Privacy policy

VERITRAN PRIVACY STATEMENT

In compliance with the laws setting forth the Protection of Personal Data which are in force within the territory of each country wherein VeriTran currently operates as a company, VeriTran issues this applicable Privacy Statement for the owners of the personal data kept by such company to know all operations made using their data which are deemed by VeriTran as “Strictly Confidential” information.

PURPOSE OF PERSONAL DATA PROCESSING

VeriTran recognizes the relevance of Safety, Privacy and Confidentiality of the information concerning the personal data of the owners who are contractually related to the organization. VeriTran seeks to process the personal data as set forth in the legal regulations of each country wherein the information is duly processed as required by the bylaws pursuant to Habeas Data laws.

The purpose for which the data are gathered is compliant to the contractual obligations assumed on the basis of the connection and/or relation of the parties having an interest in the organization and represented as Collaborators, Suppliers, Customers and Third Parties.

The purpose for processing personal data is expressly indicated in the privacy policies and/or notices of each country wherein such information is conveniently used. 

By using this Website https://www.veritran.com or by hiring any service of this company, we understand that you accept the conditions indicated below. Furthermore, we hereby inform you that in case of any doubt, comment, notice and/or claim concerning the use of your personal data, you may write an e-mail to the Personal Data Protection division to personaldata@veritran.com or to the addresses mentioned in the privacy policies and/or notices for each country. 

VeriTran undertakes to use personal data as exclusively authorized by the owners, as well as to determine and keep the necessary safety and confidentiality checks for the protection thereof. Your express consent shall be required before using your personal data for the purposes indicated in the privacy policies and/or notices of each country. No consent shall be required for the processing of your personal data whenever:

  • No law requires it so.
  • The data are entered in publicly accessed sources.
  • Personal data are used to comply with obligations deriving from a legal relationship between the owner and the responsible party.
  • There is an emergency situation which may potentially cause damage to an individual or his/her property.
  • A decision is hereby ordered to be issued by a competent authority.

USE OF COOKIES, WEB BEACONS AND/OR ANY OTHER TECHNOLOGY

We hereby inform you that our Website uses cookies and that the data gathered using these technologies are: User ID, login ID, area from which they are accessed, type of browser, type of operating system, login and logout date and time, web pages checked out, searches made and advertisements revised. The above-mentioned data are gathered for the purpose of offering a better browsing experience using our web pages. These technologies may be disabled at any time by following the pertinent procedures for the browser used. However, by disabling them, you should take into account that the web page may not fully operate as it would should it not be disabled.

 

Date of last review: 15/12/2020

See Personal Data Protection Policies – Colombia.

See Privacy Notice for Owners of Personal Information – Colombia

 

 PERSONAL DATA USE POLICY OF VERITRAN COLOMBIA S.A.S. 

For VERITRAN COLOMBIA S.A.S. (hereinafter referred to as the “Company”,) the maintenance, protection and integrity of the personal data of its customers, suppliers, workers, contractors and other owners and legitimate parties are very important. To that end, we have designed these policies for using your personal data gathered and stored in our databases.

 

I.  IDENTIFICATION OF THE PARTY RESPONSIBLE FOR USING THE INFORMATION NAME: VERITRAN COLOMBIA S.A.S.

NIT (Tax Identification Number): 900.631.710-3

ADDRESS: calle 94 N° 14-73 bodega número treinta (30) in Multicentro Empresarial y Comercial la Villa, Pereira, Risaralda, Colombia.

E-MAIL: personal_data@veritran.com

TELEPHONE: (+57 6) 3110513

In its capacity as responsible party, the Company may enter into agreements of transmission of personal data with one or some people in charge of the use thereof. In these cases, the person in charge shall undertake to: (i) comply with the obligations of the responsible person under this policy; (ii) use the data as authorized by the owners under the use policy; and (iii) comply with the other obligations imposed by the laws on the matter.

 

II. PURPOSE

 Describe the guidelines necessary for the Protection of Personal Data stored in our database in order to comply with the provisions set forth in Act No. 1581 enacted in 2012 and its Regulatory Orders.

III. SCOPE

This policy applies to all collaborators of the Company having access, whether directly or remotely, to its databases. In addition, the suppliers and contractors of the Company having access to the personal data of the owners who have provided them to such Company shall comply with the Act and this policy.

IV. REGULATIONS AND SCOPE OF APPLICATION

This Personal Data Use Policy has been prepared pursuant to the provisions set forth in the Political Constitution, Act No. 1581 enacted in 2012, Regulatory Orders No. 1377 enacted in 2013 and 886 enacted in 2014, and other supplementary provisions, and shall be applied by VERITRAN COLOMBIA S.A.S. concerning the compilation, storage, maintenance, use, circulation, suppression and any other activities dealing with the use of personal data.

 

V. DEFINITIONS

 Pursuant to the laws in force on the matter, the terms mentioned below are defined as follows:

  1. Authorization: Prior and express consent informed by the owner to carry out the use of personal data.
  2. Privacy notice: Verbal or written communication sent by the responsible party to the owner for the use of his/her personal data in order to inform about the existence of information use policies that shall become applicable, the manner in which they may be accessed and the purposes of the intended use thereof.
  3. Database: Organized set of personal data intended to be used.
  4. Personal data: Any information related to or that may be associated with one or several determined or to-be-determined individuals. Such data may be as follows:
  • Sensitive personal data: Information affecting the privacy of a person or which undue use may cause his/her discrimination, such as those revealing the racial or ethnic origin, political orientation, religious or philosophical convictions, membership of labor unions, social or human-right organizations or any other organization that promotes the interests of a political party or ensures the rights and guarantees of opposition political parties, as well as the data related to health, sexual life and biometric data (fingerprints, among others.)
  • Public personal data: Data qualified as such under the law or the political constitution, and all data which are neither semiprivate nor private. The data included in public documents, court judgments duly enforced and not subjected to any reserve whatsoever and documents related to the marital status of people, among others, are public. In addition, the personal data indicated in the commercial record of Chambers of Commerce (Section 26 of the Commercial Code,) which may be gathered and offered with no reserve and irrespective of whether they refer to general, private or personal information.
  • Private personal data: Data which as per their intimate or reserved nature are only relevant to the person owning the data.
  • Semiprivate personal data: Data which are not of an intimate, reserved or public nature are semiprivate, and their knowledge or disclosure may be of interest for their owner and for a certain sector or group of people or society in general. Within such category, you may find the data about the compliance or infringement of the financial obligations or the data of the relations established with social security entities, among others.
  1. Party in charge of use: Individual or legal entity, whether public or private, which by itself or in association with other parties conducts the use of personal data in the name of the party responsible for such use. 
  2. Party responsible for use: Individual or legal entity, whether public or private, which by itself or in association with other parties, decides on the database and/or the use of data.
  3. Owner: Individual whose personal data are subject to use. 
  • Transfer: Data are transferred whenever the party responsible and/or in charge of the use of personal data, located in Colombia, sends the personal information or data to a receiver, who in turn is responsible for such use and is located in that country or otherwise.
  • Transmission: Use of personal data leading to the communication thereof in the Republic of Colombia or in foreign countries for the purpose of being used by the person in charge on behalf of the responsible party.
  • Use: Any operation or set of operations using personal data, such as the compilation, storage, use, circulation or suppression thereof.
  • Habeas Data: As set forth in provisions of Act No. 1266 enacted in 2008, it refers to the constitutional right held by people to know, update and rectify the information gathered about them in databases, and other constitutional rights and guarantees related to the compilation, use and circulation of personal data.
  • Third parties: Any individual or legal entity other than the Company, its suppliers, customers and counterparties. In addition, for the purposes of this policy, a third party refers to any individual or legal person who is not entitled under any contractual relation to know the confidential information and/or personal data included in the databases of the Company.

 

VI. TYPE OF INFORMATION SUBJECT TO USE

The information gathered by the Company subject to use may refer to, among others:

 

CUSTOMERS:

They refer to the data of individuals to which the Company sells products or provides services in furtherance of its company purpose. The Company shall gather the following personal data:

  1. Name or company name, number of identification or NIT, place of residence, address, telephones, fax and e-mail of customer.
  2. Name or company name, number of identification or NIT, address, telephones, fax and e-mail of manager or legal representative.
  3. Name and e-mail of assigned party for the portfolio collection.
  4. Tax information.
  5. Banking information including the name of the holder of banking account, number of banking account and name or code of bank.
  6. Credit, commercial, equity and financial information.

 

CONTRACTORS AND SUPPLIERS:

They refer to data of individuals having a contractual and commercial relationship with the Company. The Company shall gather the following personal data:

  1. Name or company name, number of identification or NIT, place of residence, address, telephones, fax and e-mail of contractor and/or supplier.
  2. Name, address, telephones, fax and e-mail of manager or legal representative.
  3. Name, address, telephones, fax and e-mail of manager, sales coordinator or any assignee thereof.
  4. Name and e-mail of assigned party for the portfolio collection.
  5. Tax information.
  6. Banking information including the name of the holder of banking account, number of banking account and name or code of bank.

 

EMPLOYEES:

They refer to data of individuals having a labor relationship with the Company. The Company shall gather the following personal data:

  1. Name or identification, address, telephone, name of spouse or permanent partner and beneficiaries, name and identification of children, medical record, social insurance memberships, health insurance, age, birth date, exam information, health condition, drugs administered, medical authorizations, among others, of workers and their family group.
  2. Résumé, education, experience and relationships with entities and companies.
  3. Salary and other payments.
  4. Pension contributions.
  5. Debt balance.
  6. Court processes and foreclosures.
  7. Information of membership of employee and labor union funds.
  8. Labor contract.
  9. Labor worker history.
  10. Report of psychological evaluation.
  11. Worker occupational medical record.
  12. Photo record.
  13. Labor union membership.
  14. Academic information.
  15. Migratory data.

If the gathered information includes sensitive data, the Company shall inform the owner of such sensitiveness and the purpose of use thereof. Furthermore, said data shall be only used upon his/her prior express and informed consent. As they are sensitive data, the owner is not obliged to authorize the use thereof.

 

 

VII. USE TO WHICH PERSONAL DATA AND THE PURPOSE FOR SUCH USE SHALL BE SUBJECT 

Personal data shall be gathered from the documents signed by the Company with its customers, suppliers, contractors and employees, such as forms of relationships with customers, forms of service requests, web page records, purchase orders, sale invoices, résumés, agreements, listings of attendees to events and other marketing and contact channels.

 The information referring to the personal data of the owners of the information shall be used for the following purposes:

  1. Administer the Company concerning its customers, suppliers, shareholders and other interest groups.
  2. Contact and send to the owners through physical mail, email, mobile phone or text messages (SMS and/or MMS,) among others, any information related to offers, promotions, alliances, studies, launches, marketing activities, customer service and other information about the current and future goods and services of the Company in furtherance of its company purpose.
  3. Provide and manage customer service, marketing activities, research studies, market analysis and advertising using internal and external media.
  4. Inform of the changes in our services.
  5. Conduct studies on the infringement of obligations and commercial relations, evaluate the quality of our products or services, as well as market studies at any level.
  6. Acquire the goods and services demanded by the Company in its ordinary course of business or in compliance with its contractual or legal obligations.
  7. Fulfill obligations assumed with our customers, suppliers and employees.
  8. Conduct procedures for invoicing, collection, technical support, collection of invoiced amounts, payment to customers, contractors, suppliers, employees, among others.
  9. Comply with authority requirements.
  • Be used as evidence pieces.
  • The other purposes for which services are necessarily provided, in an usual or accidental manner,by the Company, as well as all other purposes related whether implicitly or explicitly to the obligations and duties assumed by such Company on the basis of documents signed with the customers such as advisory or consultancy agreements, among others.

 The Company may appoint people in charge of the use of personal data for the above-mentioned purposes and in particular for the fulfillment of statutory obligations and the administration of payroll. Besides, accounting and commercial purposes refer to any activity oriented to submit offers, promotions, products, announcements, advertising, opportunities, raffles, campaigns, loyalty programs, fidelity programs, customer retention and, in general, information of products and services of the Company in which customers and users may be interested.

The Company may assign (transfer) the information included in its database as part of its assets in case such Company or any of its business units are sold, merged or acquired by third parties.

Notwithstanding the prior authorizations signed by the owner, the Company undertakes to comply with its data-privacy obligation, taking all necessary measures of technical, organization and safety nature to avoid their alteration, loss or non-authorized use or access, as set forth in Act No. 1581 enacted in 2012 y in Order No. 1377 enacted in 2013.

 

 

VIII. RIGHTS OF INFORMATION OWNER AND PROCEDURE FOR THEIR EXERCISE

The owner of personal data shall have the following rights:

  1. Know, update, rectify and suppress his/her personal data against the Company acting in his/her capacity as the party responsible for the use thereof.
  2. Request evidence of the authorization granted to the Company in his/her capacity as the party responsible for the use thereof, except as expressly provided for in the law as a requirement for such use (Section 10 of Act No. 1581 enacted in 2012.)
  3. Be informed by the Company, prior request filed therewith, about the existence of data related to him/her and the use made of his/her personal data.
  4. File with the Superintendency of Industry and Trade complaints based on the infringement of provisions set forth in Act No. 1581 enacted in 2012 and in Order No. 1377 enacted in 2013, as amended, added or supplemented, upon exhaustion of all query or claim actions brought against the party responsible for data use.
  5. Revoke the authorization and/or request the suppression of data whenever the legal and constitutional principles, rights and guarantees are not met in the use of such data.
  6. Access free of charge to his/her personal data subjected to the use.

The owners may exercise the rights described herein, file claims or requests to know, update, rectify and suppress information, revoke authorizations and request evidence of authorizations by sending an e-mail to personal_data@veritran.com or by mailing a written document to the address: calle 94 N° 14-73 bodega número treinta (30) in Multicentro Empresarial y Comercial la Villa, Pereira, Risaralda, Colombia, in compliance with the procedure described in Section XI of this policy.

 

IX. DUTIES OF THE PARTIES RESPONSIBLE FOR THE INFORMATION 

The Company as responsible party is entitled to define the essential purposes and media for the use of personal data, including any person acting as sources and users (Judgment C – 748 entered in 2011.) Consequently, the Company may provide the personal data to suppliers of products and services, somehow use them, appoint people in charge of such use and enter into transmission and transfer agreements, in compliance with the following duties:

  1. Ensure the owner at any time the full and effective exercise of his/her habeas data right.
  2. Request and keep the authorizations granted by the owners.
  3. Duly inform the owner about the purpose of compilation, the information use and the rights granted thereto upon the authorization so granted.
  4. Keep the information under conditions of safety necessary to prevent adulteration, loss, query, use or access that is non-authorized or fraudulent.
  5. Rectify the information whenever it is incorrect and communicate the correct information to each party in charge of the use thereof.
  6. Proceed with any queries and claims brought under the terms set forth in Act No. 1581 enacted in 2012.

In the case the responsible person enters into personal data transfer or transmission agreements, or appoints parties in charge of the use thereof, the responsible party shall check whether the person in charge undertakes to: (i) comply with the obligations of the responsible person under this policy; (ii) treat the data as authorized by the owners under the use policy; and (iii) comply with the other obligations imposed by the laws on the matter.

 

X. PARTIES IN CHARGE OF THE INFORMATION 

VeriTran considers the person in charge of using the information related to personal data as a critical-type stakeholder, thus establishing human-resources, technical and administrative safety policies that shall be met for the purpose of enforcing the fulfillment and application thereof by third parties. Likewise, VeriTran annually audits the compliance with safety guidelines to ensure the good use of computing assets. Therefore, the information included in databases, both physical and digital, which are directly administered by the critical-type supplier, is safeguarded. (Reference document titled “Policies of safety critical-type suppliers”.)

Likewise, VeriTran establishes by mutual agreement between the parties the following legislative provisions set forth in Act No. 1581 enacted in 2012 to be complied with by the party in charge of treating the personal information (Reference documents titled “Confidentiality agreement”.) The following obligations shall be met:

  1. Ensure the owner at any time the full and effective exercise of habeas data right.
  2. Keep the information under conditions of safety necessary to prevent adulteration, loss, query, use or access that is non-authorized or fraudulent.
  3. Timely conduct the update, correction or suppression of data under the terms of Act No. 1581 enacted in 2012.
  4. Update the information provided by the parties responsible for the use thereof within the term of five (5) business days as from the date of receipt.
  5. Proceed with any queries and claims brought by the owners under the terms set forth in the Act No. 1581 enacted in 2012.
  6. Implement an in-house manual of policies and procedures to ensure the proper fulfillment of Act No. 1581 enacted in 2012 and especially for answering any claims brought by the owners.
  7. Enter in the database the “claim pending resolution” heading, as set forth in Act No. 1581 enacted in 2012.
  8. Include into the database the “information under court discussion” upon prior notice served by the competent authority about any court processes related to the personal data condition.
  9. Refrain from publishing any information that is objected by the owner and which blockade has been ordered by the Superintendency of Industry and Trade.
  10. Allow for the access to the information only to the people that may have access thereto.
  11. Inform to the Superintendency of Industry and Trade any infringement of the safety codes and the existence of risks in the administration of owners’ information.
  12. Comply with the instructions and requirements imposed by the Superintendency of Industry and Trade.

 

XI. PROCEDURE FOR THE FILING OF CLAIMS AND DATA CORRECTION, UPDATE AND SUPPRESSION REQUESTS

The owners or any assignee thereof who consider that the information included in the database of the Company shall be subject to correction, update or suppression, or whenever they become aware of an alleged infringement of any of the duties set forth in the law may file a claim with the party responsible for use thereof. The procedure for such claim shall abide by the following rules: 

  1. The owner shall send a written communication to any of the service channels described above which shall include:
    • His/her complete name and identification number.
    • A description of the events giving rise to the request or claim and the purpose thereof (update, correction or suppression, or duty fulfillment.)
    • The contact data and physical or e-mail address at which he/she shall receive any answer.
    • All documents the owner wishes to use as evidence.
  2. The claim shall be filed upon request sent to the party responsible for data use, which shall include the identification of the owner, the description of the events giving rise to the claim, his/her address and any attached documents provided as evidence. Should the claim be considered incomplete, the stakeholder shall be required to rectify any failures within the term of five (5) days following receipt of such claim. After two (2) months as from the request date with the requestor not having filing the required information, the claim shall be deemed as withdrawn.

In case the person receiving the claim is not competent to settle it, he/shall serve notice upon the pertinent parties no later than two (2) business days to inform the stakeholder of such situation.

  1. Upon receipt of the complete claim, a heading titled “claim pending resolution” and the reason therefor shall be entered in the database within a term not later than two (2) business days. Said heading shall be kept until the claim is decided upon.
  2. Once the request has been sent by the owner and received by the party responsible for such owner’s data use, the request sent shall come to consideration within the following 10 business days as from the date of receipt thereof. If for any reason this request is not considered and therefore no answer is received by the owner within the established term, VeriTran shall be held responsible for informing such owner the reasons for which his/her request has not been satisfied and shall determine a new date for resolution thereof which may not be later than five business days as from the expiration date of the first procedure. 

Pursuant to provisions set forth in Section 16 of Act No. 1581 enacted in 2012, the owner may also bring a complaint before the Superintendency of Industry and Trade, upon exhaustion of all query or claim actions brought against the party responsible for data use.

 

 

XII       TRANSFER OF DATA TO THIRD-PARTY COUNTRIES PROCEDURE FOR THE FILING OF CLAIMS AND DATA CORRECTION, UPDATE AND SUPPRESSION REQUESTS

 Prohibition

The transfer of personal data from any type of countries not providing the adequate levels of data protection is hereby banned. A country is deemed to provide an adequate level of data protection whenever it complies with the standards established by the Superintendency of Industry and Trade on the matter, which in no case may it be lower than the levels required from recipients by Colombian laws. This prohibition is not applicable in the following cases: 

  • Information regarding which the owner has granted his/her express and unmistakable authorization for the transfer thereof.
  • Exchange of medical data, as required for the owner’s treatment due to public hygiene or health reasons.
  • Banking or stock-exchange transfers, as set forth in applicable laws.
  • Transfers agreed in the context of international treaties to which the Republic of Colombia is part on the basis of the reciprocity principle.
  • Transfers necessary for the enforcement of an agreement entered into by and between the owner and the party responsible for data use, or for the enforcement of precontractual measures provided always the owner has granted his/her authorization.
  • Transfers legally required for the protection of the public interest or the recognition, exercise or defense of a right in a court procedure.

 In cases not considered as exemptions in this item, the Superintendency of Industry and Trade shall issue the consent statement related to the international transfer of personal data. To that end, the Superintendent is entitled to require information and advance the procedures oriented to establish the fulfillment of requirements in order to make the operation viable.

As stated in this item, it is clear that the VeriTran organization does not transfer personal data to third-party countries. Therefore, such transfer is not considered in its personal data use policies and guidelines and/or checks for the handling and management of the information transferred.

 

XIII            RESPONSIBILITY HELD FOR PERSONAL DATA USE

 VeriTran adopts the Guide of Implementation of the Shown Responsibility Principle which has been issued by the Superintendency of Industry and Trade to implement the Comprehensive Program of Personal Data Management. This program allows duly managing the information considered as “Strictly Confidential” following these guidelines:

  • Responsibility held by chief executives. 
  • Responsibility held by the representative of chief executives.
  • Filing of reports.
  • Personal information database inventory.
  • Personal data protection use policy.
  • Personal data protection information safety policy.
  • Audits of the fulfillment by the party responsible of and/or the person in charge of the use of personal-nature information.
  • News report on the RNBD platform.

 

XIV     NEWS REPORT ON THE RNBD PLATFORM

 VeriTran, through its procedure of management of information safety incidents (Control A16 ISO 27001:2013,) manages and treats all information safety incidents on the basis of parameters established for their timely and due purpose.

Likewise, VeriTran updates, through a report submitted to the Superintendency of Industry and Trade on a biannual basis, the claims brought by the owners of the personal data and the information safety incidents filed with respect to such personal data. Pursuant to the foregoing, VeriTran annually informs any news regarding the amount of records made in each database or any events occurring as described in Section 14 of Order No. 886.” The parties responsible for the use of databases shall update the information entered in the National Register of Databases which is now substantially changed, as defined by the Superintendency of Industry and Trade.”

 

XV        PERSON OR AREA RESPONSIBLE FOR CONSIDERING REQUESTS, QUERIES AND CLAIMS

The administrative division of VERITRAN COLOMBIA S.A.S. shall be responsible for considering the requests, queries and claims of the owner of the information upon his/her exercise of the rights to know, update, rectify, suppress and revoke such information, as set forth in Act No. 1581 enacted in 2012.

 

XVI     CHANGES OF POLICIES

 The Company reserves the right to revise at any time this Data Use Policy and shall publish any change on its website www.veritran.com. Any substantial change to this policy shall be informed to the owners of the information before making it by sending notice thereof to the e-mail address so provided. Such notice shall indicate the date on which the new policy shall come into force and effect. Whenever the change deals with use purposes, a new authorization shall be requested from the owners to comply with such purposes.

 

XVII      FINAL PROVISIONS

 PRIVACY NOTICE: In the event the Company is not able to make this information use policy available to the personal data owner, it shall publish the privacy notice attached to this document, which text is to be kept for further reference by said data owner and/or the competent authority.

 

DATA GATHERED BEFORE ISSUANCE OF ORDER No. 1377 ENACTED IN 2013: Pursuant

to provisions set forth in item 3 of Section 10 of Regulatory Order No. 1377 enacted in 2013, the Company shall publish a notice on its web page www.veritran.com targeted to the owners of personal data for the purpose of disclosing this information use policy and the manner to exercise their rights as owners of personal data hosted in the Company’s databases.

 

XVIII      EFFECTIVE TERM

This policy shall become effective as from January 1st, 2018. The databases associated with this policy shall be effective for the maximum term authorized by applicable laws. In case of absence of statutory provisions in such regard, the databases shall be effective for an indefinite period of time, as provided for in Section 11 of Order No. 1377 enacted in 2013.

 

PARTY RESPONSIBLE FOR PROCESSING

VERITRAN COLOMBIA S.A.S, as the party responsible for the use of personal data of the owners who are contractually related to the organization, which are kept in physical and digital databases watched over by such company, undertakes to protect and properly use the personal and/or sensitive information considered as “Strictly Confidential.” Pursuant to the foregoing, the safety guidelines and/or policies determined and standardized by the company shall be met.

The responsibility held by the guardian of the personal information is determined in compliance with provisions set forth in Bylaws No. 1581 enacted in 2012 and other rules complementing and regulating them. 

For statutory purposes, “use” means any operation or set of operations involved in the compilation, storage, maintenance, use, circulation or removal of personal data conducted by the entity acquiring the information.

 

PURPOSE OF USE 

VeriTran recognizes the relevance of the safety, privacy and confidentiality of the information concerning the personal data entered and stored in its physical and digital databases. Said information is gathered from the activities conducted by the organization in furtherance of its company purpose. The purpose for which the data are gathered is compliant to the contractual obligations assumed on the basis of the connection and/or relation of the parties having an interest and represented as Collaborators and Suppliers.

 The purpose of use is expressly indicated in the public document entitled “POLÍTICA DE TRATAMIENTO DE DATOS PERSONALES VERITRAN COLOMBIA S.A.S” (PERSONAL DATA USE POLICY OF VERITRAN COLOMBIA S.A.S.,) which is published on the web page “www.veritran.com.”

 

RIGHTS OF OWNER

  • The owner of the data is entitled to know and have access at any time to the information provided, as well as to request its amendment, update or removal (except for any applicable legal and/or contractual obligation,) under the terms set forth in Act No. 1581 enacted in 2012 and Order No. 1377 enacted in 2013.
  • The owner of data is entitled to request a copy of the authorization previously issued for the use of his/her data.
  • The owner of data is entitled to be informed on the treatment of his/her personal data prior to the authorization issued for such use.
  • The owner of data is entitled to bring before the Superintendency of Industry and Trade, if so required, claims for infringements of provisions set forth in Act No. 1581 enacted in 2012, as amended, added or supplemented by other regulations.
  • The owner of data is entitled to annul the authorization once issued.

 

PERSONAL DATA INFORMATION USE POLICY

 The Personal Data Information Use Policy may be checked out on the following website: “www.veritran.com.

 

DATA OF PERSON

RESPONSIBLE FOR USE 

In the case the owner of personal data intends to establish a verbal and/or written communication, he/she may write to the following addresses:

E-mail: Jcastrillon@veritran.compersonal_data@veritran.com.

Personalized service location: calle 94 N° 14-73 bodega número treinta (30) in Multicentro Empresarial y Comercial la Villa. Pereira, Risaralda. Colombia.

Land line: (+57 6) 3678726.