PRIVACY POLICY AND DATA  PROCESSING

The privacy policy as a component of the Terms and Conditions while surfing inside aguabendita.com works as a contract to state the rules about collecting, usage, and storage of data and information from the internauts, besides registration from de website.

Throughout the purchase process at www.ethosactive.com.co,  we will request some personal information from our clients. In compliance with Law 1581 of 2012 "Personal Data Protection Law" and Decree 1377 of 2013,  ISACCA  S.A.S. informs that it is responsible for administering said data. According to our policies for the Treatment of personal data, the mechanisms through which we use them are safe and confidential since we have the appropriate technical means to ensure that they are stored to avoid unwanted access by third parties. In that same order, we provide their confidentiality.

We can deliver and send notifications and information that the customer has requested or might be useful to you, thanks to the information provided by him. Including information about our products, services, and offers, unless you specify not wanting contact for these purposes.

1. THIRD PARTIES: We may share your data with third parties to help us with any of the functions mentioned in our Privacy Policy. For example, we may use third parties to assist us with delivering promotional products, collecting payments, shipping products, or managing customer service systems. We may exchange information with third parties for fraud protection and risk reduction. Third parties must commit to maintaining the privacy policies of this document for the handling of your data.
2. PAYMENT INFORMATION: Payments made through the site will be processed by our online payment agent PayU and Paypal. Only on our website, we will provide your information. Such information is up to date and must be accurate and truthful.

This personal data treatment policy follows the provisions of Law 1581 of 2012 regulated by Decree 1377 of 2013, and other complementary clauses, which will be applied by ISACCA SAS concerning the processing of personal data.

A.OBJECTIVE:

In this policy, ISACCA S.A.S  establishes the necessary guidelines to protect the Personal Data of the Holders, as well as the purpose of collecting the information, establishes the criteria for the collection, storage, use and deletion of the data of the holders, your rights, the obligations of ISACCA  S.A.S as the person in charge, the channels for answering inquiries and complaints, the procedures for handling these, and the validity of the databases.

B.DEFINITIONS:

• Authorization: Prior, express, and informed consent of the owner to carry out the processing of personal data.
• Database (BB.DD): the organized set of personal data that is subject to Treatment.
• Personal data: any information linked or associated with one or more specific or determinable natural persons.
• Owner: a natural person whose personal data is subject to Treatment.
• The person in charge of the Treatment: natural or legal person, public or private, that by itself or in association with others, carries out the processing of personal data on behalf of the person responsible for the Treatment.
• Responsible for the Treatment: natural or legal person, public or private, who by himself or in association with others, decides on the database or the Treatment of the data.

1. PRINCIPLES:

• Principle of legality regarding data processing: the processing of personal data is a regulated activity that must be subject to Law 1581 of 2012 and other requirements that develop it.
• Principle of security: the information subject to Treatment by the Person in Charge of Treatment or Person in Charge of Treatment referred to in Law 1581 of 2012, must be managed with the technical, human and administrative measures that are necessary to provide security to the records avoiding its adulteration, loss, consultation, use or unauthorized or fraudulent access.
• Principle of purpose: we shall inform the Holder about personal data processing obeys a legitimate purpose following the Constitution and Law 1581 of 2012.
• Principle of freedom: with the prior, express, and informed consent of the Holder, we will exercise the Treatment. Personal data may not be obtained or disclosed without prior authorization, or in the absence of a legal or judicial mandate that relieves consent.
• Principle of truthfulness or quality: the information subject t
• Principle of transparency: in the Treatment, the right of the Holder to obtain from the Treatment Manager or the Treatment Manager, at any time and without restrictions, we will guarantee information about the existence of data that concerns him or her must be guaranteed.
• Principle of access and restricted circulation: The Treatment is subject to the limits derived from the nature of the personal data, the provisions of this law, and the Constitution. Regard, the Holder should authorize someone to respond for the Treatment or the persons provided for in Law 1581 of 2012.
• Principle of confidentiality: all persons who might process personal data must reserve the information. Even at the end of the processing tasks, they may only supply personal data communication when this corresponds to the development of the activities authorized in Law 1581 of 2012 and its terms.

D.

RESPONSIBLE:

*Company  name: ISACCA SAS 

• Address: CALLE 81 # 9-65 ● City: Bogota  Colombia.
• Email: info@ethosactive.com.co
• Telephone: + 572444261

3. TREATMENT TO WHICH THE PERSONAL DATA / PURPOSES WILL BE SUBMITTED:

We use the personal information that you provide us for purposes that include, but are not limited to:

• We use your email address to help you create, manage, and maintain an account on our Services, communicate with you, provide you with updates or information you request, and respond to comments and questions.
• We use your email address and phone number to send you security alerts, shipping notifications, and other administrative messages and provide customer support.
• Fill orders for products, services, or information.
• Track and confirm orders online.
• Deliver products.
• Manage a loyalty or fidelity program.
• Provide customer service, respond to requests, complaints, or claims.
• Manage sweepstakes, promotions, or surveys.
• Offer new products and services.
• Improve the effectiveness of our web portal, our marketing efforts, and our services and offers.
• Conduct research and analysis for commercial purposes.

4. WHAT INFORMATION DO WE COLLECT?

1. INFORMATION PROVIDED BY THE USER:

• Registration and profile information: When you create an account or place an order, we ask for your first name, last name, email address, phone number, identification number, payment information, shipping and billing address, neighborhood, city and state where you reside, demographic information may eventually be requested.
• Payment information: When you make a purchase, depending on the payment option chosen, we may use a third-party service provider that handles the transaction for us. In this way, we only receive the approval or rejection information of your payment. Payments made through the site will be processed by our online payment agent PayU and Paypal. We will provide your data exclusively on our website. Our electronic commerce platform SHOPIFY and our payment partner PayU and PayPal have the PCI DSS certification to secure handling of the credit card information.
• COMMUNICATIONS: If you contact us directly, we may receive additional information about you. For example, when you contact our customer care team, we will receive your name, email address, phone number, the content of a message or attachments that you can send to us, and other information that you can provide. We may also record your calls with our Customer Service team to handle your inquiry and product training, research, and development purposes.

5. PROCESSING OF SENSITIVE PERSONAL DATA

According to Law 1581 of 2012, sensitive personal data is "those that affect the privacy of the Holder or whose improper use may generate discrimination, such as those that reveal racial or ethnic origin, political orientation, religious or philosophical convictions. Also, Membership in trade unions, social organizations, human rights organizations or that promote the interests of any political party or that guarantee the rights and guarantees of opposition political parties as well as data related to health, sexual life and biometric data. " Within them, the data of minors is also recognized.

ISACCA S.A.A  must process data of this nature, in the development of relations with its employees or candidates in selection processes, especially those related to health, and eventually biometric data to implement security measures in security systems. We will adopt access control to its facilities or some physical space, in any case in the Treatment of said data special security measures. In any case, when one requests authorization for the Treatment of sensitive data, we will advise the owner of the purposes that they will be processed and inform the rights to refrain from answering questions about sensitive data or children's and adolescents' data.

6. AUTHORIZATION

For the processing of personal data by ISACCA S.A.S   the prior will require informed and express authorization of the Holder obtained by consulting by any verbal, written, physical, or electronic means. Later, without prejudice to the exceptions provided by law, understand that in any case, that one gives this authorization when registering in our offices, points of sale, and on the website, accepting the collection and data processing. ISACCA S.A.S will keep the proof of said authorizations appropriately, respecting the principles of confidentiality and privacy of information.