The authorization provided in this document empowers FIRMA SEGURO (a brand and application owned by the company Treda Solutions SAS) (hereinafter referred to as FIRMA SEGURO or we) to collect, store, use, and delete the personal data provided here, especially those defined as Sensitive Data .
FIRMA SEGURO, in order to fulfill its objective of providing a high-quality service, executing and promoting its electronic signature services, as well as creating, modifying, tracking processes, and, in general, any activity within the scope of its corporate purpose, adheres to the principles of data protection laws. This requires the processing of the aforementioned “Data,” ensuring that the purpose and use of the information provided will be purely professional, functional, commercial, administrative, and promotional. Under no circumstances will personal data be processed for marketing or circulation purposes. Exceptions provided by law will always apply.
In accordance with Article 8 of Law 1581 of 2012, the data subject, whose personal information is collected in this form, has the following rights:
Through this policy, FIRMA SEGURO guarantees to individuals associated with it that:
A. FIRMA SEGURO has assessed the potential impact on human rights (including personal data protection and privacy rights) prior to the development and/or use of the application. B. FIRMA SEGURO has tested the robustness, reliability, accuracy, and security of the application’s data before putting it into use, including identifying biases in systems and data that may lead to unfair outcomes. C. FIRMA SEGURO has implemented Demonstrated Accountability measures appropriate to the risks of interference with human rights. D. FIRMA SEGURO has implemented measures to address risks, including safeguards, security measures, software design, technologies, and mechanisms that ensure the protection of personal data, taking into account the rights and legitimate interests of the data subjects and other potentially affected individuals.
The data subject can exercise any of the aforementioned rights by making a request to the email address firstname.lastname@example.org. Upon receiving the request in accordance with the procedures established by FIRMA SEGURO, the request will be processed in accordance with the law.
Specific information in each case and contractual, documentary, civil, or commercial details, etc., will be provided prior to electronic signature under the concept of “Acceptance and full understanding of the electronically signed method and its content,” which constitutes an integral and inseparable complement as a legal entirety of this policy.
TREDA SOLUTIONS SAS (FIRMA SEGURO), with its registered office in the city of Medellin, located at Calle 30 No. 82 a – 23, and with the email address email@example.com and phone number +57 4 6043734 (hereinafter referred to as “FIRMA SEGURO” or “we”), hereby informs individuals whose personal data are processed by FIRMA SEGURO of this information processing policy (the “Policy”). This action is in compliance with Law 1581 of 2012, Decree 1377 of 2013, Decree 4886 of 2011, Decree 1074 of 2015, recommendations from CONPES 3975 of November 8, 2019 (National Policy for Digital Transformation and Artificial Intelligence), “General recommendations for data processing in artificial intelligence” from the Ibero-American Network for the Protection of Personal Data, and the GPA (Global Privacy Assembly) “Adopted resolution on accountability in the development and use of artificial intelligence” from 2020, as well as other international regulations.
The primary purpose of this Policy is to inform individuals whose personal data is processed of their rights, the procedures and mechanisms established by FIRMA SEGURO to enforce these rights, and to provide insight into the scope and purpose of the processing to which personal data will be subjected should the data subject grant their express, prior, and informed authorization.
FIRMA SEGURO, in the course of its commercial activities, will collect, use, store, transmit, and perform various operations on the personal data of the Data Subjects. In all Processing of Personal Data carried out by FIRMA SEGURO, the Data Controllers, Data Processors, and/or third parties to whom Personal Data are transferred must comply with the principles and rules established by law and in this Policy to guarantee the right to habeas data of Data Subjects and to fulfill FIRMA SEGURO’s legal obligations. These principles are as follows:
Prior Authorization: All Processing of Personal Data will be carried out once the prior, express, and informed Authorization of the Data Subject has been obtained, unless the law establishes an exception to this rule. In case the Personal Data has been obtained before the law, FIRMA SEGURO will seek ordinary and alternative means to summon the Data Subjects and obtain their retroactive authorization, following the provisions of Decree 1377 of 2013 and related regulations.
Authorized Purpose: All activities involving the Processing of Personal Data must conform to the purposes stated in this Policy or in the Authorization granted by the Data Subject or in specific documents that regulate each type or process of Personal Data Processing. The purpose of the particular Processing of Personal Data must be communicated to the Data Subject at the time of obtaining their Authorization. Personal Data cannot be processed beyond the purposes informed and consented to by the Data Subjects.
Data Quality: Personal Data subject to Processing must be truthful, complete, accurate, up-to-date, verifiable, and understandable. When partial, incomplete, fragmented, or misleading Personal Data is in possession, FIRMA SEGURO must abstain from Processing them or request the Data Subject to complete or correct them.
Information Delivery to the Data Subject: When requested by the Data Subject, FIRMA SEGURO must provide them with information about the existence of Personal Data concerning the requester. The unit responsible for the protection of personal data at FIRMA SEGURO will carry out this information delivery (see section 6 of this Policy).
Restricted Circulation: Personal Data may only be Processed by FIRMA SEGURO personnel who are authorized to do so or who, within their functions, are responsible for carrying out such activities. Personal Data may not be disclosed to individuals who are not Authorized or have not been Enabled by FIRMA SEGURO to carry out the Processing.
Timeliness: FIRMA SEGURO will not use the Data Subject’s information beyond the reasonable period required by the purpose that was informed to the Data Subject for their Personal Data.
Restricted Access: Except for expressly authorized data, FIRMA SEGURO may not make Personal Data available for access through the Internet or other mass media of communication unless technical and security measures are established to control and restrict access only to Authorized persons.
Confidentiality: FIRMA SEGURO must always carry out the Processing by implementing the technical, human, and administrative measures necessary to maintain the confidentiality of the data and to prevent its adulteration, modification, consultation, use, access, deletion, or knowledge by Unauthorized persons or by Authorized and Unauthorized persons in a fraudulent manner, or the loss of Personal Data. Any new project involving the Processing of Personal Data must consult this Processing Policy to ensure compliance with this rule.
Confidentiality and Subsequent Processing: All Personal Data that are not Public Data must be treated as confidential by the controllers, even when the contractual relationship or the link between the Data Subject and FIRMA SEGURO has ended. Upon the termination of said relationship, such Personal Data must continue to be Processed in accordance with this Policy and the Law.
Individuality: FIRMA SEGURO will keep separate databases in which it has the quality of Data Processor from the databases in which it is the Data Controller.
Necessity: Personal Data can only be Processed for the time and to the extent justified by the purpose of their Processing.
The Personal Data processed by FIRMA SEGURO must strictly adhere to the following purposes. Likewise, Data Processors or third parties who have access to Personal Data by virtue of the law or contract will keep the Processing within the following purposes:
In accordance with the law, Data Subjects have the following rights:
Know, update, and rectify their Personal Data in relation to FIRMA SEGURO or those responsible for their Processing. This right can be exercised, among other things, with respect to partial, inaccurate, incomplete, fragmented data that may lead to errors, or those whose Processing is expressly prohibited or not authorized.
Request proof of the Authorization granted to FIRMA SEGURO, unless the law indicates that such Authorization is not required.
Submit requests to FIRMA SEGURO or the Data Processor regarding how they have used their Personal Data and request that this information be provided.
File complaints with the Superintendence of Industry and Commerce or international entities for violations of the law.
Revoke their Authorization and/or request the deletion of their Personal Data from FIRMA SEGURO’s databases when the Superintendence of Industry and Commerce or an international entity has determined through a final administrative act that FIRMA SEGURO or the Data Processor has engaged in conduct contrary to the law, or when there is no legal or contractual obligation to keep the Personal Data in the responsible party’s database.
Request access and access for free to their Personal Data that have been processed in accordance with Article 21 of Decree 1377 of 2013.
Be informed of any modifications to the terms of this Policy in advance and efficiently before the implementation of the new modifications or, if necessary, the new information processing policy.
Have easy access to the text of this Policy and its modifications.
Access Personal Data under FIRMA SEGURO’s control easily and simply in order to effectively exercise the rights granted to Data Subjects by law.
Know the department or person authorized by FIRMA SEGURO to whom they can submit complaints, queries, claims, and any other requests regarding their Personal Data.
Data Subjects may exercise their legal rights and follow the procedures established in this Policy by presenting their original identification document. Minors may personally exercise their rights or do so through their parents or the adults who hold parental authority, who must demonstrate it through the relevant documentation. Likewise, individuals who have stipulated in favor of another person or for another person, as well as representatives and/or agents of the Data Subject with the corresponding authorization, may exercise the rights of the Data Subject.
FIRMA SEGURO has designated Customer Service Management as responsible for receiving and addressing requests, complaints, claims, and inquiries of all types related to Personal Data. The person in charge of Customer Service will process inquiries and complaints related to Personal Data in accordance with the Law and this policy.
Some of the specific functions of this area regarding Personal Data include:
Receiving requests from Data Subjects, processing and responding to those based on the law or these Policies, such as requests to update Personal Data, requests to know Personal Data, requests for the deletion of Personal Data when the Data Subject provides a copy of the decision of the Superintendence of Industry and Commerce or international entity as established by law, requests for information about the use of their Personal Data, requests to update Personal Data, and requests for proof of the granted Authorization, when it has proceeded according to the law.
Responding to Data Subjects regarding requests that do not comply with the Law.
The contact information for Customer Service is as follows: Physical Address: Calle 30 No. 82 a – 23, Medellín, Colombia; Email: firstname.lastname@example.org; Phone: +57 4 6043734, Monday to Friday, 8:00 am to 5:00 pm (Colombia Time).
Title of the contact person: Customer Service Specialist.
This Policy is effective from June 9, 2021. Personal Data that is stored, used, or transmitted will remain in our Database based on the criteria of temporality and necessity for the time required to fulfill the purposes mentioned in this Policy for which they were collected.
[Updated to June 9, 2021]