POLICY FOR THE PROTECTION OF PERSONAL DATA
1. OBJECTIVE
Establish the technical measures that guarantee the security of the information of the databases in the storage media arranged within the entity, that is, computer equipment, information systems, networks and physical media, protecting them from possible leaks of information that negatively affects those who provided their personal data to the company. The protection, flexibility to access them and their conservation, are first-order requirements for Diarios Secretos. In the same way, information security is a priority and, therefore, it is unavoidable to ensure that the policies and procedures established in this document are complied with.
2. REACH
It will apply to databases that contain personal data and that use Diarios Secretos for their operation. The protection procedures cover all administrative and control aspects that directors, employees and third parties who work or have any relationship with the company must comply with.
3. RESPONSIBLE
It is directly Diarios Secretos email info@diariossecretos.com
4. PURPOSE
They will be used for:
5. RIGHTS OF THE DATA HOLDERS
Know, update, rectify and delete personal information, as well as to revoke the consent granted for the treatment of the same, as allowed by the Constitution and the law. Know about those that Diarios Secretos stores and uses, and request updating or rectification when deemed appropriate.
Have information about the data processing policy stipulated by Diarios Secretos.
6. RESPONSIBLE FOR IMPLEMENTATION AND COMPLIANCE
Diarios secretos will be responsible for developing, implementing, training and monitoring full compliance with this policy and its attached procedures.
In the same way, it will be in charge of receiving, storing and attending to the requests, queries, complaints and claims presented by the owners of the data.
7. AUTHORIZATION
Secret Newspapers will request prior authorization for the processing of data from the owners, taking into account the following:
8. ATTENTION TO THE REQUIREMENTS OF THE DATA HOLDERS
Diarios Secretos will make available to the holders of personal data the email info@diariossecretos.com, for the attention of requirements related to the processing of personal data and the exercise of the rights of the holders.
9. PROCEDURES FOR DATA PROCESSING AND SECURITY
Collection and registration:
It will be exclusively in charge of Diarios Secretos.
Attention to requests, complaints or claims
The holders of the information may request information from the entity on the processing of their personal data, proof of the express authorization for its use, updating and the use that has been given to them.
The request may be made through the email info@diariossecretos.com
The answers will be given a maximum of fifteen (15) business days from the moment of receipt.
10. DATA SECURITY
Diarios Secretos will provide the technical, administrative and human measures to safeguard and protect the personal data that is collected. As measures for this there are:
a) All electronic equipment of the company will have a security key and will be updated periodically.
c) Backup copies of the information will be made permanently.
d) The personnel responsible for this work will be trained and will be responsible for guaranteeing the proper use of the information. e) User profiles will be created for access to the databases, in accordance with authorization levels for the use of the information ( consultation, registration, update, deletion, etc).
f) The veracity of the information provided by the staff will be confirmed, before they are linked to the company.
g) Employees must not use their personal computer equipment and mobile devices to carry out work activities.
h) Diarios Secretos will certify that new employees sign a confidentiality agreement accepting Information security policies.
i) All employees will be careful with confidential information in public places, in conversations or in situations that may put the security and good name of the entity at risk.
j) Meetings will be held to make employees aware of the importance of the company’s information, and they will be instructed in compliance with the policies and procedures, and the prohibition of disclosure of the information received.
k) The information that resides in physical and digital files on workstations, laptops, printers, networks, the Internet, email, remote access tools, applications, telephones and others, are company assets and are delivered to employees and authorized third parties, to fulfill their purposes.
l) Databases and wireless networks will be protected with security keys that do not allow unauthorized access.
Bogota DC, Colombia. October 2022