Supply Chain Management

2. OBJECTIVE:

In order to comply with current legislation on data protection, especially "Art. 66., of the Republic of Ecuador - It is recognized and guaranteed to the people: (...) 19.

The right to protection of personal data, which includes access to and decision on information and data of this nature, as well as its corresponding protection. The collection, filing, processing, distribution or dissemination of this data or information will require the authorization of the owner or the mandate of the law" and Law 1581 of 2012 and Decree 1377 of 2013 of the Republic of Colombia (And other regulations that the modify, add, complement or develop), below we inform you of the relevant aspects in relation to the collection, use and transfer of data that the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., makes of your personal data, by virtue of of the authorization that has been granted by you to carry out said treatment. In this personal data processing policy you will find the corporate and legal guidelines under which the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S. carries out the processing of your personal data, the purpose, your rights as the owner, as well as the internal and external procedures that exist for the exercise of such rights before the company, among others. Pursuant to the provisions of art. 15 of the Political Constitution of Colombia and the applicable legislation (Law 1266 of 2008, Law 1581 of 2012, Decree 1377 of 2013 and all those norms that regulate, add, repeal or modify them), in the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., we have a clear privacy and personal data protection policy: we obtain personal information from third parties that have a commercial or legal relationship with the company, including you, shareholders, customers, employees, suppliers, commercial agents and advisers of the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., unless they have not provided it voluntarily through their prior, express, informed and qualified consent.

3. LEGAL FRAMEWORK: 3.1. Constitution of the Republic of Ecuador, Organic Law of the National System of Public Data Registration of Ecuador and Organic Code of Social Economy of Knowledge, Creativity and Innovation of the Republic of Ecuador: "Art. 66.- People are recognized and guaranteed: (. . .) 19. The right to protection of personal data, which includes access to and decision on information and data of this nature, as well as its corresponding protection. The collection, filing, processing, distribution or dissemination of this data or information will require the authorization of the owner or the mandate of the law.
"Art. 92.- Every person, by their own rights or as a legitimate representative for that purpose, shall have the right to know of the existence and to access the documents, genetic data, banks or files of personal data and reports that about themselves, or about their goods, recorded in public or private entities, in material or electronic support. Likewise, you will have the right to know the use made of them, their purpose, the origin and destination of personal information and the validity period of the file or data bank.
The people responsible for banks or personal data files may disseminate the information filed with the authorization of its owner or the law.
The person who owns the data may request the person responsible for free access to the file, as well as updating the data, its rectification, elimination or cancellation. In the case of sensitive data, the filing of which must be authorized by law or by the owner, the adoption of the necessary security measures will be required. If your request is not met, it may go to the judge or judge. The person affected may sue for the damages caused. "Art. 4.- Responsibility for information.- Public and private sector institutions and natural persons who currently or in the future manage public data bases or registries, are responsible for the integrity, protection and control of the registries and databases. at your expense. Said institutions will be responsible for the veracity, authenticity, custody and due conservation of the records. The responsibility for the veracity and authenticity of the registered data is exclusive to the declarant when he or she provides all the information. The people affected by false or inaccurate information, disseminated or certified by registrars or registrars, will be entitled to the corresponding compensation, prior to the exercise of the respective legal action. The National Directorate of Public Data Registration will establish the cases in which a bond must be rendered.
"Art. 6.- Accessibility and confidentiality.- Personal data is confidential, such as: ideology, political or union affiliation, ethnicity, state of health, sexual orientation, religion, migratory status and others pertaining to personal privacy and especially that information whose public use violates the human rights enshrined in the Constitution and international instruments.
Access to these data will only be possible with the express authorization of the owner of the information, by mandate of the law or by court order.
The data whose confidentiality has been declared by the competent authority, those that are protected by banking or stock exchange secrecy, and those that could affect the internal or external security of the State are also confidential.
The authority or official that, due to the nature of their functions, guards personal data, must adopt the necessary security measures to protect and guarantee the confidentiality of the information that rests in their files.
To access information on the assets of individuals, the applicant must justify and justify their request, declare the use they will make of it and enter their basic identity data, such as: full names and surnames, identity document number or citizenship, home address and other data determined by the respective regulations. A use other than that declared will lead to the determination of responsibilities, without prejudice to the legal actions that the owner of the information may exercise. The Director or National Director of Public Data Registry, will define the other data that will integrate the national system and the type of reservation and accessibility. "Art. 141.- Use Personal or non-Personal Data in contents protected or not by Intellectual Property. – The personal or non-personal data that are part of the content protected or not by intellectual property available in databases or repositories and other forms of data storage belonging to natural or legal persons, whether under public or private law, may be used exclusively in the following cases:
a) In the case of information classified as accessible;
b) When they have the express authorization of the owner of the information;
e) When expressly authorized by law;
d) When they are authorized by court order or other order of competent authority for it; and,
e) When required by public law institutions for the exercise of their respective powers or the corporate purpose for which they have been constituted.
Personal or non-personal data may not be made available under the pretext of existing copyrights on the manner of disposition of the protected elements in the databases.
The information contained in the databases, repositories and other forms of storage of personal or non-personal data are of public interest; therefore, they must be used with equitable, proportional criteria and in their use and transfer the common good, the effective exercise of rights and the satisfaction of social needs must prevail.

«“Twenty-sixth General Provision: Public entities and private individuals or legal entities that have documents, genetic data, banks or files of personal data and reports on people or their assets under their possession, will make available to the public through a information portal or website The following information and resources:
a) The rights that assist you regarding the protection of your personal data, including the right to know the use made of said information, its purpose, origin and destination, and the validity period of the file or data bank ; and your rights to request the rectification, deletion or annulment of your personal data;
b) Details of the institutional policies and procedures for the protection of the privacy of personal data; and
e) Online processing service for queries and claims regarding personal data”.
“Twenty-seventh General Provision: Without prejudice to the exceptions provided by law, the processing of personal data that includes actions such as the collection, systematization and storage of personal data, will require the prior and informed authorization of the owner.
The owner's authorization will not be required when the treatment is carried out by a public institution and has a statistical or scientific purpose; protection of health or safety; that is, it is carried out as part of a public policy to guarantee constitutionally recognized rights. In this case, the measures leading to the suppression of the identity of the Holders must be adopted. The National Directorate of Public Data Registry in its acronym DINARDAP may request that the personal data banks held by a private legal entity be delivered to it in order to comply with this article.

3.2. Political Constitution of the Republic of Colombia, art. 15. Law 1266 of 2008 Law 1581 of 2012 Regulatory Decrees 1727 of 2009 and 2952 of 2010 and Partial Regulatory Decree No. 1377 of 2013. Rulings of the Constitutional Court C-1011 of 2008, and C-748 of 2011.

​

4. APPLICATION:

This personal data processing policy is addressed to shareholders, customers, employees, suppliers, commercial agents and advisors of the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., both active and inactive, whose personal data is included in the databases. Company data. The principles and provisions contained in this General Personal Data Treatment Policy will be applied to any personal database that is in the custody of the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., either in its capacity as manager and/or as treatment manager. All organizational processes of the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., which involve the processing of personal data, must be subject to the provisions of this policy. All employees of the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., must observe and respect these policies in the performance of their duties. In cases where there is no employment relationship, a contractual clause must be included so that those who work on behalf of the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., and these are obliged to comply with these policies.

​

5. TERMS OF USE AND CONDITIONS:

​

The use of this web page implies the express acceptance of these terms and conditions of use.
The company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., has and participates in different web platforms such as blogs, social or business networks, through which any personal data may be requested in order to manage the requirements for business or for a possible commercial approach for data validation, for which the information provided and collected will observe the parameters established in the present content expressed here.
The company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., is responsible for the processing of personal data that it collects directly through the different means, for which it disclaims any responsibility that may generate the user for any inappropriate or contrary use. For the purposes of electronic channels, it is also indicated that the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., will not be responsible for the veracity or accuracy of the information provided by third parties.
The user's obligations are: 5.1. Do not harm. Disable, modify or deteriorate the electronic channels to which you are having access, nor the contents incorporated and stored with them. 5.2. Do not use versions of modified systems in order to obtain unauthorized access to any electronic channel, content and/or service offered through them. 5.3. Not interfere or interrupt the access, functionality and use of electronic channels and networks connected to it.

​

6. DUTIES AND OBLIGATIONS: When the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., or any of its recipients of this policy, occupy the capacity of personal data processors under its protection, they must comply with the following duties, without prejudice to the other provisions provided by law: a) Guarantee the owner, at all times, the full and effective exercise of the right of habeas data. b) Keep the information under the necessary security to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access. c) Timely update, rectify or delete the data when requested by the data owner. d) Update the information reported by those responsible for treatment within five (5) business days from its receipt. e) Process the queries and claims made by the owners in the terms indicated in this regulation and in the law. f) Comply with the internal policies and procedures of each area to guarantee adequate compliance with the law and, especially, for the attention of queries and claims by the Holders. g) Register in the database the legend "claim in process" in the manner in which it is regulated by law, with respect to those complaints or unresolved claims presented by the owners of the personal data. h) Insert in the database the legend "information under judicial discussion" once notified by the competent authority about judicial processes related to the quality of personal data. i) Refrain from circulating information that is being controversial by the owner and whose blocking has been ordered by the Superintendence of Industry and Commerce. j) Condescend access to the information of the databases only to the people who can have access to it. k) Inform the Superintendence of Industry and Commerce within twenty-four (24) hours after the knowledge of violations of security codes and risks in the administration of the information of the holders. l) Comply with the instructions and requirements issued by the Superintendence of Industry and Commerce.

​

7. CHANNELS ENABLED:

The rights of the holders may be carried out through the channels that have been enabled by the company ZIMVIOTIKA DE COMERCIO Y SERVICIOS LOGÍSTICOS ESPECIALIZADOS S.A.S., for this purpose, which are available free of charge, as follows: a. Through the email address: op@vega.com b. Through the telephone service line: +1 267 916 4286

 

​