TU OPERACIÓN SEGURA
DATA TREATMENT POLICY
- IDENTIFICATION: TU OPERACIÓN SEGURA Webpage (https://tuoperacionsegura.com).
We are a company offering Internet-based services, on a Webpage, to provide information on the performance of cosmetic surgical procedures, through a Blog and an anonymous electronic survey. We collect personal data when the user contacts us by Email at firstname.lastname@example.org.
- OBJECTIVE OF THE POLICY:
In compliance with the provisions of Law 1581 of 2012, Articles 15 and 20 of the Constitution and in accordance with the provisions of Decree 1377 of 2013, this Data Treatment Policy aims to guarantee the rights of owners regarding the treatment of their personal data.
- SCOPE OF THE POLICY:
The guidelines established in this Data Protection Manual apply to all the data provided by the people who enter the TU OPERACIÓN SEGURA Webpage and contact us, maintaining strict confidentiality in relation to the data provided.
In application of Law 1581 of 2012, regarding the protection of personal data, the principles enshrined for the treatment of personal data are comprehensively accepted.
- RIGHTS OF THE OWNER OF THE INFORMATION:
The owner of the personal data shall have the following rights, with respect to the personal data that are subject to treatment by TU OPERACIÓN SEGURA:
- To know, update and rectify his or her personal data with TU OPERACIÓN SEGURA, in his or per condition of the person responsible for the treatment.
- To request proof of the authorization given to TU OPERACIÓN SEGURA, except when it is expressly exempted as a requirement for treatment.
- To be informed by TU OPERACIÓN SEGURA, upon request, regarding the use your personal data has been given.
- To present complaints to the Superintendency of Industry and Commerce for infractions of the provisions of Law 1581 of 2012 and other regulations.
- To revoke the authorization and/or to request the deletion of the data.
- To access free of charge, his or her personal data that have been subject to treatment.
- RIGHTS OF CHILDREN AND ADOLESCENTS:
In the treatment, respect for the prevailing rights of children and adolescents will be ensured.
The processing of personal data of children and adolescents is prohibited, except for those data that are of a public nature.
It is the task of the State and all kinds of educational entities to provide information and train the legal representatives and guardians about the possible risks faced by children and adolescents with respect to the improper treatment of their personal data, and to provide knowledge on the responsible, safe use by children and adolescents of their personal data, their right to privacy and the protection of their personal information and that of others.
- DUTIES OF TU OPERACIÓN SEGURA:
Under this Personal Data Protection and Treatment Policy, the following are our duties, without prejudice to the provisions foreseen in the law.
Consequently, the following obligations must be fulfilled:
- Duties When Acting as Responsible:
1) To request and keep, under the conditions set forth in this policy, a copy of the respective authorization granted by the owner of the data.
2) To clearly and sufficiently inform the owner about the purpose of the collection and the rights they have by virtue of the authorization granted.
3) At the request of the owner, to inform them on the use given to their personal data.
4) To process the inquiries and claims formulated in the terms indicated in this policy.
5) To ensure the principles of truthfulness, quality, security and confidentiality in the terms established in the following policy.
6) To keep the information under the security conditions necessary to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access.
7) To update the information when necessary.
8) To rectify personal data when appropriate.
- Duties When Treatment Is Made Through a Data Processor:
1) To provide the treatment data processor with only the personal data the treatment of which has been previously authorized.
2) To guarantee that the information provided to the person in charge of data processes is true, complete, accurate, up-to-date, verifiable and understandable.
3) To communicate in a timely manner to the data processor all the changes regarding the data that has been previously provided to him and to adopt the other measures necessary so that the information provided to it is kept up-to-date.
4) To inform the treatment data processor of all the rectifications made on the personal data in a timely manner, in order to make the pertinent adjustments.
5). To require that the treatment data processor respect the security and privacy conditions of the owner’s information.
6) To inform the treatment data processor when certain information is under discussion by the owner, once a complaint has been presented and the respective procedure has not been completed.
- AUTHORIZATIONS AND CONSENT OF THE OWNER:
Without prejudice to the exceptions foreseen in the Law, the treatment of the owner’s personal data requires their prior, informed authorization, which must be obtained by any means that may be subject to subsequent consultation.
- LEGITIMATION TO EXERCISE THE OWNER’S RIGHT:
The owners’ rights established in the Law may be exercised by the following persons:
- By the owner, who must sufficiently prove his identity by the different means made available by TU OPERACIÓN SEGURA.
- By the owner’s titleholders, who must prove said quality.
- By the owner’s representative or proxy, upon prior accreditation of the representation or empowerment.
The rights of children and adolescents will be exercised by the person(s) who are authorized to represent them.
- PROCEDURE TO ATTEND CONSULTATIONS, CLAIMS AND PETITIONS:
Consultations: The owners or their titleholders may consult the owner’s personal information that rests in TU OPERACIÓN SEGURA, which will provide all the information contained in the individual record or that is linked to the Owner’s identification.
The consultation will be formulated by Email (email@example.com) and will be attended within a maximum period of ten (10) business days from the date of receipt of the Email. When it is not possible to attend the consultation within this period, the interested party will be informed of the reasons for the delay and indicating the date on which the consultation will be attended, which – in no case – may surpass the five (5) business days following the expiration of the first period.
Claims: The owner or their titleholders who consider that the information contained in a database should be the object of correction, updating or deletion, or who wish to revoke the authorization for treatment, may present a claim, which will be processed under the following rules:
- The owners claim will be formulated by a request sent to TU CIRUGÍA SEGURA by Email (firstname.lastname@example.org) with the owner’s identification, the description of the facts that give rise to the claim, the address, accompanied by the documents that you wish to submit.
- The maximum period to attend the claim will be fifteen (15) business days from the day following the date of its receipt. When it is not possible to attend the claim within this period, the interested party will be informed of the reasons for the delay and indicating the date on which the claim will be attended, which – in no case – may surpass the eight (8) business days following the expiration of the first period.
- NOTICE OF PRIVACY
TU CIRUGÍA SEGURA has the Personal Data Treatment and Protection Policy, which is available at the Webpage and it forms an integral part of this document.
- VALIDITY AND UPDATES
This Database Treatment Manual is applicable as of JANUARY 1, 2018.