Personal Data
Treatment Policy

Personal Data Treatment Policy

3TECH TELECOMM LLC, hereinafter THE COMPANY, as responsible for the treatment and in compliance with the protection of personal data, develops this Personal Data Processing Policy, as follows:

Objective: Establish the criteria for the collection, storage, use, conservation, circulation, segmentation, processing, individualization, validation, identification, control, custody, transmission, transfer, and deletion of personal data processed by THE COMPANY.

Scope: This policy applies to all personal information registered in the databases of THE COMPANY, who acts as the person responsible for its treatment.

Obligations: This policy is mandatory and strict compliance for THE COMPANY.

Responsible for the treatment: 3TECH TELECOMM LLC., legally constituted partnership company in Florida, with main address at, Medellín - Colombia, websites:

www.3tech.tel

THE COMPANY must request authorization so that the owner of the information grants his prior, express, and informed consent to the processing of his personal data.

The authorization may also be obtained based on unequivocal behaviors of the data owner, which allow a reasonable conclusion that he granted his consent for the processing of his information. Said behaviors must clearly express the will to authorize the treatment.

Purposes and treatment to which the personal data will be submitted:

THE COMPANY will conduct the treatment (collection, storage, use, among others) of personal data in accordance with the provisions of the law and judicial or administrative mandates, as well as the provisions of the authorizations when appropriate to conduct the activities characteristic of its function. The processing of personal data may be conducted through physical, automated, or digital means according to the type and form of collection of personal information.

THE COMPANY will conduct the processing of personal data in compliance with its legal or judicial functions and in accordance with the purposes established in the respective authorizations when applicable. For the following purposes:

Conduct the necessary steps to confirm and update the information of the Holder.

Contact the Holder through email, text messages, calls, social networks, or any other similar platform, to establish communication with him.

Validate and verify the identity of the Owner to manage and offer products and services, as well as to share information with various market players through any means or channel according to the Owner's profile.

Establish, maintain, and terminate contractual relationships with the Owner.

Know the financial, commercial, credit behavior and compliance with the legal obligations of the Holder.

Consult and compare the information of the Holders with that stored in the different databases of authorities, state entities and third parties, such as: information operators, entities of the Social Security System, National Registry of Civil Status, Data Bank, among other related entities.

Receive information regarding current and future commercial campaigns, promotion of products and services both own and third parties, financial education and innovations made on products or services; and other communications necessary to keep the Holder informed and informed by: phone call, text message, email, or any integration social network or instant messaging, among others; as well as carry out commercial, statistical, risk, market, interbank and financial analysis and research, including contacting the Holder for these purposes.

Receive messages related to collection management and portfolio recovery, either directly or through a third party contracted for such function. (In case of apply).

Provide legal, security, service, or any other information.

Know the location and contact details of the Holder for the purposes of notifications for security purposes and offering benefits and commercial offers.

Prevent money laundering, terrorist financing, detect fraud, corruption, and other illegal activities, as well as transfer personal data outside the country to comply with applicable anti-money laundering regulations.

Make inquiries about fines and sanctions before the different administrative and judicial authorities or public databases whose function is to manage data of this nature.

Manage procedures such as requests, complaints, and claims, as well as any management that the Owner intends to conduct.

Transmit and transfer personal data inside and outside the country to third parties with whom THE COMPANY has signed any type of contract or agreement and it is necessary to deliver them for the fulfillment of the contractual object, as well as transmit personal data when necessary to conduct processes of risk management and other assurances required by THE COMPANY.

Safeguard in an adequate and sufficient way the information collected from the Holders, through technological platforms that generate reliable security mechanisms, to access the data through previously defined roles and access profiles.

Control access to offices and establish security measures, including the establishment of video surveillance areas.

Respond to inquiries and requirements made by judicial, administrative and control bodies, as well as transmit and transfer the data to legal and/or natural persons who, by virtue of the applicable law, must receive them.

Determine the outstanding obligations with THE COMPANY by the Holders, consult their financial information, credit history, and report their unfulfilled obligations to information centers. (In case of apply).

Allow the use of the different services through the websites of THE COMPANY, including downloads of content and formats, as well as the processing of information.

Share information of the Holders with entities with which THE COMPANY has contracted insurance policies on the contracts entered with the Holders.

Comply with the obligations contracted by THE COMPANY with the Owner of the Information, in relation to the payment of wages, social benefits and other remuneration enshrined in the employment contract or as provided by law. (Applies only to Employees).

Inform the modifications present in the development of the employment contract to the Employee Holder of the Information. (Applies only to Employees).

Evaluate the quality of the services offered by the Employee Holding the Information. (Applies only to Employees).

Process information of applicants or candidates within THE COMPANY, to conduct selection and evaluation processes of the applicant as well as their eventual link to THE COMPANY. (Applies only to applicants or candidates).

Conduct the activities of integral management of the shareholder registry book. (Applies only to shareholders).

Any other activity or process of a similar nature to those previously indicated and that are necessary to allow the development of the corporate purpose of THE COMPANY.

Sensitive data

The Owner has the right to choose not to provide any sensitive information that may eventually be requested, related, among others, to data on their racial or ethnic origin, membership of unions, social or human rights organizations, political, religious, or social convictions. sexual life, biometric or health data, unless required for the exercise of legal functions or when there is an order from an administrative or judicial authority.

Rights of the holders

Know, update, and rectify my personal data in front of THE COMPANY. This right may be exercised, among others, against partial, inaccurate, incomplete, fractioned, misleading data, or those whose Treatment is expressly prohibited or has not been previously authorized by me.

To be informed by THE COMPANY as responsible for the Treatment, upon request, regarding the use that has been given to the personal data of the Holder.

Submit complaints to the competent authority for violations of the provisions of the legislation that regulates the matter of Personal Data Processing.

Revoke the authorization and/or request the deletion of the data when the principles, rights and constitutional and legal guarantees are not respected in the treatment. The revocation and/or deletion will proceed when the Superintendence of Industry and Commerce has determined that in the Treatment the Company has incurred in conduct contrary to this Law and the Constitution.

Free access to the personal data provided that have been subject to Treatment. The information requested by the Holder may be provided by any means, including through electronic means.

The previous rights are understood, without prejudice to the legal, administrative, security and diligence obligations that THE COMPANY must have in execution.

Duties of the data controller

Guarantee the Owner, always, the full and effective exercise of the right of habeas data.

Request and keep, under the conditions of the respective authorization granted by the Holder.

Duly inform the Holder about the purpose of the collection and the rights that assist him by virtue of the authorization granted.

Keep the information under the necessary security conditions to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access.

Guarantee that the information provided to the Treatment Manager is true, complete, exact, updated, verifiable and understandable.

Update the information, communicating in a timely manner to the Treatment Manager, all the news regarding the data that has previously been provided and adopt the other necessary measures so that the information provided to it is kept up to date.

Rectify the information when it is incorrect and communicate what is pertinent to the Treatment Manager.

Provide the Treatment Manager only data whose Treatment is previously authorized in accordance with the provisions of the aforementioned law.

Require the Treatment Manager to respect, always, the security and privacy conditions of the Owner's information.

Process inquiries and requests made in the terms indicated by law.

Adopt the necessary policies and procedures to guarantee adequate compliance with the law and to address queries and requests.

Inform the Treatment Manager when certain information is under discussion by the Owner once the request has been submitted and the respective process has not been completed.

Inform at the request of the Owner about the use given to their data.

Inform the data protection authority when there are violations of the security codes and there are risks in the administration of the information of the Holders.

Comply with the instructions and requirements issued by the competent authority.

Data of minors

THE COMPANY may process data of minors in accordance with the best interests of children and adolescents (NNA) and respecting their fundamental rights. The authorization must be granted by persons who are empowered to represent the children and adolescents. The representative of the children and adolescents must guarantee them the right to be heard and value their opinion of the treatment, considering the maturity, autonomy and capacity of the children and adolescents to understand the matter.

Attention to requests, queries, and claims

To make inquiries about the personal information that the Holder has in the databases of THE COMPANY or requests aimed at correcting, updating, rectifying, deleting, or revoking the authorization, THE COMPANY has management channels for its requirements or procedures regarding personal data protection. For the filing and attention of the Holder's request, it is requested to provide the following information:

Full name and surname.

Contact information (physical and/or electronic address and contact telephone numbers).

Means to receive a response to the request.

Reason(s) or fact(s) that give rise to the claim with a brief description of the right you wish to exercise (know, update, rectify, request proof of the authorization granted, revoke it, delete it, access the information).

Virtual Attention:

Email: info@3tech.tel, active 24 hours a day, understood as working from Monday to Friday from 8:00 a.m. to 5:00 p.m. to 5 p.m.

Telephone service: To be defined. Monday to Friday (business days) from 7:30 a.m. to 5:30 p.m. to 5:00 p.m. Continuous day.

Any request received outside the hours established for customer service will be deemed received the following business day.

Queries will be resolved within a maximum term of ten (10) business days, counted from the day after the date of receipt.

When it is not possible to address the query within said term, the interested party will be informed, stating the reasons for the delay and indicating the date on which it will be attended, which in no case may exceed five (5) business days following the expiration of the foreground.

The maximum term to address the claim will be fifteen (15) business days from the day following the date of receipt. When it is not possible to address the claim within said term, the interested party will be informed of the reasons for the delay and the date on which their claim will be addressed, which in no case may exceed eight (8) business days following the expiration of the first finished.

The Holder has face-to-face, virtual and telephone service channels through which the Holders obtain complete, clear, and precise information on the conditions of time, manner, and place in which their requirements or procedures will be attended or managed.

Revocation and/or deletion of data

The Owner of personal data always has the right to request THE COMPANY to revoke and/or delete (eliminate) their personal data, if it is not data used for the activities of THE COMPANY's mission, which will be governed by special regulations.

The right of deletion is not an absolute right, so THE COMPANY, as the person responsible for the processing of personal data, can deny or limit the exercise of this right when:

The Owner of the data has a legal or contractual duty to remain in the database.

The deletion of data hinders judicial or administrative actions related to tax obligations, the investigation and prosecution of crimes or the updating of administrative sanctions.

The data is necessary to protect the legally protected interests of the Holder; to conduct an action based on the public interest, or to comply with a legal obligation acquired by the Holder.

The data is data used in the activities of the mission of THE COMPANY.

Notwithstanding the foregoing, it will be guaranteed that the data is used exclusively for the requested purpose and that the corresponding reservation is given to the information.

The revocation and / or deletion will proceed when the competent authority has determined that in the Treatment the person in charge or in charge has incurred in conduct contrary to Law 1581 of 2012 and the Constitution, due to the death of the Holder, and / or by court order.

General disposition

THE COMPANY may conduct the transfer of data to other data controllers when it is conducted in the exercise of its functions, obligations, or when authorized by the Owner of the information or by law or by an administrative or judicial mandate.

THE COMPANY may send or transmit data to one or more managers located inside or outside the territory of the Republic of Colombia in the following cases:

For the exercise of its functions.

When you have authorization from the owner.

When without authorization there is a data transmission contract between the person in charge and the person in charge.

The law exempts from the personal data protection regime (i) files and databases belonging to the personal or domestic sphere; (ii) those whose purpose is national security and defense, the prevention, detection, monitoring and control of money laundering and the financing of terrorism, (iii) those whose purpose is and contain intelligence and counterintelligence information, (iv) those of journalistic information and other editorial content, (v) those regulated by Law 1266 of 2008 (financial and credit, commercial, services and information from third countries) and (vi) those regulated by Law 79 of 1993 (on population and housing censuses).

The policy established by THE COMPANY regarding the processing of Personal Data may be modified at any time. Any modification will be made in accordance with current legal regulations, and it will enter into force and take effect from its publication through the mechanisms provided by THE COMPANY so that the owners are aware of the information treatment policy and the changes that are made. produces in it.

Validity

This Policy for the Treatment of Personal Data governs from its publication.

The databases in which the personal data will be registered will be valid for the same time as the information is maintained and used for the purposes described in this Policy. Once that purpose(s) is(are) fulfilled and provided there is no legal or contractual duty to retain your information, the data will be deleted from THE COMPANY's databases, if there is an express request from the interested party.