Business establishments may not abuse the request for personal data

A woman's hands typing

According to the SIC, the establishments that request personal data must:

 

- COMPLY WITH the regulation of personal data processing. The resolutions of the Ministry of Health and Social Protection do not suspend the fundamental right to data protection.

 

- When collecting personal data, it should be taken into account that:

 

  • You can NOT use deceptive or fraudulent means for the collection and processing of personal data.
  • The person must be informed of the specific purpose of the data collection.
  • You can NOT collect any data, except those that are relevant for the purpose for which they are required.
  • DO NOT collect data other than those expressly required by the Ministry of Health and Social Protection to comply with the biosafety protocols.
  • Except in the cases provided by law, personal data may not be collected without prior, express and informed authorization from the owner.

 

- INFORM citizens of the specific rule that orders the collection of data and keep said information visible and available.

 

- IMPLEMENT the technical, human and administrative measures that are necessary to grant security to personal data, avoiding its adulteration, loss, consultation or unauthorized or fraudulent access.

 

- INFORM citizens about the Information Processing Policy (PTI), which must include the mechanisms and procedures for people to exercise their rights to know, update, rectify and / or delete their data.

 

- LIMIT the temporality of the data collected to comply with the biosafety protocols issued by the Ministry of Health and Social Protection, which may only be stored for the reasonable time necessary to comply with said protocols. Once the purpose has been fulfilled, the Responsible for the Processing of Personal Data must ex officio delete the data collected.

 

- GUARANTEE the security of sensitive data, the collection, use, circulation and treatment of these must be surrounded by special care and diligence in their collection, use, security and / or any other activity performed with them. It should be noted that NO activity may be conditioned on the owner providing sensitive personal data.

 

- REGISTER the databases in the Superintendence of Industry and Commerce, in the event that new databases are created to comply with the protocols, these must be registered before the National Registry of Databases (RNBD) two months later of its creation.

 

The instructions given by the Superintendence of Industry and Commerce are preventive and mandatory and of immediate execution, Non-compliance and non-observance of these instructions can be reported to this Authority, in addition to leading to the initiation of administrative investigations.

Publicado
International Relations
Compartir FacebookFacebookFacebook

¡Conoce otras noticias de interés!

A man's hand signing a document with a pen
International Cooperation
International Organization of Legal Metrology logo
Colombia and the OIML
Colombia and the Iberoamerican Data Protection Network (RIPD) logo
Colombia and the Iberoamerican Data Protection Network (RIPD)
ICPEN logo
About ICPEN

International Cooperation

Agreement Year of signature (2009-2020) Deputy Superintendence involved       Declaration of Technical Cooperation between ONUDI (UN) – SIC 2020 Legal Metrology Memorandum Of Understanding between OMPI (UN) - SIC 2020 Industrial Property Memorandum Of

Colombia and the OIML

The International Organization of Legal Metrology is an intergovernmental organization which: o    Develops model regulations, standards and related documents for use by legal metrology authorities and industry.o    Provides mutual recognition systems which reduce

Colombia and the Iberoamerican Data Protection Network (RIPD)

The Iberoamerican Data Protection Network (RIPD), arises from the agreement reached at the Iberoamerican Data Protection Meeting (EIPD) held in La Antigua, Guatemala, from June 1 to 6, 2003, with the assistance of representatives of 14 Ibero-American countries. Aware of the important role that data

About ICPEN

The International Consumer Protection Enforcement Network (ICPEN) is a membership organization consisting of consumer protection law enforcement authorities from across the globe. ICPEN provides a forum for developing and maintaining regular contact between consumer protection agencies and focusing

Colombia and ICN

The International Competition Network (ICN) is a virtual and informal network whose objective is to facilitate cooperation between worldwide competition authorities. Its creation occurred in 2001, after the publication of the Final Report of the Advisory Policy Committee on International

Colombia and OECD

Since 2011, the Government of Colombia has expressed its interest in becoming member of the Organization for Economic Cooperation and Development (OECD). The OECD is an international organism that has as primary goal the promotion of “Better Policies for Better Lives”. Founded in 1961 and has as

Colombia and WIPO

The World Intellectual Property Organization (WIPO) is a specialized agency of the United Nations, created in 1970,  it has 188 States Members. Colombia has been a member since May 1980. It administers twenty-six (26) multilateral treaties. Colombia is a State Party in twelve (12) of them

APPA (Asia Pacific Privacy Authorities)

APPA is a forum for privacy authorities in the Asia Pacific region. It gives privacy authorities in the region an opportunity to form partnerships, discuss best practices and share information on emerging technology, trends and changes to privacy regulation.  APPA members convene twice a year

GPA (Global Privacy Assembly)

The Global Privacy Assembly first met in 1979 as the International Conference of Data Protection and Privacy Commissioners. The Assembly has been the premier global forum for data protection and privacy authorities for more than four decades. The Assembly seeks to provide leadership at

CAN (Andean community)

The “Andean Community” is an intergovernmental organization composed by Bolivia, Colombia, Ecuador and Peru with the aim to promote the expansion of markets and guarantee an effective economic development to the region. In 2020 Colombia assumed the 2020 – 2021 Presidency of the Andean Community

Centro de relevo
En la Superintendencia de Industria y Comercio, como es práctica habitual en la mayoría de los sitios web, utilizamos distintos tipos de cookies para mejorar tu experiencia con nuestro contenido y servicios digitales. Estas cookies se dividen en cuatro categorías fundamentales: las esenciales, que son imprescindibles para el funcionamiento adecuado del sitio; las funcionales, que simplifican la navegación; las de marketing, que personalizan los contenidos; y las de rendimiento, que nos ayudan a comprender cómo se utiliza el sitio para mejorarlo continuamente. Si deseas obtener detalles específicos sobre cómo empleamos estas cookies, te invitamos a consultar nuestra política de tratamiento de datos personales. Si estás de acuerdo con su uso, basta con que selecciones "ACEPTAR" y podrás explorar nuestro sitio web o aplicación. Agradecemos la confianza que depositas en la SIC para tu experiencia digital.