top of page
Cessna_Sovereign_1.png

POLICY

OF DATA

PRIVACY POLICY, TREATMENT AND PROCEDURE REGARDING THE PROTECTION OF PERSONAL DATA 

 

CENTRAL AEROSPACE  SAS

PRESENTATION

This document responds to the need to comply with the provision set forth in literal k) of article 17 of Law 1581 of 2012, which regulates the duties of those responsible for the processing of personal data, among which stands out that of adopting an Internal Manual of Policies and Procedures to guarantee adequate compliance with the Law and, in particular, for the attention of queries and claims.

 

It is of great importance to specify that in literals d) and e) of article 3 of Law 1581 of 2012, express mention is made of the person in charge and the person in charge of the treatment, respectively. Thus, theResponsibleof the treatment is the natural or legal person, public or private, that by itself or in association with others, decides on the database and/or the Treatment of the data, in this case CENTRAL AEROSPACE SAS duly represented by Rodrigo Perdomo, company located at Avenida Calle 26 No. 103 – 22 El Dorado International Airport Entrance 2 Interior 1, Bogotá DC, with contact telephone number (601) 413 - 9530. While the person in charge of the treatment is the natural or legal person, public or private, which by itself or in association with others, performs the processing of personal data on behalf of the Responsible. In the specific case of CENTRAL AEROSPACE SAS, the person in charge is the Technical Support Area, located at the same address as the person in charge, with contact emailrvelasco@centralaerospace.com

 

However, current technologies allow companies to efficiently manage, use and store the personal information that they use to fulfill their corporate business objectives, such as in their personnel selection and hiring processes, or related processes. with the service and attention to customers, users, suppliers, shareholders, managers, among others.

 

The fundamental right to habeas data aims to guarantee citizens the power to know, update and rectify the information that has been collected in data banks, as well as to exercise their rights, freedoms and constitutional guarantees related to the collection, treatment and circulation of your personal data. In this sense, the right to the protection of personal data endows the owner with a range of powers to maintain control over their personal information. These faculties start from the right to know who keeps the personal data, the uses to which they are being submitted, to the definition of who can consult them and the opposition to the possession and use of them._cc781905-5cde-3194-bb3b -136bad5cf58d_

 

Law 1581 of 2012 develops a series of guarantees and instruments designed to guarantee the validity of said fundamental right. In this context, the purpose of this manual is to cover and provide the aforementioned guarantees and instruments taking into account our condition as Responsible for the Processing of personal data in light, especially, of the provisions of literal k) of article 17 of the aforementioned Law. 

 

It is for the above, then, that this manual intends to expose the procedures for the collection and processing of personal data, as well as the channels of access to personal data and other situations enshrined in the provisions of Law 1581 of 2012 and Decrees 1377 of 2013. and 886 of 2014. In the same way, it includes the basic aspects of a regulatory nature, it contains independent annexes with models, documents and schemes of procedures that allow us to obtain authorization for the processing of personal data according to our particular needs.


 

CONTENT
 
CHAPTER I GENERAL PROVISIONS 
 
CHAPTER II AUTHORIZATION
 
CHAPTER III RIGHTS AND DUTIES
 
CHAPTER V INFORMATION SECURITY 
 
CHAPTER VI FINALS
 
ANNEX 1 PRIVACY NOTICE MODEL
 
ANNEX 2 MODEL AUTHORIZATION FORM FOR THE PROCESSING OF PERSONAL DATA


 

CHAPTER I 
GENERAL DISPOSITION

 

ARTICLE 1. APPLICABLE LAW. This manual was prepared taking into account the provisions contained in articles 15 and 20 of the Political Constitution of Colombia, Law 1581 of 2012, and Decrees 1377 of 2013 and 886 of 2014.

 

ARTICLE 2. SCOPE OF APPLICATION. This manual applies to the processing of personal data collected and managed by the company CENTRAL AEROSPACE SAS (Responsible for Treatment), located at Avenida Calle 26 No. 103 – 22 El Dorado International Airport Entrance 2 Interior 1.

 

ARTICLE 3. DATABASES. The policies and procedures contained in this manual apply to the databases managed by the company, and which will be registered in accordance with the provisions of Law 1581 of 2012, and Decrees 1377 of 2013 and 886 of 2014. Likewise, The processing of personal data will be carried out according to the time limits established in article 11 of Decree 1377 of 2013.

 

ARTICLE 4. OBJECT. By means of this manual, the provisions of literal k) of article 17 of Law 1581 of 2012 are fulfilled, which regulates the duties of those Responsible for the processing of personal data, among which is to adopt an internal manual of policies and procedures to guarantee adequate compliance with the Law and, in particular, for the attention of queries and claims. Así  itself has the purpose of regulating the procedures for the collection, handling and treatment of personal data carried out by CA, in order to guarantee and protect the fundamental right of Habeas Data within the framework established in the Law and its Regulatory Decrees.

 

ARTICLE 5. DEFINITIONS. For the purposes of applying the rules contained in this manual and in accordance with the provisions of article 3 of Law 1581 of 2012, it is understood by:

 

  1. Authorization: Prior, express and informed consent of the Owner to carry out the Processing of personal data;

  2. Database: Organized set of personal data that is subject to Treatment;

  3. Personal data: Any information linked or that can be associated with one or several determined or determinable natural persons;

  4. Treatment Manager: Natural or legal person, public or private, that by itself or in association with others, performs the Processing of personal data on behalf of the Treatment Manager;

  5. Responsible for the Treatment: Natural or legal person, public or private, that by itself or in association with others, decides on the database and/or the Treatment of the data;

  6. Owner: Natural person whose personal data is subject to Treatment;

  7. Treatment: Any operation or set of operations on personal data, such as collection, storage, use, circulation or deletion.

 

ARTICLE 6. PRINCIPLES. The principles established below constitute the general parameters that will be respected by CA  in the processes of collection, use and processing of personal data.

 

  1. Principle of purpose: The Treatment of personal data collected by CA  must obey a legitimate purpose of which the Owner must be informed.

  2. Principle of freedom: Treatment can only be carried out with the prior, express and informed consent of the Owner. Personal data may not be obtained or disclosed without prior authorization, or in the absence of a legal or judicial mandate that reveals consent.

  3. Principle of veracity or quality: The information subject to Treatment must be true, complete, exact, updated, verifiable and understandable. The Processing of partial, incomplete, fractional or misleading data is prohibited.

  4. Principle of transparency: In the Treatment, the right of the Holder to obtain from CA  at any time and without restrictions, information about the existence of data that concerns him must be guaranteed.

  5. Principle of access and restricted circulation: Personal data, except for public information, may not be available on the Internet or other means of dissemination or mass communication, unless access is technically controllable to provide restricted knowledge only to the Holders or authorized third parties. .

  6. Security principle: The information subject to Treatment by CA must be protected through the use of technical, human and administrative measures that are necessary to grant security to the records, avoiding their adulteration, loss, consultation, use or unauthorized access. or fraudulent.

  7. Principle of confidentiality: All persons involved in the Processing of personal data are obliged to guarantee the confidentiality of the information, even after the end of their relationship with any of the tasks included in the Treatment.

ARTICLE 7. The treatment (collection, storage, use, circulation or deletion) of personal data that will be carried out by CA  will have one or more of the following purposes:

 

  1. Achieve efficient communication related to our products, services, offers, promotions, alliances, studies, content, as well as those of our   related companies, and to facilitate general access to their information.

  2. Provide our services and products.

  3. Inform about new products or services that are related to the contracted or acquired.

  4. Comply with obligations contracted with our customers, suppliers, and employees.

  5. Report changes to our products or services. Evaluate the quality of the service.

  6. Inform about new programs and/or services that are related to our corporate purpose.

  7. Establish a direct relationship with our clients and those interested in our services.

  8. Include it in a database.

  9. Exchange, transfer and/or transmit your personal data with third parties.


 

CHAPTER II 
AUTHORIZATION

ARTICLE 8. AUTHORIZATION. The collection, storage, use, circulation or deletion of personal data by CA  requires the free, prior, express and informed consent of the owner thereof. CA , in its capacity as the person responsible for the processing of personal data, has provided the necessary mechanisms to obtain the authorization of the owners, guaranteeing in any case that it is possible to verify the granting of said authorization.

 

ARTICLE 9. FORM AND MECHANISMS TO GRANT THE AUTHORIZATION. The authorization may consist of a physical, electronic document, in any other format that allows guaranteeing its subsequent consultation, or through an appropriate technical or technological mechanism by which it can be unequivocally concluded that, if the owner had not acted, the data would never have been captured and stored in the database. The authorization will be issued by CA  and will be made available to the owner prior to the processing of their personal data, in accordance with the provisions of Law 1581 of 2012 and Decrees 1377 of 2013 and 886 of 2014 .

 

With the consented authorization procedure, it is guaranteed that the owner of the personal data has been made aware of both the fact that their personal information will be collected and used for specific and known purposes, and that they have the option of knowing any alteration to them. and the specific use that has been made of them. 
 

The foregoing in order for the owner to make informed decisions regarding their personal data and control the use of their personal information. The authorization is a declaration that communicates to the owner of the personal data the following information:

 

  1. Who collects (responsible or in charge)

  2. What is collected (data that is collected)

  3. Why do you collect the data  (the purposes of the treatment)

  4. How to exercise rights of access, correction, update or deletion of the personal data provided.

  5. If sensitive data is collected.

 

Annex 1 of this manual includes the authorization model for the collection and processing of personal data in order to inform and allow access to information from the company and its affiliates, related to services, products, offers, promotions, alliances, studies , contests and content.

 

ARTICLE 10. PROOF OF AUTHORIZATION. CA  will adopt the necessary measures to maintain records or suitable technical or technological mechanisms of when and how authorization was obtained from the owners of personal data for the treatment thereof.

 

ARTICLE 11. PRIVACY NOTICE. The Privacy Notice is the physical document, electronic or in any other format, which is made available to the Owner for the processing of their personal data. Through this document, the Holder is informed of the information regarding the existence of the information treatment policies that will be applicable to him, the way to access them and the characteristics of the treatment that is intended to be given to personal data.

 

Annex 2 of this manual includes a privacy notice model. 

 

ARTICLE 12. MINIMUM CONTENT OF THE PRIVACY NOTICE. The Privacy Notice, as a minimum, must contain the following information:

 

  1. Name or business name and contact information of the Treatment Manager.

  2. The Treatment to which the data will be submitted and the purpose thereof. 

  3. The rights that assist the Owner. 

  4. The mechanisms provided by the Responsible Party so that the Holder is aware of the information Treatment policy and the substantial changes that occur in it or in the corresponding Privacy Notice. In all cases, you must inform the Holder how to access or consult the information treatment policy. 

 

Notwithstanding the foregoing, when sensitive personal data is collected, the Privacy Notice must expressly state the optional nature of the response to questions regarding this type of data. 

 

ARTICLE 13. PRIVACY NOTICE AND POLICIES DE  INFORMATION TREATMENT. CA  will keep the model of the privacy notice that was transmitted to the Holders while the processing of personal data is carried out and the obligations derived from it last. For the storage of the model, CA  may use computer, electronic means or any other technology. 

 

 
CHAPTER III 
RIGHTS AND DUTIES

ARTICLE 14. RIGHTS OF THE HOLDERS OF INFORMATION.  In accordance with the provisions of article 8 of Law 1581 of 2012, the owner of the  personal data has the following rights:

 

  1. Know, update and rectify your personal data against CA, in its capacity as data controller.

  2. Request proof of the authorization granted to CA, in its capacity as Data Controller.

  3. To be informed by CA, upon request, regarding the use that has been given to your personal data.

  4. Submit complaints to the Superintendence of Industry and Commerce for violations of the provisions of Law 1581 of 2012, once the consultation or claim process has been exhausted before the Treatment Manager.

  5. Revoke the authorization and/or request the deletion of the data when the Treatment does not respect the constitutional and legal principles, rights and guarantees.

  6. Free access to your personal data that has been processed.

 

ARTICLE 15. DUTIES OF CA  IN RELATION TO THE PROCESSING  OF PERSONAL DATA. CA  will keep in mind, at all times, that personal data is the property of the people to whom they refer and that only they can decide on them. In this sense, it will use them only for those  purposes for which it is duly empowered, and respecting in  in any case Law 1581 of 2012 and Decrees 1377 of 2013 and 886 of 2014 on personal data protection.

 

In accordance with the provisions of article 17 of Law 1581 of 2012, CA  undertakes to permanently comply with the following duties in relation to the processing of personal data:

 

  1. Guarantee the Owner, at all times, the full and effective exercise of the right of Habeas Data. 

  2. Keep the information under the necessary security conditions to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access.

  3. Carry out in a timely manner, this is in the terms provided in articles 14 and 15 of Law 1581 of 2012, updating, rectifying or deleting the data.

  4. Process the queries and claims made by the Holders in the terms indicated in article 14 of Law 1581 of 2012.

  5. Insert in the database the legend "information under judicial discussion" once notified by the competent authority about judicial processes related to the quality or details of the personal data.

  6. Refrain from circulating information that is being controversial by the Holder and whose blocking has been ordered by the Superintendence of Industry and Commerce.

  7. Allow access to information only to people who may have access to it.

  8. Inform the Superintendence of Industry and Commerce when there are violations of the security codes and there are risks in the administration of the information of the Holders.

  9. Comply with the instructions and requirements issued by the Superintendence of Industry and Commerce.

 

 

CHAPTER IV
ACCESS, CONSULTATION AND COMPLAINT PROCEDURES

ARTÍCULO  16.  DERECHO  DE  ACCESO.  El Power of disposition or decision that the holder has over the information that concerns him, necessarily entails the right to access and know if his personal information is being processed, as well as the scope, conditions and generalities of said treatment. In this way, CA  must guarantee the holder his right of access in three ways:

 

  1. The first implies that the owner can know the effective existence of the treatment to which his personal data is subjected.

  2. The second implies that the owner can have access to his personal data that is in the possession of the Responsible.

  3. The third involves the right to know the essential circumstances of the treatment, which translates into the duty of CA  to inform the owner about the type of personal data processed and each and every one of the purposes that justify the treatment.

 

PARAGRAPH: CA  will guarantee the right of access to information with, prior accreditation of the identity of the owner or personality of his representative, the detail of the data is made available to him, free of charge. Personal data through electronic means that allow the Holder direct access to them. Said access must be offered without a term limit and must allow the holder the possibility of knowing and updating them online.

 

ARTICLE 17. CONSULTATIONS. In accordance with the provisions of article 14 of Law 1581 of 2012, the owners or their successors in title may consult the personal information of the Owner that rests in any database. Consequently, CA  will guarantee the right of consultation, providing the holders with all the information contained in the individual record or that is linked to the identification of the Holder.

 

For the attention of requests for consultation of personal data CA  guarantees:

 

  1. Enable electronic means of communication or others that it considers pertinent.

  2. Establish forms, systems and other simplified methods, which must be informed in the privacy notice.

  3. Use the customer service or claims services that you have in operation.

 

In any case, regardless of the mechanism implemented for the attention of consultation requests, they will be attended to within a maximum term of ten (10) business days from the date of receipt. When it is not possible to attend to the query within said term, the interested party will be informed before the   expiration of the 10 days, stating the reasons for the delay and indicating the date on which the query will be addressed, the which in no case may exceed five (5) business days following the expiration of the first term.

 

ARTICLE 18. CLAIMS. In accordance with the provisions of article 15 of Law 1581 of 2012, the Holder or his successors in title who consider that the information contained in a database must be subject to correction, updating or deletion, or when they notice the alleged breach of any of the duties contained in Law 1581 of 2012, may file a claim with the Treatment Manager, which will be processed under the following rules:

 

  1. The claim may be submitted by the Owner, taking into account the information indicated in article 15 of Law 1581 of 2012, in the format or formats proposed by the Responsible Party. If the claim received does not have complete information that allows it to be processed, that is: with the identification of the Holder, the description of the facts that give rise to the claim, the address, and accompanying the documents that you want to assert, the interested within five (5) days of receipt to correct the failures. After two (2) months from the date of the request without the applicant submitting the required information, it will be understood that the claim has been withdrawn. If for any reason a claim is received that in reality should not be directed against CA, it will transfer, to the extent of its possibilities, to whomever it corresponds to within a maximum term of two (2) business days, and will report the situation to the interested.

  2. Once the complete claim has been received, a legend that says "claim in process" and the reason for it will be included in the database maintained by the Responsible Party, within a term of no more than two (2) business days. Said legend must be maintained until the claim is decided.

 

The maximum term to address the claim will be fifteen (15) business days from the day following the date of receipt. When it is not possible to attend to it within said term, the interested party will be informed before the expiration of the referred  term, the reasons for the delay and the date on which their claim will be addressed, which in no case may exceed eight (8) business days following the expiration of the first term.

 

ARTICLE 19. IMPLEMENTATION OF PROCEDURES TO GUARANTEE THE RIGHT TO SUBMIT CLAIMS. At any time and free of charge, the owner or his representative may request CA  to rectify, update or delete their personal data, after proving their identity. The rights of rectification, updating or deletion may only be exercised by:

 

  1. The owner or his successors in title, after proving his identity, or through electronic instruments that allow him to identify himself.

  2. Your representative, prior accreditation of the representation.

 

When the request is made by a person other than the owner and it is not proven that the person acts on behalf of the former, it will be considered as not submitted.

 

The request for rectification, updating or deletion must be submitted through the means enabled by CA  indicated in the privacy notice and contain, at least, the following information:

 

  1. The name and address of the owner or any other means to receive the response.

  2. Documents proving the identity or personality of your representative.

  3. The clear and precise description of the personal data with respect to which the owner seeks to exercise any of the rights.

  4. If necessary, other elements or documents that facilitate the location of personal data.

 

FIRST PARAGRAPH. RECTIFICATION AND UPDATING OF DATA. CA  has the obligation to rectify and update at the request of the owner, the information of the latter that turns out to be incomplete or inaccurate, in accordance with the procedure and the terms indicated above. In this regard, the following shall be taken into account:

 

  1. En  las  solicitudes  de  rectificación  y_cc781905-5cde-3194 -bb3b-136bad5cf58d_ actualización  de  datos  personales  el  titular You must indicate the corrections to be made and provide the documentation that supports your request. 

  2. CA  has full freedom to enable mechanisms that facilitate the exercise of this right, as long as they benefit the owner. Consequently, electronic means or others that it considers pertinent may be enabled.

  3. CA  may establish forms, systems and other simplified methods, which must be informed in the privacy notice and which will be made available to interested parties on the website.

 

For these purposes, CA  may use the same service or customer service that it has in operation, as long as the response times are not greater than those indicated by article 15 of Law 1581 of 2012.

 

Every time CA  makes available a new tool to facilitate the exercise of their rights by the holders of information or modifies the existing ones, lo  will inform through their website.

 

SECOND PARAGRAPH. DELETION OF DATA. The owner has the right, at all times, to request CA  the deletion (elimination) of their personal data when:

 

  1. Consider that they are not being treated in accordance with the principles, duties and obligations set forth in Law 1581 of 2012.

  2. They have ceased to be necessary or pertinent for the purpose for which they were collected.

  3. The period necessary for the fulfillment of the purposes for which they were collected has been exceeded

 

This deletion implies the total or partial elimination of personal information as requested by the owner in the records, files, databases or treatments carried out by CA. It is important to take into account that the right to cancel is not absolute and the person in charge can deny the exercise of it when:

 

  1. The owner has a legal or contractual duty to remain in the database.

  2. The deletion of data hinders judicial or administrative actions related to tax obligations, the investigation and prosecution of crimes or the updating of administrative sanctions.

  3. The data is necessary to protect the legally protected interests of the owner; to carry out an action based on the public interest, or to comply with an obligation legally acquired by the owner.

 

If the cancellation of personal data is appropriate, CA  must operationally carry out the deletion in such a way that the deletion does not allow the recovery of the information.

 

ARTICLE 20. REVOCATION OF THE AUTHORIZATION. The holders of personal data may revoke consent to the processing of their personal data at any time, as long as it is not prevented by a legal or contractual provision. For this, CA  must establish simple and free mechanisms that allow the owner to revoke their consent, at least by the same means by which they granted it.

 

It should be taken into account that there are two modalities in which the revocation of consent can be given. The first, can be about all the consented purposes, that is, that CA  should completely stop processing the owner's data; the second, can occur on certain types of treatment, such as for advertising or market research purposes. With the second modality, that is, the partial revocation of consent, other purposes of the treatment  are kept safe that the person in charge, in accordance with the authorization granted, can carry out and with which the owner do you agree. Therefore, it will be necessary for the owner al  when submitting the revocation request, indicate in it whether the revocation he intends to carry out is total or partial. In the second hypothesis, it must be indicated with which treatment the owner is not satisfied.

 

There will be cases in which the consent, due to its necessary nature in the relationship between the owner and the person responsible for the fulfillment of a contract, by legal provision cannot be revoked. The mechanisms or procedures that CA  establishes to deal with requests for revocation of consent may not exceed the deadlines provided for dealing with claims as indicated in article 15 of Law 1581 of 2012.


 

CHAPTER V
SECURITY OF THE INFORMATION

ARTICLE 21. SECURITY MEASURES. In development of the security principle established in Law 1581 of 2012, CA  will adopt the technical, human and administrative measures that are necessary to grant security to the records avoiding their adulteration, loss, consultation, use or unauthorized or fraudulent access.

 

ARTICLE 22. IMPLEMENTATION OF SECURITY MEASURES. CA  will maintain mandatory security protocols for personnel with access to personal data and information systems. The procedure  must consider, at least, the following aspects:

 

  1. Scope of application of the procedure with detailed specification of the protected resources.

  2. Measures, norms, procedures, rules and standards aimed at guaranteeing the level of security required by Law 1581 of 2012.

  3. Functions and obligations of the staff.

  4. Structure of the personal data bases and description of the information systems that treat them.

  5. Procedure for notification, management and response to incidents.

  6. Procedures for making backup copies and data recovery.

  7. Periodic controls that must be carried out to verify compliance with the provisions of the security procedure that is implemented.

  8. Measures to adopt when a support or document is going to be transported, discarded or reused.

  9. The procedure must be kept up-to-date at all times and must be reviewed whenever relevant changes occur in the information system or in its organization.

  10. The content of the procedure must be adapted at all times to the provisions in force regarding the security of personal data.

 


 

CHAPTER VI
FINAL PROVISIONS

ARTICLE 23. CA  designates the TECHNICAL SUPPORT area or whoever acts in its place, to comply with the personal data protection function. TECHNICAL SUPPORT or whoever acts as such, will process the requests of the owners, for the exercise of the rights of access, consultation, rectification, updating, deletion and revocation referred to in Law 1581 of 2012. The foregoing, if applicable. necessary, it will be done with the support of the LEGAL area.

 

The attention of the requests of the Holders of the personal data, their representatives or successors in title will be made by electronic communication to the mail:rvelasco@centralaerospace.com; or by written communication close to our facilities, Avenida Calle 26 No. 103 – 22 El Dorado International Airport Entrance 2 Interior 1, Bogotá Colombia.

 

PARAGRAPH. CA  designates the TECHNICAL SUPPORT area as responsible for the adoption and implementation of the obligations set forth in Law 1581 of 2012.

 

ARTICLE 24. VALIDITY. This manual is effective as of July 30, 2016.

How to access, rectify and update your personal data or request their deletion? You have the right to access your personal data and the details of their treatment, as well as to rectify and update them if they are inaccurate  or to request their deletion when you consider that they are excessive or unnecessary for the purposes that justified their obtaining or oppose their treatment for specific purposes.

 

To exercise the aforementioned right, you must take into account the following:

 

  1. The unit in charge of matters related to data protection is the one indicated in Article 23 of this manual, located at the address identified in the Privacy Notice.

  2. Our office is located at the physical and electronic address reported in our Privacy Notice.

  3. For more information, please contact the telephone numbers and physical and electronic addresses that appear in our Privacy Notice and on our website.

 

 
 
ANNEX 1 
MODEL AUTHORIZATION FORM FOR THE PROCESSING OF PERSONAL DATA 

 

DATE: 

 

COMPANY NAME: CENTRAL AEROSPACE   SAS

 

ADDRESS: Avenida Calle 26 No. 103 – 22 El Dorado International Airport Entrance 2 Interior 1.

 

DESCRIPTION OF THE PURPOSE FOR WHICH THE DATA COLLECTED WILL BE USED:

 

The purpose of the personal data that we request is:

 

  • Achieve efficient communication related to our products, services, offers, promotions, alliances, studies, content, as well as those of our   related companies, and to facilitate general access to their information.

  • Provide our services and products.

  • Inform about new products or services that are related to the contracted or acquired.

  • Comply with obligations contracted with our customers, suppliers, and employees.

  • Report changes to our products or services. Evaluate the quality of the service.

  • Inform about new programs and/or services that are related to our corporate purpose.

  • Establish a direct relationship with our clients and those interested in our services.

  • Include it in a database.

  • Exchange, transfer and/or transmit your personal data with third parties.

 

We inform you that, in accordance with the provisions of Law 1581 of 2012, the personal data obtained from your request or provision of services or products will be collected in a database for the purpose indicated above and for a specific period. for its use.

 

If you want your data to be deleted from our databases, we request that you expressly express it within thirty (30) business days, counted from the receipt of this communication. 

 

Such database is maintained and managed under the responsibility of CA . The database has the necessary security measures for the adequate conservation of the data.

 

With the acceptance, the owner authorizes the processing of their data for the aforementioned purpose and acknowledges that the data provided in the application is true and that no information has been omitted or altered, being informed that the falsity or omission of any data will mean the inability to provide the service correctly.

 

We remind you of the possibility of accessing the data provided at any time, as well as requesting correction, updating or deletion, in the terms established by Law 1581 of 2012, by sending a written communication to_cc781905-5cde-3194-bb3b- 136bad5cf58d_ responsible for treatment at the address indicated above with the following information: name and surname, address for notification purposes, request in which the request is specified, date, signature of the person concerned. For your convenience, you can exercise these same rights through the website www.centralaerospace.com

 

As a sign of acceptance of the above (In case of physical completion, through the website or acceptance through the call or contact center: www.centralaerospace.com or 413-9530.

 

I consent and authorize my personal data to be processed in accordance with the provisions  in this authorization.




 

__________________________

 

Name of owner:

DC

 

 
APPENDIX 2 
NOTICE OF PRIVACY

CENTRAL AEROSPACE   SAS, identified with NIT 860.072.156-9, a company incorporated and existing under the laws of the Republic of Colombia and domiciled in the city of Bogotá, DC, with main offices in El Dorado Avenue # 103 – 22 El Dorado International Airport Entrance 2 Interior 1, with telephone number (601) 413 - 9530, is an entity committed to the protection of all information that may be associated or related to certain or determinable natural persons_cc781905-5cde -3194-bb3b-136bad5cf58d_ (los  “Personal Data”), to which en  has access to the development of its activity and corporate purpose. Generally, the Personal Data that CA  may receive, collect or access, includes the name, identification and contact information of natural persons, as well as information about their income, financial information through data collection, financial reports or other similar documents, sex, age, educational level, among others. In compliance with Law 1581 of 2012, Decree 1377 of 2013, Decree 886 of 2014 and other regulations that add, modify or repeal, we communicate to all holders of Personal Data this privacy notice (the "Notice") with the In order to inform you that CA  has created an Information Treatment Policy (the "Policy") which defines, among others, the principles that it will comply with when collecting, storing, using, transferring, transmitting and carry out any activity or operation with personal data (the "Treatment"). It also establishes the rights that the Holders have and the mechanisms for them to exercise them, as well as the purposes and purposes for which the personal data will be processed. The Policy can be consulted on the website at the following link: www.centralaerospace.com and in our offices at the address: Avenida El Dorado # 103 – 22 El Dorado International Airport Entrance 2 Interior 1.

 

You, as the owner of the Personal Data, will have by virtue of Law 1581 of

2012, Decrees 1377 of 2013 and 886 of 2014, the following rights:

 

(i) Know, update and rectify your Personal Data before CA  or those in charge of their treatment. This right may be exercised, among others, against partial data,  inaccurate,  incomplete,  that 0_cde_5c8cf58d fractioned 3194-bb3b-136bad5cf58d_ induce  to error or  those_cc781905-5cde-3194-bb3b-136bad5cf; whose treatment has not been expressly prohibited; (ii) Request proof of the authorization granted to CA, unless the Law indicates that said authorization is not necessary or that it has been validated in accordance with the provisions of article 10  del_cc781905-5cde -3194-bb3b-136bad5cf58d_ Decreto  1377;  (iii)  Presentar  solicitudes_cc781905-5cde -3194-bb3b-136bad5cf58d_ ante  CA  o el  encargado  del tratamiento respecto del uso que le You have given your Personal Data, and that they give you  tal  information;  (iv)_cc94b71-5c95c9 -136bad5cf58d_ Submit_cc781905-5cde-3194-bb3b-136ba d5cf58d_ ante  la  Superintendencia  de  Industria  y Comercio quejas por infractions to the Law; (v) Revoke your authorization and/or request the deletion of your Personal Data from CA's Databases, as long as there is no legal duty or contractual obligation of the Holder with CA, according to which the Holder You do not have the right to request the deletion of your Data.

Personal or revoke your Authorization for the Treatment of the same. If there is no legal or contractual duty and CA  has not deleted the Personal Data of the Holder of its Databases or has not revoked the authorization of who is entitled to revoke it within the legal term for it, the Holder may go to the Superintendence of Industry and Commerce to demand the revocation of the authorization and/or the deletion of Personal Data; (vi) Request access and free access to your Personal Data that have been subject to Treatment.

 

CA  will inform the owner of the Personal Data of any change to the Policy. Likewise, all modifications to the Policy and to this Privacy Notice will be informed on the CA  website and/or by email that will be sent to the holders of the Personal Data, always and when CA  has that information in its possession.

 

In the same way, in the Policy you will be able to consult what are the sensitive data that CA  will collect and in what circumstances. It is important to note that the authorization for the processing of sensitive data is optional on your part.

 

Your personal data will be collected and stored in a database and will be used for the following purposes:

 

  1. Achieve efficient communication related to our products, services, offers, promotions, alliances, studies, content, as well as those of our   related companies, and to facilitate general access to their information.

  2. Provide our services and products.

  3. Inform about new products or services that are related to the contracted or acquired.

  4. Comply with obligations contracted with our customers, suppliers, and employees.

  5. Report changes to our products or services. Evaluate the quality of the service.

  6. Inform about new programs and/or services that are related to our corporate purpose.

  7. Establish a direct relationship with our clients and those interested in our services.

  8. Include it in a database.

  9. Exchange, transfer and/or transmit your personal data with third parties.

 

Information holders are informed that they can consult CA's Internal Manual of Personal Data Policies and Procedures, which contains our policies    for the treatment of information collected, as well as the consultation and claim procedures that will allow you to exercise your rights to access, consult, rectify, update and delete data, by clicking on the following link:

www.centralaerospace.com

bottom of page