Offers Profiles
Login
Register

Data Protection Policy

INTRODUCTION

This privacy policy describes how personal, private, semi-private, sensitive, and public data is collected, managed, and processed, as well as the information and documents. It applies to all operations and activities of the commercial company SIXMA GROUP S.A.S hereinafter referred to as SIXMA GROUP or KLIMB, a legal entity domiciled in and a national of the Republic of Colombia, identified with tax identification number 900770834-3, whose main objective is to carry out business management activities and any related activity aimed at helping people find employment and, at the same time, supporting companies in finding suitable job applicants.

This policy is of interest to any natural or legal person who uses or intends to use the services offered by KLIMB, as it informs the Data Subject about the terms under which their data will be processed, the principles, and the purposes pursued in compliance with the duty of information incumbent upon KLIMB. This policy has been designed based on Law 1581 of 2012 “Whereby general provisions are issued for the protection of Personal Data”, hereinafter referred to as the Policy.

  1. GENERALITIES

SCOPE OF APPLICATION. KLIMB acts as the Data Controller, and in this regard, the Policy applies to all Personal Data subject to processing by KLIMB, as well as to those of which it may have eventual knowledge due to its business relationships with Third Parties, in which case KLIMB may act as Data Processor or Controller as agreed with such Third Parties. 

Likewise, it shall apply when the Processing of Personal Data is carried out in Colombian territory, or when, by virtue of international regulations or treaties, Colombian legislation is applicable to those acting as Controllers or Processors.

 In order to ensure the duty of application and compliance with this Policy by all employees of KLIMB, training campaigns will be promoted in the departments that directly or indirectly participate in the Processing of Personal Data so that they are fully aware of the Policy and the applicable legal framework.

 KEY TERMS. To facilitate the understanding of the Policy, we will define relevant concepts that may have a technical meaning for the recipient:

  1. Data Subject: The natural person whose Personal Data is subject to processing.

  2. Third Parties: Refers to those duly authorized persons who, due to their contractual relationship with KLIMB, must have access to the Personal Data of Data Subjects, such as business partners, suppliers, contractors, shareholders, etc.

  3. Data Processor: May be a natural or legal person, public or private, who processes Personal Data on behalf of the Data Controller, alone or with others.

  4. Data Controller: May be a natural or legal person, public or private, who decides on the database and/or the Processing of Personal Data.

  5. Processing: Any operation or set of operations performed on Personal Data such as collection, storage, use, circulation, or deletion.

  6. Purpose of Processing: The use given to Personal Data by KLIMB with the prior authorization of the Data Subject.

  7. Personal Data: Any information that links or has any connection with a determined or determinable subject under applicable laws.

  8. Private Data: Information that, due to its intimate and/or reserved nature, is only of importance to its holder.

  9. Public Data: Information that can be obtained and disclosed regardless of whether it refers to general, private, or personal information as it has no reservation. It refers to the marital status of individuals, their profession or trade, and their status as a merchant or public servant.

  10. Semi-private Data: Refers to data whose nature is not intimate, reserved, or public. Its knowledge or dissemination may be of interest both to its holder and to certain groups of people or to society in general, such as financial and credit data of commercial activity.

  11. Sensitive Data: Information that may potentially affect the privacy of its Data Subject. Misuse of such data may lead to acts of discrimination by revealing, for example, racial or ethnic origin, political orientation, religious or philosophical beliefs, social or human rights organizations, or promoting the interests of any political party, among others.

  12. Database: An organized collection of personal data subject to Processing.

  13. Applicable Laws: The legal instruments governing this Policy are Law 1266 of 2008, Law 1581 of 2012, Decree 1377 of 2013, and any other regulations that may amend them.

  14. Services: Refers to the products and services offered by KLIMB.

RETENTION OF INFORMATION. Personal Data will be retained in KLIMB’s Databases in accordance with the principles of necessity and reasonableness

HOLDER SERVICE CHANNELS. In case the Data Subjects need to make any inquiry, request, complaint, or claim, it will be resolved in accordance with the rules related to the right of petition and may use the following service channels:

  • Chat

  • Email.

  • Call Center.

  1. DUTIES OF KLIMB AS DATA CONTROLLER

DUTIES AS DATA CONTROLLER. The following will be duties in the processing of personal data:

  1. Guarantee the Data Subject the full and effective exercise of their rights regarding Personal Data.

  1. Request and keep a copy of the authorization granted by the Data Subject under the conditions set forth in this Policy.

  1. Comply with the duty to inform the Data Subject about the purpose of the collection and their rights under the granted authorization.

  1. Store the information under the necessary security conditions to prevent its alteration, loss, consultation, unauthorized or fraudulent use or access.

  1. Ensure that the information provided to the Data Processor is accurate, complete, clear, updated, verifiable, and understandable.

  1. Update the information, promptly informing the Data Processor of any changes regarding the data previously provided, and take the necessary measures to keep the provided information updated.

  1. Verify the information when it is incorrect and inform the Data Processor accordingly.

  1. Provide the Data Processor only with data whose Processing has been previously authorized by the Data Subject in accordance with the applicable laws.

  1. Require the Data Processor to always respect the security and privacy conditions of the Data Subject's information.

  1. Process inquiries and claims submitted under the terms set forth in this Policy.

  1. Inform the Data Processor when certain information is under dispute by the Data Subject.

  1. When requested by the Data Subject, provide information on the use of their Personal Data.

  1. When security breaches occur and risks exist in the management of Data Subjects' information, the Controller must notify the data protection authority.

  1. Comply with the instructions and requirements issued by the Superintendence of Industry and Commerce.

  1. DUTIES OF KLIMB AS DATA PROCESSOR

The following will be duties in the processing of personal data:

  1. Update the information reported by the Data Controllers within five (5) business days from the receipt of the communication.

  1. Process inquiries and claims submitted by the Data Subjects.

  1. Register in the Database the note “claim in process” as regulated by the applicable laws.

  1. Avoid disclosing information that is under dispute by the Data Subject and whose blocking has been ordered by the Superintendence of Industry and Commerce.

  1. Allow access to the information only to those authorized for that purpose.

  1. Notify the Superintendence of Industry and Commerce when it becomes aware of any violation of security codes and/or risks in the management of Data Subjects' information.

  1. Comply with the instructions and requirements issued by the Superintendence of Industry and Commerce.

  2. PROCEDURES RELATED TO THE EXERCISE OF DATA SUBJECTS' RIGHTS

Regarding inquiries Data Subjects or their successors may consult their Personal Data, or any information of that nature stored in the Databases managed by KLIMB . To do so, they must make a request through the website [WEBSITE] . These inquiries will be handled as established by the applicable legislation concerning the right of petition. The above in compliance with Article 14 Inquiries of Law 1581 of 2012.

Regarding CLAIMS following Article 15 Claims of Law 1581 of 2012, the Data Subject or their successors, when they consider that the information in a Database must be corrected, updated, deleted, or when they identify a possible breach of any duties by KLIMB , may file a claim as follows:

Submitting a request addressed to KLIMB through the previously mentioned service channels, which must include the following information:

  1. Data Subject's identification.

  1. Description of the facts giving rise to the claim.

  1. Notification address.

  1. Additional documents to be considered.

If the claim is incomplete, KLIMB will request the applicant within five (5) business days following receipt of the claim to correct the deficiencies.

If after two (2) months from the date of the request, the Data Subject does not correct the deficiencies identified by KLIMB , it will be understood that the request has been withdrawn.

Once the claim is received, within no more than two (2) business days an entry will be made in the Database stating “claim in process” and its reason. This note will remain until the claim is resolved.

The claim must be resolved within fifteen (15) business days from the day after its receipt or from the submission of additional information requested by KLIMB . If it is not possible to resolve the claim within the indicated term, the applicant will be informed of the reasons for the delay and the date on which the claim will be resolved, which may not exceed eight (8) additional business days after the first term expires.

The complaint may be submitted to the Superintendence of Industry and Commerce once the consultation or claim process before the Controller or Processor has been exhausted.

  1. AUTHORIZATION AND PURPOSE OF PROCESSING

AUTHORIZATION. For the Processing of Personal Data, KLIMB requires the prior and informed authorization of the Data Subject, and it must remain in a proof medium that may be subject to subsequent consultation. However, the law provides for some exceptions and, therefore, authorization from the Data Subject will not be necessary in cases such as:

  • Information required by a public or administrative entity in the exercise of its legal functions or by court order.

  • Data of a public nature.

  • Cases of medical or health emergency.

  • Processing of information authorized by law for historical, statistical, or scientific purposes.

  • Data related to the Civil Registry of Persons.

Nevertheless, in the event that KLIMB faces any of the above exceptions, it will record such circumstance and comply with the other provisions contained in the Applicable Laws.

PURPOSES OF PROCESSING. The purposes for the processing of the personal data collected by KLIMB The GENERAL PURPOSES OF PERSONAL DATA PROCESSING provided by the Data Subjects are the following:

  1. Create an account on the platform.

  1. Provide job alerts, information about events, promotions, advertising, news via email, postal mail, or any other suitable means.

  1. Offer relevant search results and job recommendations.

  1. Facilitate communication during the job search, application, interview, and hiring process.

  1. Allow, through configuration, for the user’s Resume to be available to third parties.

  1. Relate the user to different job offers.

  1. Enable payments for those services that require them.

  1. Carry out automated processing to provide services.

  1. Improve the quality standards of the Services offered by KLIMB, through the analysis of Personal Data carried out by the monitoring system.

  1. Share Personal Data with Third Parties located within or outside Colombian territory, for the offering and proper provision of contracted Services:

 

  1. Conduct behavioral studies on the preferences and interests of Data Subjects, in relation to the Services offered by KLIMB, to identify their needs.

  1. Measure satisfaction levels regarding the contracted Services.

  1. Any other lawful purpose related to contacting the user, selling services, and even transmitting or transferring data to third parties, whether natural or legal persons. 

  2. GUIDING PRINCIPLES OF PERSONAL DATA PROCESSING

These principles are developed by the Applicable Laws:

  • Principle of Legality: The Data Processing developed in this Policy is a regulated activity that must adhere to what is established herein and in the applicable legal provisions.

  • Principle of Purpose: The purpose pursued by Processing must be legitimate and in accordance with the Applicable Laws, as well as informed and authorized by the Data Subject.

  • Principle of Freedom: Processing can only be carried out with the prior, express, and informed consent of the Data Subject. Personal data may not be obtained or disclosed without prior authorization, unless there is a legal or judicial mandate releasing consent.

  • Principle of Accuracy or Quality: Information subject to Processing must be truthful, complete, accurate, up-to-date, verifiable, and understandable. The Processing of partial, incomplete, fragmented, or misleading data is prohibited.

  • Principle of Transparency: During Processing, the right of the Data Subject to obtain from the Controller or Processor, at any time and without restrictions, information regarding the existence of data concerning them must be guaranteed.

  • Principle of Necessity and Proportionality: Personal Data registered in a Database must be adequate, relevant, and consistent with the Purposes of Processing.

  • Principle of Temporality: The retention period of Personal Data will be the time necessary to fulfill the Purpose for which it was collected.

  • Principle of Restricted Access and Circulation: Processing is subject to the limits derived from the nature of Personal Data and the provisions of the Applicable Laws. In this regard, Processing may only be carried out by persons authorized by the Data Subject and/or those provided for in the Applicable Laws. Personal Data, except for Public Data, may not be available on the Internet or other mass media unless access is technically controlled to provide restricted knowledge only to Data Subjects or Third Parties authorized for Processing.

  • Principle of Security: Information subject to Processing by the Controller or Processor must be managed with the necessary technical, human, and administrative measures to ensure security and prevent its alteration, loss, consultation, unauthorized or fraudulent use, or access.

  • Principle of Confidentiality: All individuals involved in the Processing of Personal Data that is not of a Public nature are required to maintain confidentiality of the information, even after their relationship with any of the tasks involving Processing has ended, and may only disclose or communicate Personal Data when it corresponds to the development of the activities authorized in this Policy.

  1. RIGHTS AND DUTIES OF DATA SUBJECTS

RIGHTS. The following shall be the rights of individuals regarding the processing of their personal data: 

  1. Know, update, and rectify their Personal Data before the Controllers or Processors. 

  2. Know and access the Processing of their Personal Data.

  3. Reject or deny the Processing of their Personal Data.

  4. Revoke authorization and/or request deletion of the data when the Data Subject so expresses.

  5. File complaints before the Superintendence of Industry and Commerce for breach of this Policy or the Applicable Laws.

  6. Request proof of the authorization granted to the Controller, except when authorization is not required for Processing under the Applicable Laws.

DUTIES. The following shall be the duties of individuals in the processing of personal data:

  1. Update the Personal Data provided so that KLIMB can ensure its proper Processing.

  2. The Personal Data provided by the Data Subject must comply with the Principle of accuracy and quality previously mentioned.

  3. In compliance with the mentioned legal provisions, not disclose information about minors.

  4. VALIDITY OF THE PROCESSING POLICY

This Policy was published on September third (3), two thousand twenty-one (2021). KLIMB informed the affected departments about the content of the Policy prior to its publication. 

Whatsapp