Phone: (+57) 322 761 6998

cramirez@frutygreen.com

Facebook instagram Linkedin

Personal Data Processing Policy

Table of Contents

OBJECTIVE OF THE TREATMENT POLICY

FRUTY GREEN PACKING SAS, (hereinafter “FRUITY GREEN PACKING"), taking into account its status as responsible for the processing of personal data, committed to the security of the personal information of its users, clients, suppliers, shareholders, employees and the general public, and with the aim of strictly complying with the current regulations on the protection of Personal Data, especially as established in Law 1581 of 2012¹, Decree 1377 of 2013, Circular No 002 of November 3, 2015 of the SIC, article 15 of the Political Constitution of Colombia, and the other provisions that modify, add or complement them, it is allowed to present the Treatment Policies regarding protection of Personal Data (hereinafter the “Policy”).

In this Policy, FRUITY GREEN PACKING details the general corporate guidelines that are taken into account for the purposes of protecting the Personal Data of the Owners, such as the purpose of collecting the information, rights of the Owners, area responsible for addressing complaints and claims, as well as the procedures that They must be exhausted to know, update, rectify and delete the information. 

———————-

¹ Law 1581 of 2012 aims to: “[…] develop the constitutional right that all people have to know, update and rectify the information that has been collected about them in databases or files, and the other rights, freedoms and constitutional guarantees referred to in article 15 of the Political Constitution […].


The Policy will apply to all Treatment carried out by FRUITY GREEN PACKING, its employees, representatives, agents, clients and contractors and, where applicable, by those third parties with whom all or part of the performance of any activity related to, or related to the Processing of Personal Data in the territory of the Republic of Colombia.

The Policy is directed to all Owners whose Personal Data is subjected to Processing as a consequence or on the occasion of the relationship they have with the company, whether said Processing is carried out by the company or by third parties who do so on request.

FRUTY GREEN PACKING, in compliance with the Constitutional Right to Habeas Data², only collects Personal Data, when it has been previously authorized by its Owner, implementing for this purpose, clear measures on confidentiality and privacy of Personal Data, which prevent adulteration, loss, consultation, unauthorized or fraudulent use or access to the data. Personal information. 


————

² Article 15 of the Political Constitution

DEFINITIONS FOR PURPOSES OF THE TREATMENT POLICY

The terms defined below will have the meaning indicated below. If there is any difference between the terms defined here and those established in Law 1581 of 2012, those will be preferred.


  1. Personal Data: Any information linked or that can be associated with one or more specific or determinable natural persons.
  2. Public Data: It is the data that is not semi-private, private or sensitive. Public data are considered, among others, data relating to the marital status of people, their profession or trade, and their status as a merchant or public servant. Due to its nature, public data may be contained, among others, in public records, public documents, official gazettes or bulletins, and court rulings.
  3. Sensitive Data: Those that affect the privacy of the Owner or whose improper use may generate discrimination. 
  4. Data Processor: It is the natural or legal person, public or private, who, by themselves or in association with others, carries out the Processing of Personal Data on behalf of the Data Controller.
  5. Responsible for Treatment: Natural or legal person, public or private, who alone or in association with others, decides on the database and/or the Processing of the data. For the specific case, it will be FRUITY GREEN PACKING.
  6. Treatment Policies regarding the protection of Personal Data: Refers to this document.
  7. Headline: Natural or legal person whose Personal Data is the subject of Processing.
  9. Transfer: The Transfer of data takes place when the Controller and/or Processor of Personal Data, located in Colombia, sends the Personal Data information to a recipient, who in turn is responsible for the Treatment and is located inside or outside the country.
  10. Transmission: Processing of Personal Data that involves the communication of the same to a third party within or outside the territory of the Republic of Colombia, when said communication has the purpose of carrying out a Processing by the Processor in the name and on behalf of the Controller, to comply with the purposes of the latter.
  11. Treatment: Any operation or set of operations on personal data, such as collection, storage, use, circulation or deletion.

PRINCIPLES FOR THE PROCESSING OF PERSONAL DATA

In accordance with Article 4 of Law 1581 of 2013, the principles that govern the Processing of Personal Data are: 

  1. Principle of legality in matters of data processing: The Treatment referred to in Law 1581 is a regulated activity that must be subject to what is established in it and in the other provisions that develop it.
  2. Purpose principle: The Treatment must obey a legitimate purpose in accordance with the Constitution and the Law, which must be informed to the Owner. 
  3. Principle of freedom: Treatment can only be carried out with the prior, express and informed consent of the Owner. Personal data may not be obtained or disclosed without prior authorization, or in the absence of a legal or judicial mandate that requires consent.
  4. Principle of truth or quality: The information subject to Treatment must be true, complete, accurate, updated, verifiable and understandable. The Processing of partial, incomplete, fragmented or misleading data is prohibited.
  5. Transparency principle: In the Treatment, the right of the Owner to obtain from the Controller or Processor, at any time and without restrictions, information about the existence of data that concerns him or her must be guaranteed.
  6. Principle of restricted access and circulation: The Treatment is subject to the limits derived from the nature of the personal data. In this sense, the Treatment may only be carried out by persons authorized by the Owner and/or by the persons provided for in this law.
  7. Safety principle: The information subject to Treatment by the Data Controller or Data Processor referred to in this law must be handled with the technical, human and administrative measures that are necessary to provide security to the records, avoiding their adulteration, loss, consultation, unauthorized or fraudulent use or access.
  8. Confidentiality principle: All persons involved in the Processing of personal data that are not public in nature are obliged to guarantee the confidentiality of the information, even after their relationship with any of the tasks included in the Processing has ended, and may only supply or communicate of personal data when this corresponds to the development of the activities authorized in this law and in the terms of the same.

AUTHORIZATION

The collection, storage, use, circulation or deletion of personal data by FRUITY GREEN PACKING requires the free, prior, express and informed consent of the Owner thereof. 

FRUITY GREEN PACKING, at the time of collecting Personal Data, will request authorization from the Owners, informed about the specific purposes of the Treatment for which said consent is obtained. 

FRUITY GREEN PACKING does not usually collect Personal Data from minors under 18 years of age. However, if required, the consent of parents, guardians or legal representatives will be requested before carrying out the Treatment. For the Processing of this Personal Data, the company will ensure that it responds to and respects the best interests of the minor under 18 years of age, (ii) will ensure respect for their fundamental rights and, (iii) will listen to the minor to assess their opinion in accordance with the maturity, autonomy and ability to understand the matter.

In the case of sensitive Personal Data, the Owner will be informed that said data corresponds to the category of “Sensitive Data”, which means that he or she is not obliged to authorize its Treatment. In any case, the company will expressly inform you of the purposes for which it requests Sensitive Data and will strictly observe the legal limitations on the Processing of Sensitive Data. 

FRUITY GREEN PACKING will subject Sensitive Data to Processing only when the Owner has granted authorization, except in cases where the law does not require such authorization. In any case, the company will not, in any case, condition any activity on the delivery of Sensitive Data.

The authorization of the Owners may be expressed by any of the following means: (i) in writing, (ii) orally or (iii) through unequivocal conduct that allows a reasonable conclusion that the authorization was granted. 

Thus, the authorization may consist of a physical document, electronic document, data message, Internet, Websites, or in any other format that guarantees its subsequent consultation, or through an appropriate technical or technological mechanism, which allows manifesting or obtaining the consent via click or double click, through which it can be concluded unequivocally that if the Owner had not acted, the data would never have been captured and stored in the Database. The authorization will be generated by FRUITY GREEN PACKING and will be made available to the Owner in advance and prior to the Processing of their Personal Data. 

FRUITY GREEN PACKING will retain proof of said authorizations in an appropriate manner, respecting the principles of confidentiality and privacy of information. 

In accordance with the provisions of article 10 of Law 1581 of 2012, this authorization will not be necessary when the information refers to: (i) Information required by a public or administrative entity in the exercise of its legal functions or by court order; (ii) Public Data; (iii) Cases of medical or health emergency; (iv) Processing of information authorized by law for historical, statistical or scientific purposes; and (v) Data related to the Civil Registry of Persons.


PURPOSES OF TREATMENT

FRUITY GREEN PACKING, in the development of its corporate purpose and its relationships with third parties, understood as clients, employees, suppliers, creditors, shareholders, visitors, others; constantly collects data to carry out various purposes and uses within which the following can be framed and by accepting this policy you expressly authorize: 

  1. Carrying out operations related to avocado packaging, as well as national and international marketing.
  2. The exploitation, promotion and marketing of Colombian agricultural products in foreign markets.
  3. Prepare market studies that allow establishing consumer preferences or market surveys to verify prices for a specific product or service required by FRUTY GREEN PACKING. 
  4. Celebrate commercial agreements, events or institutional programs directly or in association with third parties.
  5. For interaction with its suppliers, for verification of compliance with distribution standards, its legal obligations with its workers and for invitations to events organized or sponsored by FRUITY GREEN PACKING, among others.
  6. Data verification through consultation of public databases or risk centers.
  7. Georeferencing activities and statistical studies.
  8. To send information of interest, advertising material and offers.
  9. For the recognition, protection and exercise of the rights of shareholders of FRUITY GREEN PACKING.
  10. To verify your creditors' balances. 
  11. Comply with legal information obligations to administrative entities, as well as to the competent authorities that require it. 
  12. Share with third parties who collaborate with FRUITY GREEN PACKING and that, to fulfill their functions, they must access information to some extent, such as messaging service providers, advertising agencies and collection houses.
  13. Carry out the consultation and report of obligations to the credit risk centers.
  14. Ensure the safety and proper functioning of the physical spaces in which FRUITY GREEN PACKING It mainly carries out its commercial activity.
  15. Execute the contracts you have signed FRUTY GREEN PACKING.
  16. Support audit processes FRUTY GREEN PACKING.
  17. Invite calls, talks, conferences and advice on topics related to exploitation, promotion and marketing activities of agricultural products.
  18. Registration and control of the relationship of current and potential clients, suppliers, employees, third parties and in general for those people who have a commercial or contractual relationship with the Company.
  19. Control for the prevention of fraud, money laundering and terrorist financing. 
  20. Circulation of information within the company. 
  21. Validation of information in order to comply with the regulation of Money Laundering and Financing of Terrorism by FRUITY GREEN PACKING or with third parties hired for this purpose, including consultation on binding lists, judicial processes, etc.
  22. Any other purpose may result in the development of contracts or commercial relationships that may be established between FRUITY GREEN PACKING and the owners of the information.  


The information provided by the Owner will only be used for the purposes indicated here and once the need for the Processing of Personal Data ceases, they may be deleted from the databases of FRUITY GREEN PACKING or archived in secure terms for the purpose of only being disclosed when required by law. 

FRUITY GREEN PACKING, within its corporate purpose and with the purpose of developing the aforementioned activities, collects information from its Owners regarding their Personal Data, such as: names and surnames, address, date of birth, telephone number, identification document, email , employment data, family data, academic training data, among others. Nevertheless, FRUITY GREEN PACKING may request the Personal Data that it considers necessary for its operation, which will be duly informed by FRUITY GREEN PACKING at the latest at the time of collection. All Personal Data collected may be stored and hosted in Colombia and/or abroad.

PROCEDURES FOR THE PROCESSING OF PERSONAL DATA

The Personal Data that is included in the Database of FRUITY GREEN PACKING come from the information collected in the exercise of the activities carried out due to its corporate purpose, commercial, contractual, labor or any other type of ties with its users, clients, suppliers, shareholders, employees and/or the general public.

The website of FRUITY GREEN PACKING, the telephone service line, and commercial and employment contracts, among others, are the means through which FRUITY GREEN PACKING obtains the Personal Data referred to in this Policy.

Personal Data collected by FRUITY GREEN PACKING They will be treated in accordance with the provisions of Law 1581 of 2012, in accordance with the authorizations given by the Owners of the information, and exclusively for the purposes authorized and provided for in this Policy.

Procedure to know the information:

In order to protect and maintain the confidentiality of the Personal Data of the Owners, FRUITY GREEN PACKING determines that the procedure to know the information it has about the Owner in its databases, which is as follows: 

Who wants to know the information that FRUITY GREEN PACKING stored in its databases, you must send a communication to the email lineaetica@frutygreen.com or to the address Kilometer 16 Vía Anserma – Riosucio, in which you express your intention to know the information about the Owner found in the databases. of FRUITY GREEN PACKING, and in which you provide an address or email in which a response can be given. 

This communication must be signed by (i) the Owner, who must sufficiently prove his or her identity; (ii) the successors in title of the Owner, who must prove such quality; (iii) the representative and/or attorney-in-fact of the Owner, prior accreditation of the representation or power of attorney; or (iv) by stipulation in favor of or for another (hereinafter and collectively the “Interested Parties”).

The Responsible Area will respond to the Owner or the interested party within a maximum period of ten (10) business days from the date of receipt of the communication, to the email or physical address specified in the request. When it is not possible to respond to the query within said period, the interested party will be informed, expressing the reasons for the delay and indicating the date on which the query will be answered, in which case the response time will be extended by five additional business days. 

The consultation of the information by the Owner or interested party will be free of charge, as long as it is (i) at least once every calendar month, or (ii) it is carried out due to a substantial modification of this information Treatment policy. . 

In the event that the consultation is made more frequently than established, FRUITY GREEN PACKING may charge the Owner the costs of shipping, reproduction and, where applicable, certification of documents incurred for this purpose.  

Procedure to update, rectify or delete information:

The Owners of the Personal Data or their successors may, at any time, request FRUITY GREEN PACKING the updating, rectification or deletion of your data and/or revoking the authorization of the treatment by FRUITY GREEN PACKING of the same, by submitting a claim to the following email lineaetica@frutygreen.com or to the address Kilometer 16 Vía Anserma – Riosucio, in which the facts that give rise to the claim, the physical address or email in which the claim is made are indicated. that a response must be given, and the documents that you want to assert. 

If the claim is incomplete, the applicant will be required within five (5) days of receipt of the claim to correct the deficiencies. After two (2) months from the date of the request, without the applicant presenting the required information, it will be understood that the claim has been abandoned.

In the event that the person receiving the claim is not competent to resolve it, he or she will forward it to the appropriate person within a maximum period of two (2) business days and will inform the applicant of the situation.

Once the complete claim is received, a legend that says "claim in process" and the reason for it will be included in the database, within a period of no more than two (2) business days. Said legend must be maintained until the claim is decided.

The maximum term to address the claim will be fifteen (15) business days counted from the day following the date of receipt. When it is not possible to address the claim within said term, the applicant will be informed of the reasons for the delay and the date on which their claim will be addressed, which in no case may exceed eight (8) business days following the expiration of the first term.

It is essential to note that the request for deletion of information and revocation of authorization will not proceed when the Owner has a legal or contractual duty with FRUTY GREEN PACKING.


INFORMATION AND MECHANISMS AVAILABLE BY FRUTY GREEN PACKING AS THE CONTROLLER

Business name

Fruity Green Packing SAS

NIT

901.324.644-2

Home

Guatica

Address

Kilometer 16 Via Anserma – Riosucio

Telephone

3222471

Email

lineaetica@frutygreen.com

Web page

www.fruitygreen.com

Guarantee: 

FRUITY GREEN PACKING, as Responsible for the Processing of personal data, makes the following guarantees:

1. That the storage of the information subject to processing has the optimal systems at a technological level, technical and human measures suitable to ensure its unalterability, loss or improper use by third parties.

2. That through a virtual security system, FRUITY GREEN PACKING guarantees the conservation of information.

3. That the Owner of the information may request at any time the deletion of the data or revocation of the authorization, provided that there is no legal or contractual obligation to maintain it.


AREA RESPONSIBLE FOR THE PROCESSING OF PERSONAL DATA

The Human Management Area will be the area in charge of receiving requests, complaints or claims from the Holders of Personal Data. This area will be in charge of carrying out the necessary internal management in order to guarantee a clear, efficient and timely response to the Data Owner or other interested parties.

At any time, the Owner or interested parties can contact this area to exercise their rights to know, update, rectify and delete the data and revoke the authorization.

RIGHTS OF THE OWNER OF PERSONAL DATA

In accordance with art. 8 of Law 1581 of 2012, the Owner of the Personal Data will have the following rights:

  1. Know, update and rectify your personal data in front of the Data Controllers or Data Processors. This right may be exercised, among others, against partial, inaccurate, incomplete, fragmented, misleading data, or those whose Processing is expressly prohibited or has not been authorized;
  2. Request proof of the authorization granted to the Data Controller except when it is expressly excepted as a requirement for the Treatment, in accordance with the provisions of article 10 of this law;
  3. Be informed by the Data Controller or Data Processor, upon request, regarding the use that has been given to your personal data;
  4. Submit complaints to the Superintendency of Industry and Commerce for violations of the provisions of this law and other regulations that modify, add or complement it;
  5. Revoke the authorization and/or request the deletion of the data when the processing does not respect constitutional and legal principles, rights and guarantees. The revocation and/or deletion will proceed when the Superintendence of Industry and Commerce has determined that in the Treatment the Controller or Processor has engaged in conduct contrary to this law and the Constitution;
  6. Free access to your personal data that has been processed.

In accordance with Article 20 of Decree 1377 of 2013, the exercises of the aforementioned Rights may be exercised by:

  1. By the Owner, who must sufficiently prove his/her identity by the different means made available by the person responsible.
  2. By their successors, who must prove such quality.
  3. By the representative and/or attorney-in-fact of the Owner, prior accreditation of the representation or power of attorney.
  4. By stipulation in favor of another or for another.

 

The rights of children or adolescents will be exercised by the people who are empowered to represent them.


DUTIES OF THE DATA CONTROLLER

In accordance with art. 17 of Law 1581 of 2012, the Data Controller will have the following duties: 

  1. Guarantee to the Holder, at all times, the full and effective exercise of the right of habeas data.
  2. Request and keep, under the conditions provided for in this law, a copy of the respective authorization granted by the Owner.
  3. Duly inform the Owner about the purpose of the collection and the rights granted to him by virtue of the authorization granted.
  4. Maintain the information under the security conditions necessary to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access.
  5. Guarantee that the information provided to the Data Processor is true, complete, accurate, updated, verifiable and understandable.
  6. Update the information, communicating in a timely manner to the Data Processor, all the news regarding the data that you have previously provided and adopt the other necessary measures so that the information provided to it remains updated.
  7. Rectify the information when it is incorrect and communicate the pertinent information to the Data Processor.
  8. Provide the Data Processor, as the case may be, only data whose Processing is previously authorized in accordance with the provisions of this law.
  9. Demand that the Data Processor at all times respect the security and privacy conditions of the Owner's information. 
  10. Process queries and claims formulated in the terms indicated in this law. 
  11. Adopt an internal manual of policies and procedures to guarantee adequate compliance with this law and, especially, to respond to queries and complaints.
  12. Inform the Data Processor when certain information is under discussion by the Owner, once the claim has been submitted and the respective process has not been completed.
  13. Inform at the request of the Owner about the use given to their data.
  14. Inform the data protection authority when violations of security codes occur and there are risks in the administration of the Owners' information.
  15. Comply with the instructions and requirements issued by the Superintendency of Industry and Commerce.

VALIDITY OF THE POLICY

This Personal Data Processing Policy of the Corporation FRUITY GREEN PACKING, is in force as of its publication, carried out on February 8, 2024.

The Personal Data subject to Treatment will remain in the company's Databases, based on the criteria of temporality for the contractual term of the product or service, in accordance with the purposes mentioned in this Policy. 

The company may modify this Policy when it considers it necessary without notifying the Owner of Personal Data, as long as the modifications are not substantial. A substantial modification for the purposes of this Policy will be understood to be a change in relation to the purposes of the Treatment and/or the contact information of the Data Controller.

FRUTY GREEN PACKING SAS


Facebook instagram Linkedin

SEO and SEM Agency  ClassroomDig

Personal Data Processing Policy