTATION AND COMPLIANCE 

Diarios secretos will be responsible for developing, implementing, training and monitoring full compliance with this policy and its attached procedures. 

In the same way, it will be in charge of receiving, storing and attending to the requests, queries, complaints and claims presented by the owners of the data. 

7. AUTHORIZATION 

Secret Newspapers will request prior authorization for the processing of data from the owners, taking into account the following: 

  • Consent must be granted by the owner at the time of data collection.
  • · The authorization must be explicit and specific. Therefore, open and non-specific authorizations will not be valid.
  • It will be received in writing, physically or digitally.
  • ·It must show that the owner of the data authorizes the entity in a voluntary, evident, informed and unequivocal manner, to process their data in accordance with this policy.

8. ATTENTION TO THE REQUIREMENTS OF THE DATA HOLDERS 

Diarios Secretos will make available to the holders of personal data the email info@diariossecretos.com, for the attention of requirements related to the processing of personal data and the exercise of the rights of the holders. 

9. PROCEDURES FOR DATA PROCESSING AND SECURITY 

Collection and registration: 

It will be exclusively in charge of Diarios Secretos

Attention to requests, complaints or claims
The holders of the information may request information from the entity on the processing of their personal data, proof of the express authorization for its use, updating and the use that has been given to them. 

The request may be made through the email info@diariossecretos.com

The answers will be given a maximum of fifteen (15) business days from the moment of receipt.

10. DATA SECURITY 

Diarios Secretos will provide the technical, administrative and human measures to safeguard and protect the personal data that is collected. As measures for this there are: 

a) All electronic equipment of the company will have a security key and will be updated periodically. 

c) Backup copies of the information will be made permanently.

d) The personnel responsible for this work will be trained and will be responsible for guaranteeing the proper use of the information. e) User profiles will be created for access to the databases, in accordance with authorization levels for the use of the information ( consultation, registration, update, deletion, etc).

f) The veracity of the information provided by the staff will be confirmed, before they are linked to the company.

g) Employees must not use their personal computer equipment and mobile devices to carry out work activities.

h) Diarios Secretos will certify that new employees sign a confidentiality agreement accepting Information security policies.

i) All employees will be careful with confidential information in public places, in conversations or in situations that may put the security and good name of the entity at risk.

j) Meetings will be held to make employees aware of the importance of the company’s information, and they will be instructed in compliance with the policies and procedures, and the prohibition of disclosure of the information received.

k) The information that resides in physical and digital files on workstations, laptops, printers, networks, the Internet, email, remote access tools, applications, telephones and others, are company assets and are delivered to employees and authorized third parties, to fulfill their purposes.

l) Databases and wireless networks will be protected with security keys that do not allow unauthorized access.

 

Bogota DC, Colombia. October 2022