In compliance with the Florida Information Protection Act (FIPA), FIT FASHION LATINO CORP; adopts this policy for the treatment of personal data, which will be communicated to all data subjects whose data is collected or obtained in the course of commercial or labor activities. Thus, SORETEX SAS declares that it guarantees the rights to privacy, intimacy, and the treatment of personal data, and accordingly, all its actions will be governed by the principles of legality, purpose, freedom, truthfulness or quality, transparency, access and restricted circulation, security, and confidentiality. All individuals who, in the course of various commercial or labor activities, whether permanent or occasional, provide any type of personal information or data to the Company, may know, update, and rectify it.
FIT FASHION LATINO CORP, a company dedicated to the commercialization of sports garments for women, established since 2018
EMAIL: international@bonlife.com.co
PHONE: +1 (786) 798 6257
The Florida Information Protection Act of 2014 (FIPA) expanded notification requirements on covered entities that acquire, use, store, or maintain state residents’ the personal information.
The statute, which came into effect on July 1, 2014, made several modifications to Florida law. These modifications apply to commercial and government entities, especially those that experience a data breach.
This policy applies to personal data registered in any database of the company SORETEX SAS, whose data subject is a natural or legal person.
For the purposes of this policy and in accordance with the current regulations on the protection of personal data, the following definitions shall be taken into account:
Authorization: Prior, express, and informed consent of the Data Subject to carry out the Treatment of personal data.
Privacy Notice: Verbal or written communication generated by the Data Controller, addressed to the Data Subject for the treatment of their personal data, through which they are informed about the existence of the information treatment policies applicable to them, the way to access them, and the purposes of the treatment of personal data.
Database: Organized set of personal data subject to treatment.
Heir: Person who has succeeded another by reason of their death (legatee).
Personal Data: Any information linked to one or more specific or ascertainable natural persons.
Public Data: Data that is not semi-private, private, or sensitive. Public data includes, among others, data relating to the civil status of individuals, their profession or occupation, and their status as a trader or public servant. By their nature, public data may be contained, among others, in public records, public documents, official gazettes and bulletins, and duly executed court judgments that are not subject to reservation.
Sensitive Data: Sensitive data refers to those that affect the privacy of the Data Subject or whose misuse could lead to their discrimination, such as data revealing racial or ethnic origin, political orientation, religious or philosophical beliefs, membership in unions, social organizations, human rights organizations, or promoting the interests of any political party or guaranteeing the rights and guarantees of opposition political parties, as well as data relating to health, sexual life, and biometric data.
Data Controller: Natural or legal person, public or private, who, by themselves or in conjunction with others, carries out the processing of personal data on behalf of the Data Controller.
Data Processor: Natural or legal person, public or private, who, by themselves or in conjunction with others, decides on the database and/or the processing of the data.
Data Subject: Natural person whose personal data is subject to processing.
Processing: Any operation or set of operations performed on personal data, such as collection, storage, use, circulation, or deletion.
Transfer: The transfer of data occurs when the Data Controller and/or Data Processor, located in Colombia, sends information or personal data to a recipient who is also responsible for the processing and is located inside or outside the country.
Transmission: Processing of personal data that involves the communication of such data within or outside the territory of the Republic of Colombia when it is intended for processing by the processor on behalf of the controller.
The definitions included in this document are taken from the current regulations in Colombia that regulate the protection of personal data.
In order to guarantee the protection of personal data, the Company will apply the following principles harmoniously and comprehensively, in light of which the processing, transfer, and transmission of personal data must be carried out:
Principle of legality in data processing: Data processing is a regulated activity, which must be subject to the current and applicable legal provisions governing the subject matter.
Principle of purpose: The processing of personal data carried out by the company or to which it has access shall serve a legitimate purpose in accordance with the Political Constitution of Colombia, which shall be informed to the respective data subject.
Principle of consent: The processing of personal data may only be carried out with the prior, express, and informed consent of the Data Subject. Personal data may not be obtained or disclosed without prior authorization, or in the absence of statutory or judicial mandate demonstrating consent.
Principle of accuracy or quality: Information subject to the processing of personal data must be truthful, complete, accurate, up-to-date, verifiable, and understandable. Partial, incomplete, fragmented, or misleading data processing is prohibited.
Principle of transparency: In the processing of personal data, SORETEX SAS shall guarantee the Data Subject's right to obtain, at any time and without restrictions, information about the existence of any type of information or personal data that is of their interest or ownership.
Principle of restricted access and circulation: The processing of personal data is subject to the limits arising from the nature of the data, as well as the provisions of the law and the Constitution. Therefore, the processing may only be carried out by persons authorized by the data subject and/or by persons provided for by law. Personal data, except for public information, may not be available on the internet or other means of disclosure or mass communication, unless access is technically controllable to provide restricted knowledge only to data subjects or third parties authorized by law. For these purposes, SORETEX SAS's obligation shall be one of means.
Principle of security: The information subject to processing by SORETEX SAS must be handled with the technical, human, and administrative measures necessary to ensure the security of the records, preventing their alteration, loss, consultation, unauthorized or fraudulent use or access.
Principle of confidentiality: All individuals in the company who manage, handle, update, or have access to any type of information in databases are obliged to guarantee the confidentiality of the information. Therefore, they undertake to strictly preserve and maintain all the information they come to know in the execution and exercise of their functions as strictly confidential and not to disclose it to third parties, except when expressly authorized by data protection law. This obligation persists and shall be maintained even after the termination of their relationship with any of the tasks comprising the processing.
In accordance with the applicable legislation on data protection, the following are the rights of data subjects:
To access, know, update, and rectify their personal data held by SORETEX SAS as the data controller. This right may be exercised, among others, in relation to partial, inaccurate, incomplete, fragmented, misleading data, or data whose processing is expressly prohibited or unauthorized.
To request proof of the authorization granted to the company for the processing of data, through any valid means, except in cases where authorization is not required.
To be informed by SORETEX SAS, upon request, about the use that has been made of their personal data.
To lodge complaints with the Superintendence of Industry and Commerce, or the entity acting in its capacity, for breaches of Law 1581 of 2012 and other regulations amending, supplementing, or complementing it, following the consultation or requirement procedure with the Company.
To revoke the authorization and/or request the deletion of the data when the processing does not comply with constitutional and legal principles, rights, and guarantees.
To access their personal data that have been processed free of charge, at least once every calendar month, and whenever substantial modifications to this policy justify new inquiries. These rights may be exercised by: - The data subject, who must sufficiently prove their identity through the various means made available by the company. - The legal successors of the data subject, who must prove such status. - The representative and/or attorney-in-fact of the data subject, upon proof of representation or power of attorney.
The processing of personal data of minors is prohibited, except for those data that are of a public nature, and in such cases, the processing must comply with the following parameters:
The Company acknowledges the ownership of personal data held by individuals, and therefore, they alone can decide on their use. Accordingly, FIT FASHION LATINO CORP will use personal data for the fulfillment of purposes explicitly authorized by the data subject or by applicable laws. In the processing and protection of personal data, the company shall have the following duties, without prejudice to others provided for in the regulations that govern or may govern this matter:
The processing of personal data requires the free, prior, express, and informed consent of the data subject, except in cases expressly authorized by law, namely:
The Privacy Notice is the physical, electronic, or any other format document made available to the data subject to inform them about the processing of their personal data. Through this document, the data subject is informed about the existence of the company's information processing policies that will be applicable to them, how to access them, and the characteristics of the intended processing of personal data. The privacy notice must contain, at least, the following information:
Inquiries: Data subjects or their successors in interest may inquire about the personal information held by the company, which will provide all the information contained in the individual record or that is linked to the identification of the Data Subject. Regarding the handling of requests for personal data inquiries, the company guarantees:
In accordance with the law, the company reserves the right, in the events contemplated by the law, its statutes, and internal regulations, to maintain and classify certain information held in its databases as confidential, in accordance with current regulations, statutes, and regulations, all of the above in line with fundamental constitutional rights.
In compliance with the principle of security established in current regulations, FIT FASHION LATINO CORP will adopt the necessary technical, human, and administrative measures to ensure the security of the records, preventing their alteration, loss, consultation, unauthorized or fraudulent use, or access.
In compliance with the institutional mission and the strategic development plan of the company, and considering the nature of the permanent or occasional relationships that any data subject may have with us, the company may transfer and transmit, including internationally, all personal data, provided that applicable legal requirements are met. Consequently, by accepting this policy, data subjects expressly authorize the transfer and transmission, including at an international level, of their personal data. The data will be transferred for all relationships that may be established with FIT FASHION LATINO CORP
For the international transfer of personal data of data subjects, the company will take necessary measures to ensure that third parties are aware of and commit to complying with this policy, with the understanding that the personal information they receive can only be used for matters directly related to FIT FASHION LATINO CORP and only as long as the relationship lasts, and it cannot be used or intended for any other purpose.
This policy is effective from its issuance on January 15, 2018, and the databases subject to processing will remain valid as long as necessary for the purposes of marketing and the provision of any type of service.