PRIVACY POLICY AND DATA PROCESSING PERSONAL CHEF BURGER COMPANY S.A.S.

Business name CHEF BURGER COMPANY S.A.S.
Nit No. 900449935-4
Address Carrera 43 No. 25ª – 127 Medellín
Phone (034) 4482378
Email [email protected]
Web site https://chefburger.com.co

TITLE ONE CHAPTER I
PRESENTATION - LEGAL FRAMEWORK AND SCOPE

Article 1. With the aim of complying with current legislation on data protection, especially Law 1581 of 2012 (and other regulations that modify, add, complement or develop it) and Decree 1377 of 2013, below the company allows you to be made aware of the relevant aspects in relation to the collection, use and transfer that CHEF BURGER COMPANY S.A.S. makes your personal data, by virtue of the authorization granted by you to advance said treatment.

In accordance with the provisions of our Political Constitution in its article 15 and the applicable legislation (Law 1266 of 2008, Law 1581 of 2012, Decree 1377 of 2013 and all those regulations that regulate, add, repeal or modify), the company
A strong and clear privacy and personal data protection policy has been proposed, this is how we do not obtain personal information from third parties that have a commercial or legal relationship with CHEF BURGER COMPANY S.A.S., including Clients, Employees or Suppliers, unless they allow themselves to voluntarily supply through their prior, express and qualified consent each and every one of the data exposed to the company.

On the other hand, it is reiterated that this Privacy and Personal Data Treatment policy is prepared in accordance with the provisions of the Political Constitution, Law 1581 of 2012, Regulatory Decree 1377 of 2013 and other complementary provisions; and that it will be applied to all Databases and/or Files that contain Personal Data and that are subject to Treatment by CHEF BURGER COMPANY S.A.S., that is, it will be applied in the exercise of actions of collection, storage, use, circulation, deletion and all other activities that constitute personal data processing.

CHAPTER II PRINCIPLES APPLICABLE TO THE PROCESSING OF PERSONAL DATA

Article 2. The processing of personal data in CHEF BURGER COMPANY S.A.S. will
be governed by the following principles:

  • Principle of purpose: The Treatment of the personal data collected must obey a legitimate purpose, which must be informed to the Owner, preserving the postulates indicated in the constitution and the law.
  • Principle of freedom: Treatment can only be carried out with the prior, express and informed consent of the Holder. Personal data may not be obtained or disclosed without prior authorization, or in the absence of a legal or judicial mandate that relieves consent;
  • Principle of veracity or quality: The information subject to Treatment must be true, complete, exact, updated, verifiable and understandable. No action will be carried out that involves the exercise of partial, incomplete, fractional or misleading data processing;
  • Principle of transparency: In the Treatment, the right of the Holder to obtain from CHEF BURGER COMPANY S.A.S. or of the Treatment Manager designated by the company, at any time and without restrictions, information about the existence of data that concerns him;
  • Principle of access and restricted circulation: The Treatment is subject to the limits that derive from the nature of the personal data, the provisions of this law and the Constitution. Personal data, except for public information, and the provisions of the authorization granted by the data owner, may not be
    available on the Internet or other means of dissemination or mass communication, unless access is technically controllable to provide restricted knowledge only to the Holders or authorized third parties in accordance with the provisions contained in the applicable legal framework;
  • Security principle: The information subject to Treatment by CHEF BURGER COMPANY S.A.S. it must be protected through the use of technical, human, and administrative measures that are necessary to provide security to the records, avoiding their adulteration, loss, consultation, use, or unauthorized or fraudulent access;
  • Principle of confidentiality: All persons involved in the Processing of personal data are obliged to guarantee the confidentiality of the information, even after the end of their relationship with any of the tasks included in the Treatment.

SINGLE PARAGRAPH: In accordance with the provision contained in article 6 of Law 1581 of 2012, the processing of sensitive data is prohibited, therefore, the Owner may refuse to authorize its Treatment, and it will only be allowed in the application of the exceptions raised by the same standard and developed by the treatment policies presented here.

CHAPTER III DEFINITIONS

Article 3. For the purposes of executing this policy and in accordance with legal regulations, the following definitions will apply:

  • Authorization: Prior, express and informed consent of the Owner to carry out the Processing of personal data
  • Privacy Notice: Physical, electronic document or in any other format generated by the Responsible that is made available to the Owner for the processing of their personal data. En el Aviso de Privacidad se comunica al Titular la información relativa a la existencia de las políticas de tratamiento de información que le serán aplicables, la forma de acceder a las mismas y la finalidad del tratamiento que se pretende dar a los datos personales;
  • Database: Organized set of personal data that is subject to Treatment;
  • Personal data: Any information linked or that can be associated with one or several determined or determinable natural persons;
  • Public data: It is the data classified as such according to the mandates of the law or the Political Constitution and that which is not semi-private, private or sensitive. The data relating to the marital status of people, their profession or trade, their quality as a merchant or public servant and those that can be obtained without any reservation are public, among others. Due to its nature, public data may be contained, among others, in public records, public documents, gazettes and official bulletins;
  • Private data: It is the data that, due to its intimate or reserved nature, is only relevant to the owner;
  • Semi-private Data: It is the data that is not of an intimate, reserved, or public nature and whose knowledge or disclosure may be of interest not only to its owner but to a certain sector or group of people or to society in general.
  • Sensitive data: Sensitive data is understood to be those that affect the Owner’s privacy or whose improper use may generate discrimination, such as those that reveal racial or ethnic origin, political orientation,
    religious or philosophical convictions, membership in trade unions, social organizations, human rights or that promote the interests of any political party or that guarantee the rights and guarantees of opposition political parties, as well as data related to health, sexual life and biometric data;
  • Treatment Manager: Natural or legal person, public or private, that by itself or in association with others, performs the Processing of personal data on behalf of the Treatment Manager;
  • Responsible for the Treatment: Natural or legal person, public or private, that by itself or in association with others, decides on the database and/or the Treatment of the data;
  • Owner: Natural person whose personal data is subject to Treatment;
  • Treatment: Any operation or set of operations on personal data, such as the collection, storage, use, circulation or deletion of the same.

CHAPTER IV
GENERAL AND SPECIAL DATA CATEGORIES

Article 4. CONTENT OF DATABASES. In the databases of CHEF BURGER COMPANY S.A.S. general information such as full name, number and type of identification, gender and contact information (email, physical address,
telephone and celphone). In addition to these, and depending on the nature of the database, CHEF BURGER COMPANY S.A.S. may have specific data required for the treatment to which the data will be submitted. The databases of employees and contractors include, in addition to information on employment and academic history, sensitive data required by the nature of the employment relationship (photograph, conformation of the family group, biometric data). Sensitive information may be stored in the databases with the prior authorization of its owner, in compliance with the provisions of articles 5 and 7 of Law 1581 of 2012.

Article 5. SENSITIVE DATA. CHEF BURGER COMPANY S.A.S. will restrict the processing of sensitive personal data to what is strictly essential, and will request prior and express consent from the owners, informing them of the exclusive purpose of their processing, except when:

  • The owner has given his explicit authorization to said treatment, except in cases where the granting of said authorization is not required by law.
  • The treatment is necessary to safeguard the vital interest of the owner and he is physically or legally incapacitated. In these events, the legal representatives must grant their authorization.
  • The treatment is carried out in the course of legitimate activities and with due guarantees by a foundation, NGO, association or any other non-profit organization, whose purpose is political, philosophical, religious or union, provided that they refer exclusively to its members or to people who maintain regular contact by reason of its purpose. In these events, the data may not be provided to third parties without the authorization of the owner.
  • The treatment refers to data that is necessary for the recognition, exercise or defense of a right in a judicial process.
  • The treatment has a historical, statistical or scientific purpose. In this event, the measures leading to the suppression of the identity of the holders must be adopted.

SINGLE PARAGRAPH: CHEF BURGER COMPANY S.A.S. meets the following
Obligations: a) inform the owner about which data subject to treatment are of
sensitive nature, the purpose of the treatment, and obtain the express consent of the
headline; b) inform the owner that because it is sensitive data, he is not obliged to
authorize its treatment, c) inform the holder explicitly and clearly the requirements
for the authorization of the collection of any sensitive data; d) not condition,
except legal mandate, no activity to which the owner provides personal data
sensitive.

Article 6. RIGHTS OF CHILDREN, GIRLS AND ADOLESCENTS: In harvesting, use
and treatment of personal data, respect for the rights will be ensured
prevalent among children and adolescents. Data processing is prohibited
personal data of children and adolescents, except for those data that are of an
public, and in this case the treatment must comply with the following parameters:

  • Respond to and respect the best interests of minors
  • Ensure respect for the fundamental rights of minors.
  • Respond to the opinions of children and adolescents when they have the
    maturity, autonomy and ability to understand the matter.

SINGLE PARAGRAPH: Once the above requirements have been met, the legal representative or guardian
of the boy, girl or adolescent will grant the respective authorization, estimating the
opinions of the minor based on the maturity, autonomy and capacity that he demonstrates to
understand the matter. The person in charge and manager involved in data processing
personnel must ensure their proper use.
The Political Constitution of Colombia provides in its articles 44 and 45 and in the code of the
childhood and adolescence, that the rights of minors must be interpreted and applied in a prevailing manner, therefore, they must be observed with special
careful.

SECOND TITLE

DUTIES, PRIVACY NOTICE, AND DIFFERENTIAL CRITERIA

CHAPTER I
DUTIES OF CHEF BURGER COMPANY S.A.S. AS RESPONSIBLE FOR THE TREATMENT

Those obliged to execute and materialize the provisions contained in this policy
should keep in mind that CHEF BURGER COMPANY S.A.S. is required to comply with
duties imposed in this regard by law. Consequently, it is necessary to comply with the
following obligations:

Article 7. Duties when acting as responsible:

  • Guarantee the owner, at all times, the exercise of the fundamental right to Habeas Data.
  • Request and keep, under the conditions provided in this policy, a copy of the
    respective authorization granted by the owner
  • Clearly and sufficiently inform the owner about the purpose of the collection and
    the rights that assist you by virtue of the authorization granted
  • Inform at the request of the owner about the use given to his personal data
  • Process the queries and claims formulated in the terms indicated in the
    present policy
  • Ensure that the principles of veracity, quality, security and confidentiality in
    the terms established in the following policy
  • Keep the information under the security conditions necessary to prevent
    its adulteration, loss, consultation, use or unauthorized or fraudulent access.
  • Update the information when necessary.
  • Rectify personal data when it is incorrect and communicate what is pertinent to the
    treatment manager.
  • Demand from the person in charge of the treatment at all times, the guarantee and realization of
    the security and privacy conditions of the information processed by the owner.
  • Guarantee that the information provided to the person in charge of the treatment is truthful,
    complete, exact, up-to-date, verifiable and understandable.
  • Adopt an internal manual of policies and procedures to guarantee the
    adequate compliance with this policy, and especially for the reception of
    inquiries and claims.

Article 8. Duties when working as Personal Data Processor.
If you process data on behalf of another entity or organization
(Responsible for the treatment) must comply with the following duties:

a) Establish that
the Data Controller is authorized to provide the personal data
who will treat as Manager

b) Guarantee the owner, at all times, the full and effective
exercise of the right of habeas data.

c) Keep the information under the conditions
necessary security measures to prevent their adulteration, loss, consultation, use or access
unauthorized or fraudulent.

d) Timely update, rectify or
data deletion.

e) Update the information reported by those Responsible for the
treatment within five (5) business days from receipt.

f) Process the queries and claims made by the owners in the terms
indicated in this policy.

g) Register in the database the legend “claim
pending” in the manner established in this policy.

h) Insert into the base
of data the legend “information in judicial discussion” once notified by
the competent authority on judicial processes related to the quality of the personal
data.

i) Refrain from circulating information that is being controversial by the
owner and whose blocking has been ordered by the Superintendence of Industry and
Trade.

j) Allow access to information only to authorized persons
by the owner or empowered by law for that purpose.

k) Inform the Superintendency
of Industry and Commerce when there are violations of security codes and
there are risks in the administration of the information of the holders.

l) Comply with the
instructions and requirements issued by the Superintendence of Industry and
Trade.

Article 9. Duties when carrying out the treatment through a Manager:

a) Provide the person in charge of the treatment only the personal data whose
treatment is previously authorized. For purposes of national transmission or
international data, a data transmission contract must be signed
personal information or agree to contractual clauses as established in article 25 of the
decree 1377 of 2013.

b) Guarantee that the information provided to the Processor
of the treatment is true, complete, exact, updated, verifiable and understandable.

c) Communicate in a timely manner to the person in charge of the treatment all the news
regarding the data that you have previously provided and adopt the other
necessary measures so that the information provided to it is maintained
updated.

d) Inform in a timely manner to the person in charge of the treatment the
rectifications made on the personal data so that it proceeds to carry out the
relevant settings.

e) Demand from the person in charge of the treatment, at all times, the respect
to the security and privacy conditions of the owner’s information.

f) Inform the
Person in charge of the treatment when certain information is under discussion
by the holder, once the claim has been submitted and the
respective procedure.

Article 10. Duties regarding the Superintendence of Industry and Commerce:

a) Inform you of possible violations of security codes and the existence of
risks in the administration of the information of the holders.

b) Comply with the
instructions and requirements issued by the Superintendence of Industry and
Trade.

CHAPTER II PRIVACY NOTICE

Article 11. It is the physical document, electronic or in any other format known or
to be known, which is made available to the Owner for the processing of their data
personal. Through the privacy notice, the Owner of the
next information:

  • The identity, address and contact details of the data controller.
  • The type of treatment to which the data will be submitted and the purpose thereof.
  • The rights of the owner.
  • The general mechanisms arranged by the person in charge so that the owner knows
    the information treatment policy and the substantial changes that are
    produce in it. In all cases, you must inform the holder how to access or
    Consult the information treatment policy.
  • The optional nature of the response regarding questions about sensitive data.

TITLE III

APPLICABLE PROVISIONS FOR THE PROCESSING OF PERSONAL DATA

CHAPTER I
PURPOSE FOR THE EXERCISE OF THE PROCESSING OF PERSONAL DATA.

Article 12. The Personal Data managed by CHEF BURGER COMPANY S.A.S.
will maintain the treatment according to the following purposes, according to each interest group:

1. CUSTOMERS
  • Address questions, complaints and claims submitted by customers, according to the commercial relationship between the parties (products and services).
  • Send to physical mail, email, cell phone or mobile device, via text messages (SMS and/or MMS) or through any other analog and/or digital means of communication created or to be created, commercial, advertising or promotional information about the products and/or services, events and/or promotions of a commercial nature or not, with the purpose of in order to promote, invite, direct, execute, inform and in general, carry out campaigns, promotions or contests of a commercial or advertising nature, advanced by the company.
  • Conduct internal research on consumer habits.
  • Send customers information related to offers, new products or changes in the existing ones.
  • Send information about the treatment that is exercised on personal data supplied by customers.
  • Prepare sales invoices that will serve as accounting, fiscal and administrative support.
EMPLOYEES
  • Maintain in the company in a physical medium the pertinent information provided by the
    people who have aspired or aspire to work at CHEF BURGER COMPANY S.A.S.
  • Corroborate the information provided by the owners that allows materializing
    selection, evaluation, and employment processes.
  • Make the declaration and payment of contributions to social security of the related holders
    work with the company.
  • Make the payment of contractual obligations contracted by virtue of the relationship
    such as wages, social benefits, overtime, etc.
  • Manage, compile and update information related to personal data of
    employees contained in company databases; which allows to determine
    job profiles, positions, promotions, affiliations in the Security System
    Social, etc;
  • Learn how to make homemade arepas to your measure, thin to toast, thick to fill, large or small to pamper the whole family.

    Ingredients :
    – 3 tablespoons Arepa cornmeal (for each arepa to prepare of normal size)
    – 3 tablespoons of water.
    – Salt to taste.
    – Butter to taste.

    Preparation:
    – Mix the flour with the salt in a container and add the water until a firm texture is obtained. We proceed to form balls of dough and flatten them with the help of a cutting board, we continue taking them to a hot frying pan, where we will wait for them to cook, this will depend on the thickness with which we have prepared them: the thinner they are, the less time they will take to be golden. and ready to accompany with butter, cheese or the filling of your choice.

  • Keep the information updated (personal data relevant to the relationship
    contractual) related to the people labor-related with the company.
    Develop, implement and execute plans for human talent, occupational health and
    safety at work, as well as social welfare within the company.
CONTRACTORS
  • Maintain an updated record of the different contracts for the provision of services or consultancy and/or advice provided by personnel external to CHEF BURGER COMPANY S.A.S.
  • Send information about the treatment that is exercised on personal data supplied by contractors.
  • List of payments and deductions derived from the contracts signed between the company and third party contractors.
  • Keep up-to-date the information on the payments and deductions derived from the contracts signed between the company and third-party contractors
  • Verify the information provided by the owners, with the aim of selecting the third party contractors with whom external services will be contracted.
  • Prepare the contracts for the provision of services that establish the conditions and the business relationship with contractors.
  • Evaluate the services provided, as well as verify compliance with the terms and conditions that have been agreed.
SUPPLIERS
  • Send information about the treatment that is exercised on personal data supplied by providers.
  • List of payments and deductions derived from invoices in favor of service providers the company.
  • Keep up-to-date the information on the payments and deductions derived from the payments made to suppliers.
  • Verify the information provided by the owners, with the aim of selecting the suppliers that best suit the execution of the company’s corporate purpose.
  • Evaluate products purchased from suppliers, as well as verify compliance in the terms and conditions that have been agreed.
  • Develop commercial and/or marketing strategies in communication with the providers.
SHAREHOLDERS AND/OR DIRECTORS
  • Maintain communication with shareholders and/or managers to allow socialization and decision making within the company;
  • Require, cite, request administrative, accounting, financial or management information from the shareholders and/or directors of the company,
  • Fully carry out the registration of shareholders and/or directors before the authorities authorities (Chambers of Commerce, etc.),
  • Keep updated and attentive to the current provisions on habeas data, all the information from the databases of shareholders and/or managers
  • Manage payment of utilities in accordance with the percentages established in the social clauses.
GENERAL PURPOSES
  • Document management processes and archiving, updating, protection and custody of the
    information that rests in the company;
  • Send information to public or judicial authorities at the express request of the
    same;
  • Manage the information necessary to carry out the tax obligations and
    commercial, corporate and accounting records of the company;
  • . Support internal and external audit processes;
  • Maintain an electronic record of the information of shareholders, suppliers,
    employees and others who are part of the accounting operations of CHEF BURGER
    COMPANY S.A.S.
  • Any other purpose that is essential or related to the development of the contract or
    of the relationship between the owner of the personal data and CHEF BURGER
    COMPANY S.A.S.

FIRST PARAGRAPH. Regarding the data a) taken from the documents that
provided by people to security personnel and b) obtained from video recordings
that are carried out inside or outside the facilities of CHEF BURGER COMPANY S.A.S.,
These will be used for purposes of safety of people, property and installations of
CHEF BURGER COMPANY S.A.S. and may be used as evidence in any type of
process.

If personal data is provided, such information will be used only for the
purposes indicated here, and therefore, the Personal Data processed by CHEF BURGER
COMPANY S.A.S. will be used according to the purposes described, and consequently
we will not proceed to transmit, license, disclose the personal information collected except
that: a) the owner expressly authorizes us to do so; b) it is necessary in order to comply with the
contractual obligations entered into with you; c) it is necessary to allow our
contractors or agents to provide the services that we have entrusted to them, d) is related
with a merger, consolidation, acquisition, divestiture or other restructuring process
of the company; e) is required or permitted by law.







SECOND PARAGRAPH. TEMPORARY LIMITATIONS ON DATA PROCESSING
PERSONAL. CHEF BURGER COMPANY S.A.S. You may only collect, store, use or
circulate personal data for as long as is reasonable and necessary, in accordance with
with the purposes that justified the treatment, taking into account the applicable provisions
to the matter in question and to the administrative, accounting, fiscal, legal and
information histories. Once the purpose or purposes of the treatment have been fulfilled and without
prejudice to legal regulations that provide otherwise, will proceed to the suppression of the
personal data in your possession. Notwithstanding the foregoing, personal data must be
retained when required for compliance
of a legal or contractual obligation

CHAPTER II

RIGHTS OF PERSONAL DATA HOLDERS OBJECT OF TREATMENT BY CHEF BURGER COMPANY

Article 13. The holders of personal data by themselves or through their representative and/or proxy or their successor in title may exercise the following rights, with respect to the personal data that are processed by CHEF BURGER COMPANY S.A.S.:

  • Right of access: By virtue of which you can access the personal data that is under the control of CHEF BURGER COMPANY S.A.S., for the purpose of consulting them free of charge at the time you request it, and whenever there are substantial modifications of the Treatment Policies and the owners must be notified of them;
  • Right to update, rectify and/or delete: By virtue of which you may request the update, rectification and/or deletion of the personal data subject to treatment, in such a way that the purposes of the treatment are satisfied; This right may be exercised, among others, against partial, inaccurate, incomplete, fractioned, misleading data, or those whose Treatment is expressly prohibited or has not been authorized;
  • Right to request proof of authorization: This right may be exercised, except when expressly excepted as a requirement for Treatment in response to the assumptions described in article 10 of law 1581 of 2012;
  • Right to be informed, upon request, regarding the use of personal data processed by CHEF BURGER COMPANY S.A.S.;
  • Right to file complaints with the Superintendency of Industry and Commerce for violations of the provisions of current regulations on the processing of personal data;
  • Right to revoke the authorization and/or request the deletion of the data when the Treatment does not respect the constitutional and legal principles, rights and guarantees.
  • Right to require compliance with the orders issued by the Superintendence of Industry and Commerce.

FIRST PARAGRAPH: For purposes of exercising the rights indicated with
previously, both the owner and the person representing him must demonstrate his
identity and, if applicable, the capacity by virtue of which it represents the owner.

SECOND PARAGRAPH: The rights of minors will be exercised through
of the persons empowered to represent them.

CHAPTER III AUTORIZACIÓN DEL TITULAR

Article 14. REQUEST FOR AUTHORIZATION TO THE HOLDER OF THE PERSONAL DATA: With
in advance and/or at the time of collecting personal data, CHEF BURGER
COMPANY S.A.S. will ask the owner of the data for their authorization to carry out their collection and
treatment, indicating the purpose for which the data is requested, using for those
effects automated technical means, written or oral, that allow proof to be preserved
of the authorization and/or of the unequivocal conduct described in article 7 of Decree 1377
of 2013. Said authorization will be requested for the time that is reasonable and necessary to
satisfy the needs that gave rise to the data request and, in any case, with
observance of the legal provisions that govern the matter.

Article 15. REVOCATION OF AUTHORIZATION. The owner of the personal data may
at all times request CHEF BURGER COMPANY S.A.S. the revocation of the
authorization granted, by filing a claim. The revocation does not
proceed when the Responsible is legally or contractually bound to the
conservation of said data, this exception will be effective during the periods
established in the law. If once the legal term to respond to the claim of the
owner, CHEF BURGER COMPANY S.A.S. has not carried out the deletion of the data subject to
treatment, the owner will have the right to request the Superintendence of Industry and
Business that orders the revocation of the authorization.

Article 16. CASES IN WHICH THE AUTHORIZATION IS NOT NECESSARY. The authorization of the
Holder will not be necessary when it comes to:
Information required by a public or administrative entity in the exercise of its
legal functions or by court order;

  • a. Data of a public nature;
  • b. Cases of medical or health urgency;
  • c. Treatment of information authorized by law for historical, statistical or
    scientists;
  • d. Data related to the Civil Registry of People.

SOLE PARAGRAPH: Whoever accesses personal data without authorization
must in any case comply with the provisions contained in the provisions
current laws.

CHAPTER IV

PROCEDURE FOR THE EXERCISE OF THE RIGHTS OF HOLDERS AND MEASURES OF SECURITY

Article 17. RESPONSIBLE AREA AND PROCEDURE FOR THE EXERCISE OF THE
RIGHTS OF THE HOLDERS OF PERSONAL DATA: THE OFFICER OF PROTECTION OF
DATOS o quien éste designe, será la responsable de atender las peticiones, quejas y
claims made by the owner of the data in exercise of the rights contemplated in the
Article 13 of this policy, except for the one described in its literal e).

  • Send your request, complaint or claim from Monday to Friday from 8:00 a.m. to 6:00 p.m. by mail
    e-mail [email protected]
  • Present it directly at Carrera 43 No.25a- 127 Loma San Julián, Barrio El Poblado –
    Medellín (Antioquia)
  • The request, complaint or claim must contain the identification of the Holder, the description of
    the facts that give rise to the claim, the address, and accompanying documents that are
    want to assert
  • If the claim is incomplete, the interested party will be required within five (5) days
    following receipt of the claim to correct the failures. After one (1) month
    from the date of the request, if the applicant does not submit the required information, the
    You will understand that you have withdrawn the claim.
  • Once the complete complaint is received, a comment will be included in the database that
    identify the data is in the claim process and the reason for it, in a
    term no longer than two (2) business days. Said comment must be kept until the
    claim has been resolved
  • The maximum term to address the claim will be fifteen (15) business days from
    from the date of receipt. When it is not possible to address the claim within said
    term, the interested party will be informed of the reasons for the delay and the date on which the
    your claim.

Article 18. SECURITY MEASURES: In development of the established security principle
in Law 1581 of 2012, CHEF BURGER COMPANY S.A.S. will adopt the technical measures,
human and administrative that are necessary to grant security to the records
avoiding its adulteration, loss, consultation, use or unauthorized or fraudulent access. He
personnel that carry out the processing of personal data will execute the protocols
established in order to guarantee the security of the information, together with the measures
exposed, it is noted that there will be inclusion in all media
contractual agreements of the company the corresponding clause of confidentiality and management of the
information.

SINGLE PARAGRAPH. CHEF BURGER COMPANY S.A.S. may subcontract to third parties for the
processing of certain functions or information. When actually
subcontracts to third parties the processing of personal information or is provided
personal information to third party service providers, CHEF BURGER COMPANY S.A.S.
advises such third parties of the need to protect such personal information with
appropriate security measures, the use of information for own purposes and
You are requested not to disclose personal information to others.

CHAPTER V

GENERAL INFORMATION ON TREATMENT AND POLICIES

Article 19. DATA COLLECTED BEFORE THE ISSUANCE OF DECREE 1377 OF
2013: In accordance with the provisions of numeral 3 of article 10 of Decree
Regulation 1377 of 2013 CHEF BURGER COMPANY S.A.S will proceed to publish a notice
on its official website www.chefburger.com.co addressed to the holders of personal data
For the purposes of publicizing this information treatment policy and the way
to exercise their rights as holders of personal data stored in the databases
of CHEF BURGER COMPANY S.A.S.

Article 20. MODIFICATION OF THE PROCESSING POLICIES. This policy can be
modified at any time, notifying the owners of the change and it will be made available to them.
available the latest version of this Policy or the mechanisms to obtain a copy of the
same.

Article 21. NATIONAL DATABASE REGISTRY. CHEF BURGER COMPANY S.A.S.,
reserves, in the events contemplated in the law and in its statutes and internal regulations,
the power to maintain and catalog certain information that rests in its databases or
data banks, as confidential in accordance with current regulations, their statutes and
regulations, all of the above and in line with the right to free enterprise and
free competition. CHEF BURGER COMPANY S.A.S., will proceed in accordance with the
regulations in force and the regulations issued for this purpose by the National Government, to
perform the registration of their databases, before the National Registry of Databases
(RNBD) that will be administered by the Superintendence of Industry and Commerce. The RNBD.,
It is the public directory of the databases subject to Treatment that operate in the country; and
that will be freely consultable for citizens, in accordance with the regulations that for such
effect is issued by the competent entity.

Article 22. VALIDITY OF THE DATABASES: The databases will be valid
equal to the period in which the purpose or purposes of the treatment is maintained on each basis
of data, or the period of validity indicated by a legal, contractual or jurisprudential cause
in a specific way.

Article 23. EFFECTIVE DATE OF THE POLICIES: This Policy of
Personal Data was created on October 22, 2016, and became effective as of the day
November 3, 2016, notwithstanding the modifications included in this version, have
entered into force on February 1, 2018. Any additional changes that are
present regarding this policy, will be informed with the respective publication in the
company website www.chefburger.com.co.

Cart
Checkout - $0
  • 0
  • 1