You are in:

Personal Data Protection

Habeas Data – Privacy Notification

ProColombia, established as an Autonomous Institution through commercial trust agreement incorporated in Public Deed No. 8851 of November 5, 1992 of the First Notary of Bogota D.C. (Capital District), with Tax Identification Number (NIT) 830.054.060-5 and primary address in Bogota D.C. (Colombia), hereby informs:

In compliance with Statutory Law 1581 of 2012, establishing the General Data Protection Regime in Colombia, and Regulatory Degree 1377 of 2013, as well as best international practices on the matter, ProColombia is responsible for processing (collection, storage, use, circulation, or deletion) personal information needed to carry out its mission of promoting Colombian exports, foreign direct investment, international tourism, and the country brand.

Owners of personal information are entitled to recognize, update, correct, or remove the information collected in the databases or files of the persons responsible for handling the data, in the terms set forth in current rules, and in the Personal Data Processing Policy, available at the following link: see policy

Personal data will be used by ProColombia for the purposes of its constituent act, such as the promotion of non-mining and non-energy exports, the attraction of foreign direct investment to Colombia, and the promotion of international tourism as well as the country’s image abroad, and in particular for the following:

  1. Carry out trust activities.
  2. Establish commercial contacts with companies in Colombia.
  3. Provide information to promote tourism.
  4. Send invitations to events organized by ProColombia.
  5. Address requests by the Ministry of Trade, Industry, and Tourism of Colombia, or any other authority.
  6. Additionally, personal data collected will be used in the following circumstances:
  • When required to establish a contractual relationship with you, in the context of the purposes described above.
  • When required to comply with a legal obligation  or a decision made by a competent authority.
  • In other events that are expressly authorized in Law 1581 of 2012 and Regulatory Decree 1377 of 2013.

 

The channels provided by ProColombia to receive and respond to requests, queries, and complaints regarding personal data are via mail to Calle 28 #13A 24 Piso 6 Torre B, postal code 110311, Bogotá D.C.; or via e-mail to the following address: infodpo@procolombia.co; or through the Questions, Complaints, Claims, Compliments, and Suggestions form found at: see link

Personal Data Processing Policy

1) Objective

ProColombia, in compliance with Statutory Law 1581 of 2012, which establishes the General Regime for Data Protection in Colombia, and Regulatory Decree No. 1377 of 2013, as well as international best practices on this matter, is responsible for processing your personal data. This policy establishes the general guidelines that are followed to properly handle personal data provided in accordance with the applicable regulatory requirements on the subject matter covered herein

2) Data Controller

The ProColombia Trust is an autonomous trust fund created by Law 7 of 1991 and Decree 663/2993 Organic Statute of the Financial System. It does not have legal personality and was constituted by means of a commercial trust agreement entered into between the Nation (today the Ministry of Trade, Industry, and Tourism) and Fiduciaria Colombiana de Comercio Exterior S.A.- Fiducoldex S.A. In accordance with the purposes of its creation, ProColombia is in charge of promoting tourism, attracting foreign investment in Colombia, and promoting non-mining and non-energy exports as well as the country's image abroad. This trust is responsible for the personal data provided to us through various means, such as direct interactions (e.g., forms or communicating with us by mail, phone, or email), automated technologies or interactions (e.g., cookies), and third party or publicly available information sources.

As responsible for data processing, ProColombia makes the following information available to the personal data subjects:

a) Address: Calle 28 No. 13 A-15, Piso 35, Bogotá D.C. - Colombia, b) Telephone number in Bogotá D.C.+57 601 5600100 - Fax: +57 601 5600104, outside Bogotá D.C.(+57) 01-900-33-10021, c) e-mail: infodpo@procolombia.co, d) Website: www.procolombia.co (and related websites).

3) Scope

This policy is applicable to all personal data stored or registered in the databases of the ProColombia Trust.

4) Processing and Purpose

Personal data will be used by ProColombia for the purposes of its constituent act, such as the promotion of non-mining and non-energy exports, the attraction of foreign direct investment to Colombia, and the promotion of international tourism as well as the country’s image abroad, and in particular for the following:

  1. To carry out Trust activities
  2. To make business contacts with companies in Colombia.
  3. To provide information on tourism promotions.
  4. To send invitations to events organized by ProColombia.
  5. To respond to requests made by the Ministry of Trade, Industry, and Tourism of Colombia or any other authority.
  6. Additionally, personal data collected will be used in the following circumstances:
  • When required to establish a contractual relationship with you, in the context of the purposes described above.
  • When required to comply with a legal obligation1 or a decision made by a competent authority.
  • In other events that are expressly authorized in Law 1581 of 2012 and Regulatory Decree 1377 of 2013.

1 When ProColombia Trust is required to comply with a legal obligation that means processing your personal data

5) Sensitive Data Processing

Personal data classified as sensitive, such as race or ethnicity, are only collected as statistical data to measure our management indicators. The following sensitive data are not collected: religious or philosophical beliefs, sex life, sexual orientation, political opinions, union membership, health information, genetic and biometric data, information on criminal convictions and offenses. If, in order to comply with a legal requirement, collecting any type of sensitive data is necessary, the data subject will be previously informed and the regulatory guidelines provided on processing this type of information will be applied

It should be noted that the information referred to in this section is collected with the data subject’s prior authorization.

6) Data Subject Rights:

Under data protection laws, the following are your Rights as the Data Subject:

  1. To consult, update, correct, eliminate, and revoke personal data. This right, among others, may be exercised with regards to partial, inaccurate, incomplete, fragmented, or misleading data, or data whose processing is expressly prohibited or has not been authorized.

  2. To request proof of consent or authorization of processing granted.

  3. To be informed about how ProColombia is using the personal data.

  4. To file before the corresponding control bodies,  complaints for violations of the provisions of the regulations in force and other standards that may modify, add to, or complement them.

  5. To access personal data that have been processed, free of charge.

  6. To refrain from answering questions about sensitive data

7) Procedures for Consulting, Updating, Eliminating, Revoking, and Confirming Personal Data

Through the contact channels mentioned in the following paragraph, the data subject may request to update, eliminate, revoke, and confirm the information and/or consult or make claims related to their information.

ProColombia will validate the identification, analyze, classify, and issue a response to the request within the times established by law. Responses will be sent via the same means through which the request was received, or as specified by the data subject in the request. Personal data shall not be eliminated and/or authorization to process the information shall not be revoked if the data subject has a legal or contractual duty to remain in ProColombia’s databases.

Such requests will be processed as long as they comply with the following requirements:

  1. The request must be addressed to ProColombia.
  2. It must have the data subject’s identification, or that of his/her successor, representative, or agent.
  3. It must contain a description of the facts giving rise to the request.
  4. it must provide contact details for notification of response
  5. It must provide documents and other information to support the request.

If the request is incomplete because it does not meet all the requirements, the applicant will be notified to correct the omissions within five (5) days following the receipt of the request. If the required information is not received after two (2) months from the date the applicant received the request to correct the omissions, it shall be understood that he/she has abandoned the claim.

The maximum term to issue a response to the request will be fifteen (15) business days from the day following the its receipt.

If it is not possible to respond to a request within the term initially established by the current regulations due to its complexity, the applicant will be informed why a response is not possible within the term established. In the notification addressing why it is impossible to respond within the term initially indicated, the applicant must be provided a date on which a response will be received, which in no case may exceed eight (8) working days following the expiration of the initial term.

8) Response to Requests, Queries, and Complaints

Channels through which you can exercise your rights. The channels provided by ProColombia to receive and respond to requests, queries, and complaints regarding personal data are via mail to Calle 28 #13A 24 Piso 6 Torre B, postal code 110311, Bogotá D.C.; or via e-mail to the following address: infodpo@procolombia.co; or through the Questions, Complaints, Claims, Compliments, and Suggestions form found at: https://procolombia.co/informacion/pqr.

Area responsible for complaints, claims, compliments, and suggestions. ProColombia's Quality and Sustainability Department is responsible for following up and monitoring these cases through the aforementioned channels.

9) ProColombia's Personal Data Processing Policies

  1. Comply with the processing of data subjects’ personal data within the parameters established by the Constitution and other current regulations.
  2. Obtain, in accordance with the provisions of current legislation, the data subjects’ express authorization either physically, electronically, and/or by phone, so that it can be consulted at a later date, in order to unequivocally verify that without the data subject’s consent, the data would never have been collected and stored either electronically or physically. Likewise, it may be obtained by means of the data subject’s clear and unequivocal conduct that reasonably allows the data controller to conclude that he/she has given his/her consent to process his/her personal data.
  3. Ensure the confidentiality, integrity, and availability of personal data by the data controller and data processors.
  4. Personal data will only be processed by employees who need it to carry out the activities required by their role or by the data controller or data processor. Data processors will be provided with the information required to fulfill contractual obligations.
  5. Employees must guarantee the confidentiality of the information while working for ProColombia or for the term of the contract, when applicable, and after contract termination or dismissal.
  6. Process personal data in accordance with the purposes authorized by the data subjects.
  7. ProColombia will not disclose personal data on the Internet or other mass media, unless it is public information or information required by law.
  8. Data subjects’ personal data will be safeguarded in accordance with the organization's information security and retention policies.
  9. Adopt other necessary measures to ensure the information is kept up to date.
  10.   Correct the information when it is incorrect and communicate only relevant information to any authorized third party.
  11.   Process the queries and claims submitted by the data subjects under the terms set forth in the current regulations.
  12.   At the data subject's request and when there is no legal or contractual duty for the data subject to remain in the databases, the data subject's information shall be eliminated.
  13.   Keep the information under the necessary security conditions to prevent it from being modified, lost, consulted, used, or from unauthorized or fraudulent access.
  14.   ProColombia will apply the appropriate security measures when processing sensitive data, which includes, among others, personal data regarding employees’ underage children.
  15.   Promote the strengthening of a corporate culture that, through training sessions, advocates for and safeguards the rights of data subjects.
  16.   Assure the data subject that the full and effective exercise of the right of habeas data is guaranteed at all times.
  17.   Duly inform the data subject of the reason for collecting their information and the rights he/she has by virtue of the authorization granted.
  18.   Ensure that the information provided to any authorized third party, within the parameters established in the current regulations, is truthful, complete, accurate, updated, verifiable, and understandable.
  19.   ProColombia may exchange personal data with public entities when they request it in the exercise of their functions, for issues related to plans, programs, and projects in the development of public policy.
  20.   The established policies may be modified at any time. Any modifications made will comply with current legal regulations, as well as with the best international practices in this area, and will become effective as soon as they are published in a place where the data subjects have access to them.
  21.   The transfer of personal data to countries that do not provide adequate levels of data protection will be carried out under the conditions established in the current regulations.
  22.   Carry out the activities required to comply with the obligations related to database registration, when applicable.

10) Validity

The databases in which personal data will be recorded will be valid for the time the information is kept and used for the purposes described in this policy.

Our privacy policy is periodically reviewed. This version was last updated on February 23, 2023.

It is important that the personal information we have about you is accurate and up to date. Please let us know if your personal data changes during your relationship with us.

Cookie Policy

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer (if you agree).

We may use the following cookies:

  • Strictly necessary cookies.These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website and sign up to our network and publications.
  • Analytical or performance cookies.These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies.These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Targeting cookies.These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

Cookie Name

Purpose

SESSXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

These are strictly necessary cookies that are needed for our website to run correctly.

 

has_js

DRUPAL_UID

cookieconsent_status

This is a strictly necessary cookie that records your consent to the cookies.

Google Analytics cookies

(Targeting cookies)

 

_ga

This cookie is used to differentiate between users.

_gat

This cookie is used to provide information on how users interact with our website so we can improve our customer experience.

 

_gid

This cookie is used to provide us with analytical reports by storing information, such as, the number of visitors our website generates and how they move around our website.

Cloudflare Cookies

(Strictly necessary cookies)

 

__cfduid

This cookie is used to help Cloudflare detect malicious visitors on our website.

__cf_bm

This cookie is used to allow Cloudflare to identify bots by managing incoming traffic to our website.

As we use third party cookies, please see the below links for further information on how these may be used:

Google Analytics

Cloudflare

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.

The time in which our cookies will expire range from a minimum of 1 minute to a maximum of 2 years.

Other Documents