+1 310 2619255 Phone number available for inquiries!

Privacy policy

Personal Data Protection Policy Fajas Giselle

1 REACH
This Personal Data Protection Policy will apply to all Databases and / or files containing Personal Data that are subject to Treatment by FAJAS GISELLE. considered as responsible and / or in charge of the processing of Personal Data, (hereinafter THE COMPANY).

IDENTIFICATION OF THE RESPONSIBLE FOR THE PROCESSING OF PERSONAL DATA
FAJAS GISELLE., a company domiciled in California, United States.

3 DEFINITIONS
-Authorization: Prior, express and informed consent of the Holder to carry out the Processing of Personal Data.

-Privacy Notice: Verbal or written communication generated by the Responsible Party, addressed to the Owner for the Treatment of their Personal Data, by means of which they are informed about the existence of the Information Treatment Policies that will be applicable, the form of access them and the purposes of the Treatment that is intended to give personal data.

-Database: Organized set of Personal Data that is subject to Treatment.

-Personal Data: Any information linked to or that may be associated with one or more specific or determinable natural persons.

-In charge of the Treatment: Natural or legal person, public or private, that by itself or in association with others, carries out the Treatment of Personal Data on behalf of the Person Responsible for the Treatment. In the events in which the Responsible Party is not in charge of the Database, it will be expressly identified who will be the Manager.

-Responsible for the Treatment: Natural or legal person, public or private, that by itself or in association with others, decides on the Database and / or the Treatment of the data.

-Terms and Conditions: general framework in which the conditions for participants in promotional or related activities are established.

- Holder: Natural person whose Personal Data is subject to Treatment.

-Treatment: Any operation or set of operations on Personal Data, such as the collection, storage, use, circulation or deletion.

-Transfer: The transfer of data takes place when the person in charge and / or in charge of the processing of personal data, located in United States, sends the information or personal data to a recipient, who in turn is Responsible for the Treatment and is within the country.

-Transmission: Processing of Personal Data that implies the communication of the same within or outside the territory of the United States when it is intended to carry out a Treatment by the Manager on behalf of the Responsible.

4 TREATMENT
THE COMPANY, acting as Responsible for the Processing of Personal Data, for the proper development of its commercial activities, as well as for the strengthening of its relationships with third parties, collects, stores, uses, circulates and deletes Personal Data corresponding to natural persons with who has or has had a relationship, such as, without the enumeration implying limitation, workers and relatives of these, shareholders, consumers, clients, distributors, suppliers, creditors and debtors.

5 PURPOSE
Personal Data are subject to Treatment by THE COMPANY with the following purposes:

5.1. To send information to your workers and relatives;

5.2. For the provision of health services to the relatives of the workers of THE COMPANY who are beneficiaries of the health service;

5.3. For the recognition, protection and exercise of the rights of the shareholders of THE COMPANY;

5.4. To strengthen relationships with its customers, by sending relevant information, taking orders and attending to Requests, Complaints and Claims by the customer service area, evaluating the quality of its customer service, among others;

5.5. For the interaction with its Distributors and its legal obligations with its workers, among others.

5.6. To consolidate a timely and quality supply with its Suppliers, the evaluation of the fulfillment of its obligations, among others;

5.7. For the verification of balances of your creditors;

5.8. For the determination of pending obligations, the consultation of financial information and credit history and the report to information centers of unfulfilled obligations, with respect to its debtors;

5.9. To improve, promote and develop your products globally;

5.10. For marketing activities, statistics, research and other commercial purposes that do not contravene current legislation in Colombia;

5.11. For the attention of judicial or administrative requirements and the fulfillment of judicial or legal mandates;

5.12. To eventually contact, via email, or by any other means, natural persons with whom it has or has had a relationship, such as, without the enumeration implying limitation, workers and relatives of these, shareholders, clients, distributors, suppliers, creditors and debtors, for the aforementioned purposes.

6 RIGHTS OF THE HOLDERS OF PERSONAL DATA
Natural persons whose Personal Data are subject to Treatment by THE COMPANY, have the following rights, which they can exercise at any time:

6.1. Know the Personal Data on which THE COMPANY is carrying out the Treatment. Similarly, the Owner may request at any time that their data be updated or rectified, for example, if they find that their data is partial, inaccurate, incomplete, fractioned, misleading, or those whose Treatment is expressly prohibited or not. has been authorized.

6.2. Request proof of the authorization granted to THE COMPANY for the Treatment of your Personal Data.

6.3. Be informed by THE COMPANY, upon request, regarding the use that it has given to your Personal Data.

6.4. Submit complaints to the Superintendency of Industry and Commerce for violations of the provisions of the Law on Protection of Personal Data.

6.5. Request THE COMPANY to delete your Personal Data and / or revoke the authorization granted for the Treatment thereof, by submitting a claim, in accordance with the procedures established in paragraph 11 of this Policy. However, the request for deletion of the information and the revocation of the authorization will not proceed when the Holder of the information has a legal or contractual duty to remain in the Database and / or Files, nor while the relationship between The Owner and THE COMPANY, by virtue of which your data was collected.

6.6. Free access to your Personal Data subject to Treatment.

7 AREA RESPONSIBLE FOR THE IMPLEMENTATION AND OBSERVANCE OF THIS POLICY
The Management of FAJAS LADY S.A.S. is in charge of the development, implementation, training and observance of this Policy. For this purpose, all officials who carry out the Processing of Personal Data in the different areas of THE COMPANY, are obliged to report these Data Bases to Management and to immediately transfer all requests, complaints or claims to it. that they receive from the Personal Data Holders.

The Management has also been designated by THE COMPANY as the area responsible for the attention of requests, queries, complaints and claims before which the Holder of the information may exercise their rights to know, update, rectify and delete the data and revoke the authorization.

8 AUTHORIZATION
THE COMPANY must request prior, express and informed authorization from the Holders of the Personal Data on which it is required to carry out the Treatment.

8.1. Prior authorization means that consent must be granted by the Holder, at the latest at the time of the collection of Personal Data.

8.2. Express authorization means that the consent of the Holder must be explicit and concrete, open and non-specific authorizations are not valid. The Holder is required to express his willingness to authorize THE COMPANY to process his Personal Data. This manifestation of the will of the Holder can be given through different mechanisms made available by THE COMPANY, such as:

- In writing, filling out an authorization form as indicated in Annex 1.

- Orally, for example, in a telephone conversation or in a video conference.

- Through unequivocal behaviors that allow to conclude that you granted your authorization, for example, through your express acceptance of the Terms and Conditions of an activity within which the authorization of the participants is required for the Processing of their Personal Data.

- By means of the sales invoice in which all the customer data necessary for its preparation are listed.

IMPORTANT: In no case will THE COMPANY assimilate the Owner's silence to unequivocal conduct. Whatever the mechanism used by THE COMPANY, it is necessary that the authorization be kept in order to be consulted later.

8.3. Informed Authorization means that at the time of requesting the consent of the Holder, he must be clearly informed:

- The Personal Data that will be collected.

- The identification and contact information of the Responsible and the Person in Charge of Treatment.

- The specific purposes of the Treatment that is intended to be carried out, that is: how and for what the collection, use, and circulation of Personal Data will be done.

- What are the rights you have as the Owner of Personal Data; For this purpose, see numeral 6 of this Policy.

- The optional nature of the answer to the questions that are asked, when these relate to sensitive data or the data of girls, boys and adolescents.

9 SPECIAL PROVISIONS FOR THE TREATMENT OF PERSONAL DATA OF A SENSITIVE NATURE.
In accordance with the Personal Data Protection Law, data of a sensitive nature are those that affect privacy or whose improper use may generate discrimination, such as those related to:

- Racial or ethnic origin.

- Political orientation.

- Religious / philosophical convictions.

- Belonging to unions, social organizations, human rights organizations or political parties.

- Health.

- Sex life.

- Biometric data (such as fingerprint, signature and photo).

The processing of sensitive personal data is prohibited by law, unless there is express, prior, and informed authorization from the Data Subject, among other exceptions stipulated in the California Consumer Privacy Act (CCPA). In this case, in addition to complying with the requirements established for authorization, THE COMPANY must:


- Inform the Holder that because it is sensitive data, he is not obliged to authorize the Treatment of it.

- Inform the Holder which of the data that will be subject to Treatment are sensitive and the purpose of the Treatment.

IMPORTANT: No activity may be conditioned on the Holder providing sensitive Personal Data.


10. ATTENTION AND RESPONSE TO REQUESTS AND INQUIRIES:

What does the procedure consist of?

The Holder or the successors of it, may request THE COMPANY, through the means indicated below:

- Information on the Personal Data of the Holder that are subject to Treatment.

- Request proof of the authorization granted to THE COMPANY for the Processing of your Personal Data.

- Information regarding the use that has been given by THE COMPANY to your personal data.

Means enabled for the presentation of petitions and inquiries:

THE COMPANY has arranged the following means for the reception and attention of requests and inquiries, all of which allow us to keep proof of them:

- Communication addressed to FAJAS GISELLE

Attention and response from THE COMPANY:

Requests and inquiries will be answered within a maximum term of ten (10) business days from the date of receipt. When it is not possible to attend the request or query within said term, the interested party will be informed, stating the reasons for the delay and indicating the date on which their request or query will be attended, which in no case may exceed five (5) business days following the expiration of the first term.

11.2. ATTENTION AND RESPONSE TO COMPLAINTS AND CLAIMS:

What does the procedure consist of?

The Holder or the successors of it, may request THE COMPANY, through a complaint or claim presented through the channels indicated below:

- The correction or updating of the information.

- The deletion of your Personal Data or the revocation of the authorization granted for the Treatment of the same.

- That the alleged breach of any of the duties contained in the Personal Data Protection Law be remedied or corrected. The request must contain the description of the facts that give rise to the complaint or claim, the address and contact information of the applicant, and must be accompanied by the documents that are to be asserted.

Means enabled for the presentation of complaints and claims:

THE COMPANY has provided the following means for the reception and attention of complaints and claims, all of which allow us to keep proof of their presentation:

- Communication addressed to FAJAS GISELLE, United States.


Attention and response from THE COMPANY:

If the complaint or claim is presented incomplete, THE COMPANY must require the interested party within five (5) days following receipt of the complaint or claim to correct the faults. After two (2) months from the date of the request, without the applicant presenting the required information, it will be understood that he has withdrawn the complaint or claim. In the event that whoever receives the complaint or claim is not competent to resolve it, it will send it to the Management of FAJAS LADY S.A.S, within a maximum term of two (2) business days and will inform the interested party of the situation.

Once the complaint or complete claim has been received, a legend that says "claim in process" and the reason for it will be included in the Database, within a term of no more than two (2) business days. Said legend shall be kept until the complaint or claim is decided. The maximum term to address the complaint or claim will be fifteen (15) business days from the day following the date of receipt. When it is not possible to address the complaint or claim within said term, the interested party will be informed of the reasons for the delay and the date on which the complaint or claim will be addressed, which in no case may exceed eight (8) days business following the expiration of the first term.

12 INFORMATION OBTAINED IN PASSIVE FORM
When the services contained within the COMPANY's websites are accessed or used, the COMPANY may collect information passively through information management technologies, such as "cookies", through which information is collected about of the hardware and software of the equipment, IP address, type of browser, operating system, domain name, access time and the addresses of the websites of origin; Through the use of these tools, Personal Data is not collected directly. end of the users. Information about the pages that the person visits most frequently on these websites will also be collected in order to know their browsing habits.

However, the user of the websites of THE COMPANY has the possibility of configuring the operation of "cookies", according to the options of your internet browser.

13 SECURITY OF PERSONAL DATA
THE COMPANY, in strict application of the Principle of Security in the Treatment of Personal Data, will provide the technical, human and administrative measures that are necessary to grant security to the records avoiding their adulteration, loss, consultation, use or unauthorized or fraudulent access. The obligation and responsibility of THE COMPANY is limited to having the appropriate means for this purpose.

THE COMPANY does not guarantee the total security of your information nor is it responsible for any consequence derived from technical failures or improper entry by third parties to the Database or File in which the Personal Data subject to Treatment by THE COMPANY rests. and its Managers. THE COMPANY will require the service providers it hires to adopt and comply with the appropriate technical, human and administrative measures for the protection of Personal Data in relation to which said providers act as Managers.

14 TRANSFER, TRANSMISSION AND DISCLOSURE OF PERSONAL DATA
THE COMPANY may deliver the Personal Data to third parties not linked to THE COMPANY when by transfer to any title of any line of business with which the information is related.

In any case, in the contracts for the transmission of Personal Data, which are signed between THE COMPANY and those in charge of the Processing of Personal Data, it will be required that the information be treated in accordance with this Personal Data Protection Policy and the following will be included obligations in the head of the respective Manager:

- Give Treatment, on behalf of THE COMPANY to Personal Data in accordance with the principles that protect them.

- Safeguard the security of the databases in which Personal Data is contained.

-Keep confidentiality regarding the Treatment of Personal Data.