PRIVACY POLICY

In compliance with the laws setting forth the Protection of Personal Data which are in force within the territory of each country wherein VeriTran currently operates as a company, VeriTran issues this applicable Privacy Statement for the owners of the personal data kept by such company to know all operations made using their data which are deemed by VeriTran as “Strictly Confidential” information.

The VeriTran Group (VeriTran Holding LTD; On Time Mobile SA de CV; VeriTran Colombia SAS; VeriTran Perú SA; VeriTran LLC; VeriTran Guatemala SA; Crumarel SA; VeriTran SA; Tralmey SA; VeriTran Brasil Soluções Digitais em Informatica LTDA and VeriTran Europe SL keeps the commitment to processing your personal data according to applicable laws, considering and balancing our customers’ relevant interests, our own interests and those of third-party data subjects. You may email any doubt about your privacy to: GDPR@veritran.com.

The purpose of this privacy policy is to provide information about the processing of personal data upon using our website, platform and related services. This privacy policy applies to all web sites or services that make any reference to this privacy policy.

  1. CONTACT DATA OF CONTROLLERS

VeriTran Holding, LTD: Level 1, Palm Grove House, Wickham´s Cay 1, Road Town, Tortola.

On Time Mobile SA de CV: Montes Urales 415, 1er piso, of.3 Colonia Lomas de Chapultepec I Sección Delegación Miguel Hidalgo, Mexico.

Agencia Chile: Avenida Libertador Bernardo O’Higgins 1316, 8320000, Santiago de Chile

VeriTran Perú SA: Centro Comercial, Calle Artesanos 150 – 128, Santiago de Surco, 15039, Peru.

VeriTran LLC: 78 SW 7 Street suite 800, Miami, Florida, 33130

VeriTran Guatemala SA: Avenida reforma 6-20 Zona 9, Guatemala.

Crumarel SA: Brandzen Coronel 1956 Apto 10, Montevideo, Uruguay.

VeriTran SA: Av. Corrientes 222, C1043 AAP, Buenos Aires, Argentina.

VeriTran Brasil Soluções Digitais em Informatica LTDA: Alameda Mamoré, nº 687, 06454-040, Brazil.

Veritran Europe, S.L.: CIF: B01766641; Avenida Diagonal, 601 – P. 8, Barcelona, 08028, Barcelona, Spain (“VeriTran Europe”).

Veritran Colombia S.A.S.
:  NIT (Tax Identification Number): 900.631.710-3
; Calle 94 N° 14-73 bodega n. 30, Multicentro Empresarial y Comercial la Villa, Pereira, Risaralda, Colombia; (+57 6) 3110513 (“VeriTran Colombia”).

 

  1. PERSONAL DATA PROCESSED

Category

Example

Group

Contact Data

Names, contact addresses, corporate email, business telephone number, position, area, country, as well as any other information we are provided with through our contact forms, e-mail, social networks, events, etc.

Customers, potential customers, suppliers, collaborators, the press

Contract-Related Data

Breakdown of the services used, representatives of signing entities, corporate email addresses, bank information, tax information, etc.

Customers, potential customers, suppliers, collaborators

Browsing Data

Web pages visited in our online offer, cookies, pixels, IP address, characteristics of the browser and device, language preferences, reference URL, etc.

Web page visitors

Professional Data

Professional experience, domicile, photograph, academic track-record and any other information you want to share in your curriculum, motivation letter or candidate profile on social networks

Candidates, collaborators, suppliers

Data for Marketing Activities

Data provided in the context of a Webinar, podcast or event organized by Veritran, our blog entry, web page, etc. (for example, photograph, participation in a recording, etc.)

Collaborators, employees, customers, suppliers

Data Related to the Labor Relationship

Name and identification of worker, family group, address, telephone, name of spouse or permanent partner and beneficiaries, name and identification of children, medical record, social insurance memberships, health insurance, age, birth date, exam information, health condition, drugs administered, medical authorizations, among others; curriculum vitae, education, experience, relationships with entities, relationships with companies; salary and other payments, pension contributions, debt balances, court processes, foreclosures, information of membership of employee and labor union funds, employment contract, worker labor history, psychological evaluation report, worker occupational medical record, fingerprint, photographic record, membership of trade union, academic information, migration data.

Employees

 

  1. PURPOSES AND BASES FOR PROCESSING

Category

Purposes

Bases for Processing

Contact Data

We contact customers, potential customers, suppliers, collaborators, the press

Legitimate Interest

(Article 6.1.f) GDPR).

Sending of Newsletter

Data subject’s consent (Article 6.1.a) GDPR)

In the case of offers of services similar to those hired by you, legitimate interest (Article 6.1.f) GDPR).

Information system management, password management, user management.

Legitimate Interest

(Article 6.1.f) GDPR).

Biometric Data

Security and control of access to the building

Regulations and standards adopted by the Company

Contract-Related Data

Drafting of the contract and compliance with the provisions therein set out.

Drafting and performance of the contract

(Article 6.1.b) GDPR).

Defense of the organization’s interests in court or administrative claims.

Legitimate Interest

(Article 6.1.f) GDPR).

Organization’s economic and accounting management

Legal obligation

(Article 6.1.c) GDPR).

Browsing Data

Maintenance and security of web page

Legitimate Interest

(Article 6.1.f) GDPR).

Statistical and Marketing Activities

Data subject’s consent (Article 6.1.a) GDPR)

Professional Data

Personnel Selection

Legitimate Interest

(Article 6.1.f) GDPR).

Selection of Suppliers/Collaborators

Legitimate Interest

(Article 6.1.f) GDPR).

Data for Marketing Activities

Participation in promotion activities (e.g., Webinars, podcasts, etc.)

Data Subject’s Consent

(Article 6.1.f) GDPR).

In the case of activities agreed in the contract, the basis will be compliance with the contractual relationship

(Article 6.1.b) GDPR).

Performance of opinion polls

Legitimate Interest

(Article 6.1.f) GDPR).

 

Data Related to the Labor Relationship

Compliance with the labor relationship (e.g., payroll payment, bonus management, payments in kind, etc.)

Compliance with Contract

(Article 6.1.b) GDPR).

Compliance with labor obligations (e.g., prevention of occupational hazards, mandatory health surveillance activities, etc.)

Legal Obligation

(Article 6.1.c) GDPR).

 

For those data of sensible categories (Article 9.2.h) GDPR).

Management of advantages (e.g., health insurance, voluntary medical checkups, etc.)

Data Subject’s Consent

(Article 6.1.f) GDPR).

Labor activity management and supervision

Legitimate Interest

(Article 6.1.f) GDPR).

  1. PLATFORM

VeriTran provides its services through its Veritran Enterprise Low-Code Platform (hereinafter, the “Platform”) private area. Therefore, the access thereto entails acquiring the user’s condition and, as such, accepting this Privacy Policy and the respective Terms and Conditions. In case of disagreement therewith, you should refrain from using the Platform and request the service cancellation and deletion of the registered user’s data.

The user is informed and accepts that access to the Platform is necessary for the provision of the service hired and, therefore, for the development of the business relationship with VeriTran. In this respect, to actually provide the service, we will need to process data for different purposes: access the account in the private area, ease the management of the contractual relationship between the Customers and VeriTran, as well as to answer requests for information about these services.

The Platform may include software components provided by third parties, which are used with the authorization of the respective assignors of licenses and/or holders of copyrights in the terms provided by those parties. In this respect, VeriTran informs you that data is communicated to external suppliers, as data processors, to carry out certain services. You may query on the full information thereof in Section 6 (RECIPIENTS) of this Privacy Policy.

The user assumes the liability as regards confidentiality of the use of any user name and email address registered to access and use VeriTran’s services. The user also becomes liable for keeping his/her password and account confidential, being fully liable for all the activities taking place under this account and password.

Although we have taken all the security measures at hand, given the characteristics of technology and networks, VeriTran cannot ensure a nil risk regarding hacking and the user’s data theft. Therefore, the user accepts this inherent risk, releasing VeriTran from the liability for potential damages resulting from such risks.

In order to reduce potential damages to a minimum the user agrees to: (a) inform VeriTran immediately, when he/she detects an unauthorized use of both his/her password and account, as well as any security breach; and (b) assure his/her logout from the Platform once the session has ended. VeriTran cannot and will not be held liable for the losses or damages resulting from the breach of these obligations.

The data included in the Platform shall be kept during the term of the contract relationship which is the purpose of the use thereof, for the only purpose of managing effectively the regulatory compliance which is the purpose of the main contract. Processing of information of user accesses, screens and user interaction and blocks and exceptions can also take place in order to introduce improvements in future versions of the Platform.

  1. SOCIAL NETWORKS

VeriTran has the following profiles on the main Internet social networks (LinkedIn, Instagram, Facebook, Twitter, Youtube and Blog) and is recognized as controller of data of users, followers or persons commenting through these networks. In addition, it is released from any type of liability derived from comments made by users and followers on its social networks. 

VeriTran may use the profiles described above to inform its customers and other data subjects of matters deemed of its interest.

  1. MAINTENANCE TIME

We keep personal data when we have a legal basis to do so. When we do no longer have legal bases to process personal data, we will delete or add them or, if this is not possible (for example, because personal data have been stored in backup copy files), we will store them safely and we will isolate any other processing until its deletion is possible. We may keep personal data to meet our legal or regulatory obligations. In any case, upon termination of such obligations, personal data will be removed from our systems and records, as well as those of our subcontractors, if any, or will be filed or anonymized so that they cannot be identified.

  1. RECIPIENTS OF PERSONAL DATA
  • WordPress: This website uses (i) WordPress Stats to make statistical analysis of visitors’ traffic; (ii) WordPress.com for the services of the platform and hosting; (ii) WordPress.com Single Sign On for the registration and authentication with a single session start in WordPress.com. These services are provided by Automattic Inc.
  • Facebook: This website uses the so-called “Facebook pixel” of the Facebook social network, which is operated by Facebook Inc or, if you are located in the EU, Facebook Ireland Ltd., (“Facebook“). This tool allows tracking the user’s behavior after having been redirected to the supplier’s website upon clicking on a Facebook advertisement, allowing us to assess the effectiveness of Facebook advertisements for statistical and market research purposes. The data thus collected are anonymous for us, i.e., we do not see the personal data of individual users. However, these data are stored and processed by Facebook. Therefore, we inform you based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, according to Facebook’s policy on use of data. A cookie may also be stored in your computer for these purposes.
  • Twitter: This website uses the online advertising tool Twitter “Conversion Tracking” and the associated pixel technology of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA (“Twitter“). This tool allows us to track your behavior as user when you have seen or interacted with Twitter advertisements. This gives us a better general vision of the success of our Twitter campaigns and allows us to continuously optimize these campaigns. The pixel tag is loaded on or from your device when you respond to an advertisement we publish in Twitter, for example, by clicking on a link to our website. In this context, a pixel ID is created, which is stored in a cookie so that we may temporarily analyze your behavior as user. The pixel tag is not used to identify you personally.
  • Google: This website uses (i) Google Analytics, a web analysis service of Google, Inc; or if you are in Europe, Google Ireland Ltd. (“Google“). Google Analytics uses a specific form of cookie, which is stored in your computer and allows an analysis of its use on our website. The information about your use of this website generated by the cookie is generally transmitted to a Google server in the United States and is stored there. Google Analytics is used on this website including the “gat._anonymizeIp();” code to ensure the anonymous registration of IP addresses. Accordingly, your IP address is shortened by Google within the European Economic Area. Only in exceptional cases, the full IP address is transmitted to a Google server in the United States and is shortened there. Google uses this information in our name to analyze the use you make of this website in order to prepare reports on the website activities, which allows us to analyze the use of our web, improve our offer and make it more interesting to you as user. Additionally, we obtain information about the operation of our site (for example, to detect browsing problems); (ii) Google Ads to call the attention on our offers with the help of advertising materials on external websites. We may determine as regards data of advertising campaigns the success of the individual advertising measures. To such end, we use the cookies of the servers of advertisements, through which certain parameters can be measured to assess the success, such as insertion of advertisements or clicks of users. If you access our website through a Google advertisement, Google Ads stores a cookie on your device. These cookies are not intended to identify you personally. We only receive Google’s statistical assessments. Based on these assessments, we may recognize which of the advertising measures used are particularly effective. We do not receive more data for the use of advertising material; particularly, we cannot identify users on the basis of this information. For this cookie, the only identifier of the cookie, the number of printouts of advertisements by location (frequency), the last printout (relevant to the conversions after view) and the exclusion information (it indicates that the user does no longer want to receive it) are usually stored as analysis values. We do not have any influence on the scope and subsequent use of the data for the use of this tool by Google and we therefore inform you according to our knowledge: By integrating the conversion of advertisements, Google receives the information that you called the appropriate party in connection with our appearance on Internet and clicked on our advertisement. If you are registered in a Google service, Google may associate your visit with your account. Although you are not registered in Google or you have not started session, it is possible that suppliers obtain and store your IP address; (iii) Google Tag Manager, this service allows managing website tags through an interface. Google Tag Manager only implements tags. This means that cookies are not used and personal data are not stored. The Google Tag Manager enables other tags, which in turn collect data, if necessary. However, Google Tag Manager has no access to these data. If a disablement has been made at the domain or cookie level, this remains valid for all follow-up tags, if implemented with Google Tag Manager.
  • DreamHost: The site is hosted in DreamHost and all the contents are stored there (New Dream Network, LLC).
  • Salesforce: The website uses the technology of Salesforce.com, Inc. databases for customer relationship management (CRM), mainly to manage and follow up our marketing efforts. Our CRM databases include personal data belonging to our customers and other entities with which we already have business relationship or we want to develop it. The personal data used for these purposes include relevant business information, such as: contact data, publicly available information (for example, board membership, articles published, press releases, public publications on social media sites if relevant for business purposes), answers to email sent (including the web activity following the links of our emails), website activity of registered users of our website and other business information included by VeriTran’s professionals based on their personal interactions with you.
  1. LINKS TO THIRD-PARTY SITES

Our website contains links to external websites managed by other organizations. This privacy policy applies only to our website, rather than to external websites to which we have links, which will have their own privacy policies. We are not liable for these external websites or their privacy policies and practices. Likewise, if you has accessed our website from an external site, we cannot be held liable for the privacy policies and practices of the owners and operators of this external website and we recommend you validate the privacy policy of this external website.

Particularly, we inform that upon clicking on “WATCH VIDEO” in any of the sections of this website, you will be redirected to the appropriate websites of YouTube or Vimeo, and their respective privacy policies shall be applicable.

  1. RIGHTS OF DATA SUBJECTS
  • Under the General Data Protection Regulation (EU Regulation 2016/679 of the European Parliament and Council of April 27, 2016): you may send communications and exercise your rights through a written communication to the following email address: gdpr@veritran.com. The rights you may exercise are: (i) Right of access: you may request information of those personal data we have about you; (ii) Right to rectification: you may communicate any change in your personal data; (iii) Right to erasure and to be forgotten: you may request deletion after blocking personal data; (iv) Right to restriction of processing: it entails the restriction on personal data processing; (v) Right to objection: you may withdraw the consent to data processing objecting to the fact that data continue to be processed; (vi) Right to portability: in some cases, you may request a copy of personal data in a structured format of common use and mechanic reading for their transmission to another controller; (vii) Right not to be subject to automated individual decision-making: you may request that decision-making is not based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

In some cases, the request may be rejected if you request that necessary data are deleted for compliance with legal obligations. Likewise, if you have any complaint about data processing you may file a claim with the competent data protection authority.

  • Under Colombian regulations: The data owner has the right (it) to know and access at any time the information provided, as well as to request to correct, update or delete it (except for an existing legal and/or contractual duty) under the provisions set out in Law 1581 of 2012 and Decree 1377 of 2013; (ii) request a copy of the authorization previously issued for your data processing; (iii) be informed about processing of your personal data, prior to the authorization given for the respective processing.
  1. USE OF COOKIES, WEB BEACONS AND/OR ANY OTHER TECHNOLOGY

We hereby inform you that our website uses cookies and that the data gathered using these technologies are: User ID, login ID, area from which they are accessed, type of browser, type of operating system, login and logout date and time, web pages checked out, searches made and advertisements revised. You may obtain further information in the Cookies Policy.

  1. CHANGES IN THE PRIVACY POLICY

VeriTran may, at its sole discretion, change or update this Privacy Policy. If substantial changes are introduced, we will notify them by email.

Last update date: 08/23/2021

 

Andy Tran