PRIVACY  POLICY COALLY
PRIVACY  POLICY COALLY SAS
Table of Contents
  1. PRESENTATION
  2. AREA OF APPLICATION
  3. DEFINITIONS
  4. GUIDING PRINCIPLES FOR THE PROCESSING OF PERSONAL DATA
  5. AUTHORIZATION FOR THE PROCESSING OF PERSONAL DATA AND CASES IN WHICH AUTHORIZATION IS NOT NECESSARY
  6. TYPES OF DATA COLLECTED BY COALLY SAS
  7. PURPOSE OF THE PROCESSING OF PERSONAL DATA
  8. APPLICABLE REGULATIONS
  9. RIGHTS OF THE OWNER OF PERSONAL DATA
  10. RESPONSIBLE FOR PERSONAL DATA
  11. DUTIES OF THOSE IN CHARGE OF TREATMENT
  12. INQUIRIES AND CLAIMS
  13. MODIFICATIONS
  14. VALIDITY
  Presentation COALLY SASis a Colombian company whose main activity is to connect companies and / or individuals with young professionals through a virtual platform, composed of a web page and a mobile application, so that a consulting service is developed that adds value to clients . (companies and / or natural persons). COALLY SAS, in order to strictly comply with current regulations for the protection of Personal Data, in accordance with the provisions of Law 1581 of 2012, Decree 1074 of 2015 and other provisions that modify, add or complement them, presents the following POLICY OF PROTECTION AND TREATMENT OF PERSONAL DATA (hereinafter “Treatment Policy”) in order to protect the personal information provided by the Holders who are related to COALLY SAS such as clients, consultants and any other natural or legal person of which COALLY SAS obtains, collects, processes or treats personal data, whether said treatment is carried out by COALLY SAS or by third parties who do so on its behalf. The purpose of the Treatment Policy is to protect the constitutional right of Habeas Data that all people have to know, update, and rectify the information that has been collected and stored in the different databases of COALLY SAS, and by virtue of compliance of this right, it only collects and treats Personal Data, when it has been previously authorized by its Holder, implementing for this purpose, clear measures on confidentiality and privacy of Personal Data. Likewise, it details the general corporate guidelines that are taken into account in order to protect the Personal Data of the Holders.
  1. Area of ​​application
These terms and conditions and everything that has to do with this application and the legal relationships that arise from it, are governed by Colombian law, specifically Law 1581 of 2012 and Decree 1074 of 2015  
  1. Definitions
 
  1. Headline:Natural person whose data are subject to treatment. For this personal data treatment policy, the holders may be: (i) Clients of the platform; (ii) Consultants and all those people not related to COALLY SAS whose personal data is processed.
  2. Client: Natural or legal person
  3. User: Anyone who has downloaded and uses the platform either as a client or as a consultant.
  4. Platform: The data collection by Coally SAS will be through the Coally App and Coally Web platforms used for the development of the activity of this company.
  5. Personal data: Any information linked or that may be associated with one or more specific or determinable natural persons.
  6. Database:Organized set of data that are subject to Treatment;
  7. Personal data base:Organized set of personal data that are subject to treatment by a natural or legal person.
  8. Sensitive data:It is that personal data that affects the privacy of the Holder and whose incorrect use could generate discrimination. Sensitive data, among others, are considered health data, data on sexual orientation, racial and ethnic origin, political opinions, religious, philosophical or moral convictions.
  9. Private data:It is that personal data that due to its intimate or reserved nature is relevant for the Holder.
  10. Semi-private data:It is that personal data known and of interest both for the owner and for a certain sector of people or for society in general, so it is not of an intimate, reserved or public nature.
  11. Public data:It is that personal data qualified as such according to the Constitution and the law, and that has not been classified as private or semi-private personal data.
  12. Habeas data:It is the right of the Owner of the personal data to demand access, inclusion, exclusion, correction, addition, updating and rectification of the data from their administrators, as well as the limitation on their disclosure, publication or transfer.
  13. Authorization:Prior, express and informed consent of the Holder to carry out the processing of personal data.
  14. Notice of Privacy:Verbal or written communication addressed to the Holders of the personal data that are being processed by the company, in which they are informed about the existence of the personal data processing policies that will be applied, the way to access them. , and the purposes for which your personal data will be used.
  15. Treatment:Any operation or set of operations on personal data, such as the collection, storage, use, circulation or deletion.
  16. Responsible for the treatment:Natural or legal person of a public or private nature that by itself or in association with another or others decides on the processing of personal data. In this case, COALLY SAS will be responsible for the treatment.
 
  1. Guiding principles for the processing of personal data
As established in Title II of Statutory Law 1581 of 2012, the protection of personal data will be governed by the harmonious and comprehensive application of the following principles:
  1. Principle of legality in the processing of personal data:The processing of personal data referred to in Statutory Law 1581 of 2012 is a regulated activity that must be subject to what is established in it and in the other provisions that develop it.
  2. Purpose principle:The processing of personal data must obey a legitimate purpose in accordance with the Constitution and the law, which must be informed to the Holder.
  3. Principle of freedom:The processing of personal data can only be exercised with the prior, express and informed consent of the Holder. Personal data may not be obtained or disclosed without prior authorization, or in the absence of a legal or judicial mandate that relieves consent.
  4. Principle of truthfulness or quality:The information subject to treatment must be truthful, complete, accurate, up-to-date, verifiable and understandable. Processing of partial, incomplete, fractional or misleading data is prohibited.
  5. Principle of transparency:In the processing of personal data, the right of the Holder to obtain from the Person in charge of the treatment or the Person in charge of the treatment, at any time and without restrictions, information about the existence of data that concerns him must be guaranteed.
  6. Safety principle: The information subject to treatment by the Treatment Manager or Person in Charge of the treatment referred to in Statutory Law 1581 of 2012, must be handled with the technical, human and administrative measures that are necessary to provide security to the records avoiding their adulteration, loss , consultation, use or unauthorized or fraudulent access.
  7. Principle of confidentiality:All persons who intervene in the processing of personal data that are not public are obliged to guarantee the reservation of the information, even after the end of their relationship with any of the tasks that includes the treatment, being able to only supply or communicate of personal data when this corresponds to the development of the activities authorized in Statutory Law 1581 of 2012 and in the terms of the same.
  8. Principle of access and restricted circulation:The treatment is subject to the limits that derive from the nature of the personal data, the provisions of Statutory Law 1581 of 2012 and the Constitution. In this sense, the treatment can only be done by persons authorized by the Holder and / or by the persons provided for in the aforementioned law.
  1. Authorization for the processing of personal data and cases in which authorization is not necessary
  The consent and authorization by the Information Owner is a constitutional and legal requirement that the persons responsible for the processing of personal data must comply with. The consent must comply with the following assumptions: Previous:The authorization must be given by the Information Owner prior to any type of personal data processing. Express:The authorization must be granted unequivocally, clearly and specifically. Informed:The Holder must clearly understand what their personal data will be processed for and the purposes that may derive from the Treatment thereof. All visitors to the COALLY SAS Platforms must register and authorize the processing of personal data in order to use the services offered. Therefore, in each of the systems there is a box that says “Privacy Policy and Treatment of Personal Data” which must be read and accepted in order to continue using COALLY SAS services.
  1. TYPES OF DATA COLLECTED BY COALLY SAS
Coally SAS will collect data provided by Coally users, such as those generated during account creation, those provided in the use of the services.  
  1. User profile: data generated when accounts are created or updated. This can include name, email, phone number, username, password, identification document, profile photos.
  2. Demographic data: demographic data will be collected from users such as address, age, gender, place of residence, career and areas of interest. It may also be collected through the surveys intended for this.
  3. Usage data: data is collected about the service provided or the service requested, this includes the type of service requested or provided, details of the service, information about the time the service was provided and the frequency of request or provision of the same .
  4. Other information: customer comments, ratings and opinions of the service provided.
 
  1. Purpose of processing personal data
The Personal Data that Coally SAS collects are included in a Database to which the authorized personnel of COALLY SAS have access in the exercise of their functions, noting that in no case is the Processing of the information authorized for purposes other than those here described, and that they are communicated to the Holder directly at the latest at the time of collection. The main purpose of the collection, storage, use and / or circulation of personal data collected by Coally SAS is to provide the services offered in an adequate manner and to achieve the fulfillment of the expectations of the users of the web and mobile platform.   Additionally, in order to develop the company’s corporate purposes, Coally SAS may process data for the following purposes:   Purposes of the treatment of the personal data of the Users
  1. Collect the personal data of users and incorporate and store them in the Coally SAS database
  2. Sort, catalog, classify, divide or separate the information provided.
  3. Use the data provided in communication, disclosure and promotion campaigns or offer of products, activities and / or services developed as part of the company’s internal strategies.
  4. Maintain historical records of the company and maintain contact with the holders of the data.
  5. Verify, verify or validate the data provided.
  6. Transfer personal data to any country or server in another country.
  7. Communicate and allow access to personal data supplied to third party providers of general support services and to natural or legal persons who are shareholders of COALLY SAS
  8. Carry out, in accordance with the law, reports to credit bureaus for non-compliance with financial obligations derived from the commercial relationship.
  9. Sending communications through any channel including, but not limited to, social networks, text messages, push notifications, email, telephone call, etc., related to the corporate purpose of COALLY SAS such as marketing activities and / or any request made by the owner to COALLY SAS, among others.
  10. Provide the services offered and / or contracted adequately and with excellent quality.
  11. Recommend, according to the information provided by the consultant, specific projects that respond to your tastes, preferences or needs.
 
  1. Applicable regulations
  The processing of the owner’s Personal Data will be carried out based on the provisions of this privacy policy and the provisions of Law 1581 of 2012, Decree 1377 of 2013, Decree 886 of 2014, standards compiled in Decree 1074 of 2015 of the Republic of Colombia, and the other regulations that they add or modify.    
  1. Rights of the holders
  In compliance with the fundamental guarantees enshrined in the Constitution and the law, and without prejudice to the provisions of the other regulations that regulate the matter, the Holders of personal data may exercise the following rights free of charge and without limitation:
  1. Right of accessto your personal information subject to treatment.
  2. Right to updateof the personal data object of treatment.
  3. Right to rectificationof the personal data object of treatment.
  4. Right of objectionfor personal data to be processed
  5. Right to request deletionof personal data when the principles, rights and constitutional and legal guarantees are not respected in the treatment.
  6. Right to request proofof the authorization granted for the treatment.
  7. Right to revoke consentfor the processing of personal data.
  8. Right to present complaints and claimsbefore the Superintendency of Industry and Commerce for infractions of the provisions of Statutory Law 1581 of 2012 and the other regulations that modify, add or complement it.
  9. Right to be informedby the Responsible and / or Person in Charge of the use and treatment that will be given to the personal data, as well as the modifications and updates of the protection policies, security measures and purposes.
  1. Identification of the person in charge and / or in charge of the treatment:
Coally SAS is responsible for the processing of your personal data and will use these only for the purposes for which it is empowered. Especially those indicated in this policy   Coally SAS NIT: 901. 420 57 4 – 6 Address: calle 19 # 4 56 apartment 1403 Website: coally.com Email: coally3@gmail.com Telephone: 316 359 05 61    
  1. Duties of the person responsible for personal data.
  In line with current regulations on data processing, Coally SAS must comply with the following duties:  
  1. Guarantee the holder, at all times, the full and effective exercise of the right to habeas data
  2. Request and keep the reservation and authorization granted by the owner
  3. Inform the owner about the purpose of data collection and the rights that assist him by virtue of the authorization granted.
  4. Keep the information under the security conditions necessary to prevent adulteration, loss, or unauthorized access
  5. Update the information and adopt the necessary measures so that the information provided is kept up to date
   
  1. Queries and complaints
  Queries, complaints or claims may be submitted through a data message: Queries In the case of the right to request as information and / or inquiries, Coally SAS will respond within a maximum term of ten (10) business days from the day following the date of receipt of the request or inquiry. When it is not possible to attend the query within said term, the interested party will be informed, indicating the reasons for the delay and indicating the date on which it will be attended, which in no case may exceed five (5) business days following the expiration of the first finished. The consultation document must contain the following:
  1. Coally SAS area to which it is addressed (Customer Service)
  2. The name and identification number of the Holder.
  3. Copy of the holder’s identity document
Complaints and / or claims When the Holder considers that his information should be corrected, updated or deleted or when he notices an alleged breach of any of his rights, the maximum term to address the complaint or claim will be fifteen (15) business days from the day following the date of receipt of the document. When it is not possible to attend the claim within said term, the interested party will be informed of the reasons for the delay and the date on which it will be attended, which in no case may exceed eight (8) business days following the expiration of the first term. If the claim is incomplete, the interested party will be required within five (5) days after receiving the complaint and / or claim to correct the faults. After two (2) months have elapsed from the date of the request without the applicant submitting the required information, the complaint or claim shall be deemed to have been withdrawn. The complaint or claim document must contain:
  1. Coally SAS area to which it is addressed (Customer Service)
  2. The name and identification number of the Holder.
  3. Copy of the holder’s identity document.
 
  1. Modifications
  We may update this Data Policy from time to time. In case of changes, users will be notified through the application or the website. Therefore, accepting the use of the services after the notice of an update constitutes the user’s consent to the content of the update.
  1. Validity
This Policy is effective as of January 1, 2021. The Personal Data that is stored, used or transmitted will remain in the databases of Coally SAS for as long as it is necessary to fulfill the purposes set out in this manual or for the Company to comply with its legal duties. However, the information will be reviewed every year to verify the veracity of the data and the purpose of continuing with its treatment. If necessary, Coally SAS reserves the right to modify this Policy unilaterally; Notwithstanding this, in the event of any substantial change to the Policy, it will be communicated to the Holders.