Kii Global Privacy Policy

Objective

To comply with Law 1581 of 2012 and Decree 1377 of 2013, which safeguard the constitutional right of all individuals to know, update, and correct information collected about them in databases or records maintained by public and/or private entities.

KII GLOBAL, its Joint Ventures, and Consortia are companies and entities that store and collect personal data. We require your authorization to collect, store, use, disclose, delete, process, compile, exchange, update, and manage the data provided.

Our goal is to implement the right to access, update, and correct personal data by establishing policies, procedures, and controls for data protection and addressing requests, complaints, and claims.

Application and Involved Areas

All areas within KII GLOBAL, its consortia, or joint ventures that collect, process, handle, and store personal data must comply with this policy, regulated by Law 1581 of 2012 and Decree 1377 of 2013.

Definitions and Assumptions

For purposes of this policy:

  • Personal Data: Any information linked to identifiable individuals, including names, addresses, images, or codes.
  • Sensitive Data: Data that affects privacy or whose misuse could lead to discrimination.
  • Data Subject: Any individual whose personal data is processed.
  • Candidate: An individual undergoing a recruitment process.
  • Employee: An individual providing services under an employment contract.
  • Supplier: A provider of services based on a contract.
  • Client: A recipient of services offered by the Company.
  • Data Processor: Processes personal data on behalf of the Data Controller.
  • Data Controller: Decides on databases and data processing activities.
  • Data Transmission: Communication of personal data to a processor, nationally or internationally.
  • Data Transfer: Sending data to another controller.
  • Data Processing: Operations on personal data, such as collection, storage, use, or deletion.
  • Superintendency of Industry and Commerce: Colombian authority overseeing data protection.

For terms not included here, refer to Law 1581 of 2012, Decree 1377 of 2013, and related regulations.

Scope

This policy applies to employees, suppliers, contractors, and data processors within or outside Colombia. KII GLOBAL is authorized to retain and process information unless the data subject expressly and unequivocally objects in writing.

Responsibility

KII GLOBAL, its Joint Ventures, and Consortia have the following duties:

  • Guarantee data subjects the exercise of their right of habeas data.
  • Request and retain authorization copies from data subjects.
  • Inform data subjects about the purpose of data collection and their rights.
  • Maintain data security to prevent alteration, loss, or unauthorized access.
  • Ensure provided data is truthful, complete, accurate, updated, and understandable.
  • Update data and communicate changes to the Data Processor.
  • Correct inaccurate data and inform the Data Processor.
  • Process only previously authorized data.
  • Require Data Processors to maintain security and confidentiality.
  • Handle inquiries and claims as established by law.
  • Adopt policies and procedures to comply with data protection laws.
  • Inform Data Processors of disputes involving data.
  • Provide information to data subjects upon request regarding their data usage.
  • Notify authorities of security breaches and risks.
  • Comply with instructions from the Superintendency of Industry and Commerce.