Prodesa

Data Privacy

PRODESA y Cia S.A.will not sell private information, customer names, or financial profiles to third parties. This information will not be used for purposes not intended by the user at the time of delivering it to Prodesa through the website.

PERSONAL DATA PROCESSING POLICY PRODESA y Cia S.A.

In accordance with the provisions of Statutory Act 1581 of 2012 and Decree 1377 of 2013 on the protection of personal data, in order to ensure the protection of customer information, users of its website, suppliers, contractors, employees, former employees and others, PRODESA y Cia S.A. has provided the relevant mechanisms in order to protect their personal data in accordance with the provisions of the law. Based on the aforementioned, the personal data you provide to PRODESA y Cia S.A., directly or indirectly, shall be subject to collection, storage, use and circulation in the terms delineated in this document.
1. Definitions To fully understand this policy, we ask you to consider the following definitions:

  • Customer: Any person for whom the company provides a service or who holds a contractual/ obligational relationship;
  • Personal Data: Any information that can be associated or linked to one or more identified or identifiable natural persons;
  • Sensitive data: Data that affect the privacy of the data owner or whose misuse can lead to discrimination against him;
  • Data Processor: natural or legal, private or public person which by himself or in association with others performs the processing of personal data on behalf of the company as responsible of the data;
  • Data Processing Policy: A policy of personal data processing applied by the company in accordance with the guidelines of existing legislation;
  • Supplier: Any individual or company rendering services to the company pursuant of a contractual / obligational relationship;
  • Data Manager: Natural or legal, private or public person, who alone or in association with others, will be responsible for managing the database and / or processing of data for the purposes of this policy,. Initially, the company will assume this role;
  • Data Owner: natural person, whose personal data are subject to processing, whether he is a customer, supplier, employee, or any person who, by reason of a business or legal relationship, provides personal data to the company;
  • Transfer: This refers to the sending of data by the company as data controller or data manager to a third agent or a natural/legal person (receiver), in or out of the country for the effective processing of personal data;
  • Transmission: refers to the communication of personal data by the data manager to a responsible party located inside or outside the national territory so that he, on behalf of the data manager, processes personal data;
  • Data Processing: Any operation or set of operations regarding personal data, such as the collection, storage, use, transmission or deletion.
  • To understand the terms that are not included in the list above, you should refer to the current legislation, specifically Law 1581 of 2012 and Decree 1377 of 2013, to clarify definitions of standard terms as they are used here.

2. Data Processing Manager Identification: PRODESA y Cia S.A., hereafter Prodesa, Carrera 19 # 90 – 10 Piso 7 Edificio Camacol Bogotá, CO phone 3139030, email protecciondedatos@prodesa.com.co. Website www.prodesa.com

3.1. Data Owner Contact Categories
3.1.1. Customers, potential customers or natural persons interested in the products Prodesa offers.
i. Prodesa is a company whose main activity is the promotion, management, marketing and development of real estate projects for housing, trade, services and industry. As a result of Prodesa’s commercial activities, it collects, stores, uses and circulates information from individuals interested in buying or knowing about the products and real estate projects which Prodesa markets and develops. For this category of contacts, Prodesa manages their information in order to: contact them by phone, via email or post; to send them information related to products; to coordinate with the interested party aspects related to quotes, property layaway, the signing of the promissory sales agreement, the signing of the public deed of sale, the delivery of the property, financing, the processing of family allowances for house purchase (in such an event); client satisfaction survey; design; and generally all aspects of commercial, promotional, legal, contractual and financial nature arising from the sale of real estate projects for housing or commercial use. For the purposes noted above, Prodesa collects information through the use of different mechanisms among the following:

ii. Through physical formats for data collection for customers, potential customers or people interested in acquiring products Prodesa offers or accessing information about the products or real estate projects Prodesa develops, which are filled out in the salerooms of Prodesa or property fairs;

iii. Through phone calls the data owner makes directly to Prodesa or Prodesa customer attention centers;
iv. Through emails sent by the data owner to the email address of Prodesa or to that of an employee member of the sales staff of Prodesa;

v. By the voluntary filling out of the personal information collection formats that the data owner of the information can find at www.prodesa.com;

vi. By the voluntary filling out of the personal information collection formats that the data owner of the information does on a site other than www.prodesa.com but whose purpose is to be contacted by telephone or email by Prodesa in order to receive commercial information related to the products Prodesa offers.

3.1.2 . Prodesa workers or people interested in working for Prodesa. In furtherance of the corporate mission of Prodesa, it hires natural persons as workers, service providers and temporary employment agencies for the development and provision of services. In pursuit of such activities, Prodesa receives personal information necessary for the agreement, execution or termination of the employment contract to advance administrative and analytical methods such as personnel management, management information systems, accounting, billing and audits, shipping notifications and messages through physical and/or electronic modes, and sharing that information with entities that require it to fulfill contractual obligations. Prodesa also collects, receives, stores, circulates and uses personal information from individuals interested in working in Prodesa.

For the purposes noted above, Prodesa collects information through the use of different mechanisms among the following :

i. Employment contract between the worker and Prodesa or by filling out the documents required for the fulfillment of the obligations under the employment contract or labor regulations such as registration with occupational safety health entities, pension and layoff funds, family compensation and financial institutions for the payment of wages;

ii. Contract for services between the natural person contractor and Prodesa or between Prodesa and the temporary services company;

iii. Resumés submitted by individuals interested in working for Prodesa via post, email or by filling out electronic forms available at www.prodesa.com.co or at specialized websites belonging to companies dedicated to the pursuit of human talent.

3.1.3. Contractors. Prodesa may collect personal information from contractors in order to conduct quotations about products, positions, consulting and services that the supplier or contractor may perform for Prodesa, contact suppliers or contractors if Prodesa requires a service, product or consulting or invite to tender,contract or exucute contracts for service, product supply, consulting , and raw materials.

Consequently, for the purposes described, Prodesa will be able to: A. Know, store and process all the information provided by the owners of one or more databases in the format it deems appropriate. B. Sort, classify, divide or separate the information provided by the data owners. C. Check, double check, test, validate, investigate or compare the information provided by the data owners with any information available legitimately. D. Access, query, compare and evaluate all the information about the data owners that is stored in the databases of any credit and financial risk entity, criminal or security records from legally constituted state or private, national or foreign companies. E. Analyze, process, evaluate, treat, or compare the information provided by the data owner. F. Study, analyze, customize and use the information provided by the data owners for monitoring, development and/or improvement of both individual and general conditions of membership, service, administration, security or attention and development of commercial promotion encounters, business meetings and trade missions. Prodesa will be able to share the results of the above studies, analysis, customizations and applications, as well as all information and personal data supplied by the data owners with the business partners that agree to the conditions of this authorization. G. Contract media agencies for sending text messages and emails requesting payment of obligations to Prodesa for which Prodesa may transfer personal information of its customers. H. If Prodesa is not able to process the data on its own, it will be able to transfer it to be processed by a third party, which will be in charge of the processing and must ensure appropriate conditions of confidentiality and security of the information transferred for treatment.

Prodesa will use the information only for the purposes set forth herein and will not sell, license, transmit or disclose it outside the company unless: ( i ) The data owner of the information expressly authorized it, ( ii ) It is necessary to allow contractors or agents to provide the services Prodesa entrusted to them, ( iii ) in order to provide the data owner with products or services from Prodesa, (iv ) to be disclosed to entities that perform marketing services on behalf of Prodesa or other entities with which Prodesa has joint marketing agreements, ( v ) keep connection with a merger, consolidation, acquisition, divestiture or other restructuring process, or (vi) as required or permitted by law. Similarly, Prodesa may transfer or transmit (as applicable) the owner’s personal data to other companies abroad for security reasons, administrative efficiency and better service in accordance with authorizations of the interested parties. Prodesa has adopted the necessary measures so those companies implement these regulations in their jurisdiction and according to the laws attached to them, personal data safety and protection standards similar to those provided in this document and, in general, to the policies Prodesa has specified on that matter. In the event of transfers of personal data, the transmission contract that may be required under the terms of Decree 1377/13 will be issued.

Once the need to process data ends, they may be removed from the databases of Prodesa or archived safely and will only be disclosed in accordance with the terms of the law.

4. Rights of owners: The rights of the data owners consist of the following: (i) Know, update and correct personal data, be responsible for or control data processing; exercise the right against whomsoever has received the data as a result of transmission thereof. This right may be exercised against partial, inaccurate, incomplete, split, misleading data, or those whose use is prohibited or not authorized, (ii) Request proof of authorization granted to Prodesa, the party responsible for the data processing, unless expressly excepted as a requirement for treatment, (iii) Be informed by Prodesa, or the party responsible for/controller of the data processing, upon request regarding the use of personal data (iv) Submit to the Superintendent of Industry and Commerce complaints for violations of rules on protection of personal data, (v) Revoke the authorization and / or request removal of personal information when, at the moment of processing, the principles, rights and constitutional guarantees and laws are not followed; ( vi) Access for free to personal data that have undergone processing.

5. Requests, Complaints, Inquiries and Complaints Responsible Area: To make requests, inquiries and complaints in order to exercise their right to know, update, modify, delete data or revoke any authorization, data owners may submit information inquiries or requests by sending an email to protecciondedatos@prodesa.com.co or calling the hotline phone number 3139030, Ext. 200 from Bogotá.

6. Procedure for exercising rights: If you have questions, concerns or complaints about this policy regarding the handling of personal data by Prodesa, contact us via any of the following means: i. File the request in writing at Prodesa offices located at Carrera 7 No. 73-55, Piso 14 Bogota D.C. The written request must be addressed to the company name, include the full name of the owner, the description of the query, the address of the owner and telephone number. ii. Request via email to the email address protecciondedatos@prodesa.com.co with the words “Habeas Data Query” in the subject line. When filing your request, you must submit or attach documents proving you are the data owner, assignee, representative or attorney-in-fact as appropriate. The accreditation must be made by sending or submitting the following documents:

  • If owner: Copy of identity document.
  • If assignee: Copy of identity document of data owner, death certificate of data owner, document certifying assignment and a copy of the identity document of the assignee.
  • If legal representative and/or attorney-in-fact: Copy of identity document of data owner, document certifying the assignment, and copy of identity document of the legal representative or attorney-in-fact. The request will be answered in a maximum of ten (10) business days from the date of filing. When it is not possible to satisfy the request within said term, the claimant will be informed of the reasons for the delay and the date in which the request will be addressed which in no case shall exceed five (5) business days following the expiration of the first term. The claimant will have free access to his/her personal data and information requested may be provided by any means, including electronic ones, as required.

7. Request deletion of information from our database or revocation of the authorization given to the processing of personal data. To request removal of personal data from our database or revoke the authorization given to the processing of personal data you can:

i. File the request in writing at Prodesa offices located at Carrera 7 No. 73-55, Piso 14 Bogota D.C. The written request must be addressed to the company name, the full name of the owner, the description of the query, the residence address of the owner and contact telephone number.

ii. Make the request via email to the email address protecciondedatos@prodesa.com.co with the words “Habeas Data Claim” in the subject line. For proper and full consideration of your request or complaint, you should bring a copy of the identity document of the requestor, an address for notifications and response delivery and the documents that support the request or claim. When filing your request, you must submit or attach documents proving you are the data owner, assignee , representative or attorney-in-fact as appropriate. The accreditation must be made by sending or submitting the following documents:

  • If owner: Copy of identity document.
  • If assignee: Copy of identity document of data owner, death certificate of data owner, document certifying assignment and a copy of the identity document of the assignee.
  • If legal representative and/or attorney-in-fact: Copy of identity document of data owner, document certifying the assignment, and copy of identity document of the legal representative or attorney-in-fact. The request will be answered in a maximum term of ten (10) business days from the date of filing.
  • If the request or complaint does not have enough information and facts for Prodesa to answer it correctly and completely, the missing information will be requested from the interested party within five (5) days after the receipt thereof. After two (2) months from the date of application, if the requestor fails to submit the required information, he is deemed to have abandoned the claim. If the recipient of the claim is not competent to resolve it, it will be transferred to the appropriate agent over a maximum term of two (2) business days and the interested party will be informed. Upon receipt of the completed application, it will be included in the database, in a term not exceeding two (2) business days, under the words “pending application” including the reason for it. This label will remain until a course of action on the application is decided. The maximum term to meet the request will be fifteen (15) business days from the date of its receipt. When it is not possible to fulfill the request within that period, the interested party will be informed about the reasons for the delay and the date that the request will be met. This in no case shall exceed eight (8) business days following the expiration of the first term.

8. Sensitive Data

You might refuse to provide any sensitive information related inter alia data on racial or ethnic origin, trade union membership, social or human rights organizations, religious, political convictions, sexual preferences, biometric or health data.

9. Data of Minors

The provision of personal data of minors is optional and should be done with the permission of parents or legal guardians of the minor, before the exercise of the right of children to be heard in accordance with their maturity, autonomy and ability to understand, in accordance with what is stated in Decree 1377 of 2013.

10. Data Security: Prodesa has taken reasonable measures to protect the owners data and to prevent unauthorized access or any modification, unauthorized disclosure or destruction of their data. Access to personal data is restricted to those employees, contractors, representatives and agents of Prodesa in charge of data processing who need to know them to perform their duties and develop the corporate purpose of the entity. Prodesa does not allow access to this information by others in conditions different from what has been described, except for an express request of the data owner or persons entitled in accordance with national regulations. Nevertheless, Prodesa will not responsible for cyber-attacks and generally any action that aims to violate the security measures established for the protection of personal data and information different from those contained in its computers or those contracted to a third party.

11. Date of entry into force of the Data Processing Policy and lifetime of the databases of Prodesa: Policy Effective Date: July 26, 2013. The databases will remain in effect for as long as Prodesa develops activities related to its corporate purpose.