In compliance with the provisions of Law 1266 of 2008, Law 1581 of 2012, as well as the Compilatory Decree 1074 of 2015 (Section 220.127.116.11.3), the guidelines established by the General Data Protection Regulation (GDPR) and the General Personal Data Protection Law (LGPD), and especially on the need and importance of developing and implementing a PRIVACYNOTICE in cases where it is not possible or easy to make available to the Data Subject the privacy and information treatment policies, SIMETRIK INC, a U.S. corporation of the State of Delaware, domiciled in the city of San Francisco, California, identified with EIN No. 61-1863197, as parent company. SIMETRIK S.A.S., a Colombian company, incorporated under the laws of the Republic of Colombia, domiciled in the city of Bogotá D.C., identified with NIT. 901.030.030-8, in its capacity as a subsidiary company, hereinafter and for the purposes of this document will be referred to as SIMETRIK, who acts as PERSONAL DATA TREATMENT CONTROLLER, informs interested parties that personally identifiable information (personal data) will be processed in accordance with the PRIVACY MANAGEMENT AND PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION (PERSONAL DATA) POLICY treated according to the PRIVACY MANAGEMENT POLICY AND PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION (PERSONAL DATA) IN ITS ADMINISTRATION AND TREATMENT developed and maintained and available physically at any of its locations as well as on its website Personal Data Processing Policy,incompliance with the framework of requirements on management and treatment of personal data.
The administration and treatment that SIMETRIK gives to the personal data is limited to the collection, storage, use and circulation within the company, as well as the international transfer to its SIMETRIK INC as parent company, as well as to suppliers, as appropriate, for the authorized purposes. Once the purposes of the treatment for which the authorization was granted by the Data Subject is fulfilled, the personal data will be deleted from the entity’s databases. The personal data collected by SIMETRIK is used essentially for the development of the company’s corporate purpose and the achievement of its strategic objectives, established in the Colombian regulatory framework.
Purposes of treatment
The personal data we collect may be collected, stored, used for the following purposes:
- To carry out the relevant actions for the development of the company’s corporate purpose in relation to the fulfillment of the purpose of the contract entered into with the Data Subject.
- To comply with the obligations undertaken by Simetrik with the Data Subject.
- Transfer personal data outside the country to Simetrik’s parent company.
- To provide the services offered by Simetrik accepted in the contract signed.
- Transmit personal data outside the country to third parties with whom Simetrik has entered into a data treatment contract and it is necessary to deliver it to them for the fulfillment of the contractual object.
- To provide information to third parties with which Simetrik has a contractual relationship and that it is necessary to deliver it to them for the fulfillment of the contracted object.
If you do not want your personal data to be treatment for these additional purposes, you can send an email to the following address email@example.com.
Therefore, whoever accesses the services and/or products of SIMETRIK, must voluntarily provide certain physical or personal identification data, such as among others: name, surname, ID, age, gender, telephone, physical and electronic address, country, city and other necessary data requested in the registration process as an employee, supplier, visitor or customer of SIMETRIK.
Personal data obtained
The basis for the treatment of personal data is Law 1581/2012 Art. 2o. Scope of application. Law 1266/2008 Art. 2º. Scope of application. Decree 1074/2015 Art. 18.104.22.168.25.3.2 (Decree 1377 of 2013, Art. 14). Privacy Notice. Decree 1074/2015 Art. 22.214.171.124.25.3.3 (Decree 1377 of 2013, Art. 15) Minimum content of the Privacy Notice. In addition, taking as a reference the guidelines established by the General Data Protection Regulation (GDPR) and the General Personal Data Protection Law (LGPD).
Transfer of personal data
We inform you that your personal data are shared with persons, companies, organizations and authorities other than the responsible party, and for the purposes described below
|Recipient of personal data||Country||Purpose|
|Simetrik’s parent company||United States||Transferring personal data outside the country, in order to carry out the relevant procedures for the development of the company’s corporate purpose.|
|Third parties with which Simetrik has signed a contract||United States||Transmit the personal data outside the country to third parties with whom Simetrik has entered into a data treatment contract and it is necessary to be delivered to it for the fulfillment of the contractual object. (*)|
|Third parties with which Simetrik has signed a contract||United States||To provide information to third parties with which Simetrik has a contractual relationship and that it is necessary to deliver it to them for the fulfillment of the contracted object (*).|
|Governmental Entities||United States||When required|
The description of the purpose that is marked with an asterisk (*) require your consent, if you do not express your refusal for such transfers, it will be understood that you have given your consent.
Data Subject’s Rights
You have the right to know what personal data is held about you, what it is used for and the conditions of the use we make of it (Access). Likewise, it is your right to request the correction of your personal information in case it is outdated, inaccurate or incomplete (Rectification); that we remove it from our records or databases when you consider that it is not being used in accordance with the principles, duties and obligations provided by law (Cancellation); as well as to oppose the use of your personal information for specific purposes (Opposition).
To exercise any of the rights of the Data Subject, you may submit a written request to the following e-mail address firstname.lastname@example.org or at our customer service points. The information it should contain:
- The Data Subject’s name and address or any other means to receive notifications,
- Documents proving the identity of the Data Subject,
- Clear and precise description of your request
- The description of the right to be exercised (Access, Rectification, Cancellation, Opposition)
- Any other element or document that facilitates the location of the personal data.
In case of requesting the rectification, you must additionally indicate the modifications to be made and provide the necessary documentation to support your request.
In the right of cancellation, you must state the reasons for the deletion.
In the right of opposition, you must state the reasons that justify the termination of the treatment of personal data and the damage or harm it would cause you, or, if the opposition is partial, you must indicate the specific purposes with which you do not agree, provided that it is not a mandatory requirement.
The Data Controller will respond at the address or by the means designated by the owner of the personal data in his request, within 15 working days, which may be extended for 10 more working days upon prior notice. The response will indicate whether the request for access, rectification, cancellation or opposition is appropriate and, if so, will be effective within 15 working days from the date on which the response is communicated.
Data of the Entity Responsible for the Data Treatment
Address: Cl. 91 # 11-29, Bogotá
Institutional e-mail: email@example.com
Changes to the Privacy Notice
In case of any modification to the Privacy Notice, you will be informed by e-mail or you can verify it through our Web site www.simetrik.com.
This Privacy Notice is effective as of the date of its publication. The last updated version is dated December 14, 2022.