Provicy notice Columbia

The processing of personal information is carried out for the following purposes:

(i) To carry out all the activities and administrative procedures related to the services provided by SOPHOS; (ii) Carry out surveys and/or research studies to evaluate the process of attention and satisfaction of the service provided; (iii) Send information (e.g. to e-mails and contact numbers) of customers about the products, services, events and/or promotions of SOPHOS; (iv) Transfer and/or transmit corporate contact information to other entities of the SOPHOS group and to third parties for the purposes described above for the purposes described above; (v) Transfer the personal data of customers in the framework of the definition, structuring and execution of strategic transactions, such as the sale of assets or shares The Company or parts of its business are sold, merged or acquired by third parties; (vi) Control and prevention of fraud, bribery, corruption and Money Laundering / Financing of Terrorism or proliferation of mass destruction weapons. The possibility of reporting data on non-compliance with obligations, as well as unusual or suspicious operations, is included. As well as investigation, verification and validation of the information provided, with any information legitimately acquired by SOPHOS, and international lists on the commission of crimes and money laundering for the purpose of initiating, executing, developing and terminating the contractual relationship; (vii) Storing the information in databases, as well as the custody or maintenance of these by SOPHOS or a third party; (viii) To stablish efficient communication in compliance with the provisions of the contractual obligations and for any matters concerning the administrative management of the relationship; (ix) following up on complaints, grievances and suggestions; (x) Communicating your personal data to judicial and/or administrative authorities and/or other control entities, when required.

(i) Request the supports and related information on the resume; (ii) Send and receive by email communications and requests related to the selection process; (iii) Verify and consult with third parties the information on the resume (authenticity of documents, work and academic certifications, safety studies, home visit). ; (iv) Record in the SOPHOS database the selection process in order to have support with internal and external authorities; (v) Communicate to the contact phones in order to schedule the interviews and tests required for SOPHOS workers or third parties to perform the validations of the information indicated in the resume and evaluations of all tests advanced in the process (vi) Retain for at leastten years the personal data for possible selection processes; (vii) Assess the suitability of the candidate, taking into account the characteristics of the vacancy that is required to hire; (vii) Carry out the necessary checks and consultations in different restrictive lists; (ix) Consult and access at any time the databases of risk, credit, financial, judicial or security records legitimately constituted, of a state or private, national or foreign nature; (x) Carry out the relevant steps for the development of the pre-contractual, contractual and post-contractual stage; (xi) Contact them in compliance with the provisions of the contract and for the administrative management thereof; (xii) To ensure security in the facilities where appropriate; (xiii) To be invited to training, instructions, reinforcement, or the development of institutional activities; (xiv) To conduct satisfaction surveys; (xv) To transfer the personal data of candidates in the framework of the definition, structuring and execution of strategic transactions, such as the sale of assets or shares in case The Company or parts of its business are sold, merged or acquired by third parties; (xv) Storing the information in databases, as well as the custody or maintenance of these by SOPHOS or a third party.

(i) Identify the staff as SOPHOS collaborators; (ii) Communicate to the staff and make their knowledge relevant information in accordance with the quality of SOPHOS collaborator; (iii) Verify the fulfillment of the employee’s employment and contractual obligations; (iv) Review the criminal, contractual and fiscal records of the holders before the relevant authorities; (v) Full identification of the holders, by archiving and handling their contact data, professional and academic information, among others; (vi) Conclude the contract of work, apprenticeship, service provision or any other that applies; (vii) Fulfill the obligations of SOPHOS membership, such as: affiliation to the social security system, payment of contributions, to the compensation fund, holidays, delivery of vouchers, payments to the tax authority, to issue certificates of income and withholding and employment certificates requested by the holders, and / or any national entity or authority that requires personal data, in accordance with current rules; (viii) To comply with any other benefit that derives from the contractual relationship between the collaborators and SOPHOS. To provide instructions on the occasion of the contract with the collaborators, if applicable; (ix) To evaluate the performance of the collaborators; (x) To manage the payroll, the payment of financial support, among others, by the Company or a third party; to manage and make the necessary payments in the bank account indicated by the collaborators; (xi) To contract life insurance and medical expenses with SOPHOS or a third party; (xii) To notify the relatives of the collaborators in cases of emergency during working hours or during the development of the contract; (xiii) The communication, reproduction and publication of photographs of the collaborators by SOPHOS for marketing, advertising, internal SOPHOS or other purposes; (xiv) Maintain the safety and health of employees in the workplace directly by the Company or by a third party, in accordance with the rules applicable to the “Management of Safety and Health at Work System” and keep the documents as indicated in law; (xv) Collect information and evidence for the purpose of carrying out disciplinary proceedings, if applicable; (xvi) Store the personal data of employees in the internal physical and computer file of SOPHOS, the other companies of the group and / or third parties in charge of storage; (xvii) Transfer and / or to other entities of the SOPHOS Group, to public entities and to third parties for the purposes described above; (xviii) to transfer the personal data of the partners in the framework of the definition, structuring and execution of strategic transactions, such as the sale of assets or shares in case The Company or parts of its business are sold, merged or acquired by third parties; (xix) to carry out epidemiological surveillance activities framed in the Occupational Health program; (xx) Carry out the control of entry or exit records, as well as other events that may arise for security reasons in the physical and virtual facilities of SOPHOS; (xxi) As evidence in administrative procedures that SOPHOS carries out in compliance of the Labor agreements, the internal labor regulations, Code of Ethics, as well as other internal policies defined by the company. Likewise, it may be used in compliance of regulations on workplace harassment, disciplinary procedures or contract’s termination.

SOPHOS SOLUTIONS S.A.S. having its registered address at Carrera 11 #71-73 Of. 404, Bogotá D.C. Colombia is responsible for processing your personal information as described in this Privacy Notice, its subsidiaries could be also responsible if you share directly your data with its representatives.

If you have any questions about this Notice or if you would like to communicate with our specialized Team, please contact us at habeasdata@sophossolutions.com

See our Personal Data Protection Policy on the website