| AUGUST 2021 |
This policy is defined in accordance with the entry into force of the Statutory Law 1581 of 2012, which aims to dictate the general provisions for the protection of personal data and develop the constitutional right of all persons to know, update and rectify the information that has been collected about them in databases or files as well as the right to information; therefore, BELIEVE IT GROUP, as Owner of BAXNETWORK.COM taking into account its status as responsible for the processing of personal data that assists it, is allowed to formulate this text to comply with such regulations effectively and especially for the attention of inquiries and complaints about the processing of personal data collected and handled by BELIEVE IT GROUP through its digital product BAX.
The right to HABEAS DATA is the right of every person to know, update and rectify the information collected about them in files and data banks of public or private nature and guarantees all citizens the power of decision and control over their data. Therefore, BAX accepts such provisions considering that it is continuously collecting and carrying out various treatments to databases of customers, shareholders, suppliers, business partners, and employees for the development of its corporate purpose.
Under the preceding, within the legal and corporate duty of BAX to protect the right to privacy of individuals, as well as the power to know, update or request information about them that is stored in databases, BAX has designed this policy for handling personal data and databases in which the treatment of Personal Information to which you have access through our website is described and explained, e-mail, physical information (strips), text messages, voice message, App, phone calls, face to face, physical or electronic media, current or in the future to be developed as other communications sent as well as through third parties involved in our business or legal relationship with all our customers, employees, suppliers, shareholders, strategic allies and related parties.
The present document will be adjusted to regulate the regulations applicable to the matter, and new provisions come into force.
OBJECTIVE: To establish the criteria for the collection, storage, use, circulation, and suppression of personal data processed by BAX.
Authorization: It is the consent given by any person so that the companies or persons responsible for processing information can use their data.
– Data Subject: The natural person whose personal data is the object of processing.
– Database: Organized set of personal data that are subject to processing.
– Personal data: This is any information linked, or that can be associated with a specific person, such as name or identification number, or that can make it determinable, such as physical traits.
– Processing: Any operation or set of operations on personal data, such as collection, storage, use, circulation, or deletion.
– Data processor: The natural or legal person who carries out the processing of personal data, based on a delegation made by the data controller, receiving instructions on how the data should be managed.
– Data Controller: The natural or legal person, public or private, who decides on the purpose of the databases and/or their processing.
– Public data: It is one of the existing types of personal data. Public data includes, among others, data relating to the marital status of individuals, their profession or trade, and their status as merchants or public servants. Due to their nature, public data may be contained, among others, in public records, public documents, official gazettes and bulletins, and duly executed court rulings that are not subject to confidentiality.
– Semi-private data: Data that are not of an intimate, reserved, or public nature and whose knowledge or disclosure may be of interest not only to the owner but also to a specific sector or society in general. Financial and credit data from commercial or service activities are some examples.
Private data: Data that is only relevant to the owner due to its intimate or reserved nature. The tastes or preferences of individuals, for example, correspond to private data.
– Sensitive data: Data that affect the holder’s privacy or may lead to discrimination, i.e., data that reveal racial or ethnic origin, political orientation, religious or philosophical beliefs, membership in trade unions, social organizations, human rights organizations, as well as data related to health, sex life, and biometric data, among others.
– Privacy notice: It is one of the verbal or written communication options provided by law to inform the owners of the information, the existence and ways to access the policies of treatment of information, and the purpose of its collection and use.
– Transfer: This is the operation carried out by the controller or processor of personal data when they send the information to another recipient, who, in turn, becomes the controller of the processing of such data.
SCOPE: This policy applies to all personal information registered in the databases of BELIEVE IT GROUP and/or BAX, which acts as the party responsible for the processing of personal data.
RIGHTS THAT ALL HOLDERS OF PERSONAL DATA HAVE AGAINST THE COMPANY
Any process involving the processing by any area of the company of personal data of customers, suppliers, employees, and in general any third party with whom BAX has commercial and labor relations must take into account and inform them expressly and in advance, by any means that can keep a record of compliance, the rights of the owner of the data, which are set forth below:
CASES IN WHICH BAX DOES NOT REQUIRE AUTHORIZATION FOR THE PROCESSING OF DATA IN ITS POSSESSION
TO WHOM INFORMATION MAY BE PROVIDED BY BAX WITHOUT THE NEED FOR AUTHORIZATION FROM THE DATA SUBJECTS.
BAX’s Duties Towards Data Subjects
BAX recognizes that personal data are the property of the owners of such data and that only such persons may decide on such data.
In this sense, it will be used exclusively for those purposes for which it is empowered under the terms of the law, and to do so, it is allowed to inform the duties it assumes in its capacity as data controller:
PERSON IN CHARGE OF THE TREATMENT
BELIEVE IT GROUP is responsible for the treatment; through this policy, it is allowed to inform your identification data:
Company name: BELIEVE IT GROUP
TAX IDENTIFICATION NUMBER: xxxxx
Principal place of business: xxxxxxxxx
Person or unit responsible for attending to requests, queries, and complaints: the area in charge of receiving and channeling all requests and concerns is CUSTOMER SERVICE through the e-mail [email protected], web page: https://baxnetwork.com and telephone: xxxxxxxx.
PERSON IN CHARGE OF THE TREATMENT
Eventually, BELIEVE IT GROUP. May have the status of PROCESSOR, in which case the identification data are as follows:
Company name: BELIEVE IT GROUP
TAX IDENTIFICATION NUMBER: xxxxxxxx
Principal place of business: xxxxxxx
Person or unit responsible for attending to requests, queries, and complaints: the area in charge of receiving and channeling all requests and concerns is CUSTOMER SERVICE through the e-mail [email protected], web page: https://BAX.co and telephone: xxxxxx
TREATMENT AND PURPOSE
The treatment that BELIEVE IT GROUP will carry out with the personal information will be the following: The collection, storage, use, and circulation of data for:
TREATMENT OF SENSITIVE DATA: (this only if the organization collects and processes sensitive data).
RIGHTS OF THE OWNERS: As the Owner of your data, you have the right to (i) Access free of charge to the data provided that have been subject to processing. (ii) Know, update, and rectify your information against partial, incomplete, incomplete, fractioned, misleading, or those whose treatment is prohibited or has not been authorized. (iii) Request proof of the authorization granted. (iv) File complaints before the Superintendence of Industry and Commerce (SIC) for violations of the provisions of the regulations in force. (v) To revoke the authorization and/or request the deletion of the data, provided that no legal or contractual obligation prevents their deletion. (vi) Refrain from answering questions about sensitive data.
PROTECTION OF PERSONAL DATA OF MINORS AND ADOLESCENTS
Under the provisions of Statutory Law 1581 of 2012 and Regulatory Decree 1377 of 2013, BAX ensures that the processing of personal data of children and adolescents will be carried out respecting their rights, which is why, in the commercial and marketing activities carried out by BAX, it must have the prior, express and informed authorization of the parent or legal representative of the child or adolescent.
ATTENTION TO REQUESTS, INQUIRIES, AND COMPLAINTS
The CUSTOMER SERVICE area is the unit in charge of processing the requests of the holders to enforce their rights.
PROCEDURE FOR THE EXERCISE OF THE RIGHT TO HABEAS DATA
In compliance with the rules on personal data protection, BAX presents the procedure and minimum requirements for the exercise of your rights: For the filing and attention of your request, we ask you to provide the following information: Full name and surname, Contact details (physical and/or electronic address and contact telephone numbers), Means to receive a response to your request, Reason(s)/fact(s) that give rise to the claim with a brief description of the right you wish to exercise (know, update, rectify, request proof of authorization granted, revoke it, delete, access to information) Signature (if applicable) and identification number. The maximum term provided by law to resolve your claim is fifteen (15) business days, counted from the day following the date of receipt.
When it is not possible to address the claim within such term, BAX will inform the interested party of the reasons for the delay and the date on which the claim will be handled, which in no case may exceed eight (8) business days following the expiration of the first term. Once the terms outlined in Law 1581 of 2012 and other rules that regulate or complement it has been complied with, the holder who is denied, in whole or in part, the exercise of the rights of access, updating, rectification, deletion, and revocation, may bring the case to the attention of the Superintendence of Industry and Commerce -Delegation for the Protection of Personal Data-.
This Policy for the Treatment of Personal Data is effective as of September 30, 2019. The databases in which the personal data will be recorded will be valid for as long as the information is kept and used for the purposes described in this policy. One such purpose(s) are fulfilled, and provided that there is no legal or contractual duty to keep your information, your data will be deleted from our databases. Other examples of the period of permanence of the data in the database are: Personal data provided will be retained as long as the contractual relationship with the Data Subject is maintained. The personal data provided will be kept as long as the data subject does not request their deletion, and there is no legal duty to support them. The personal data provided will be saved for 15 YEARS from the last confirmation of interest from the Data Subject.
In this first beta of launch, it can only be accessed by invitation. Leave us your information and you will enter the waiting list to receive your access.