top of page
DATA PROCESSING POLICY MANUAL
 

1. Legal Basis and Scope of Application

​

This Information Processing Policy is developed in compliance with Articles 15 and 20 of the Political Constitution of Colombia, Articles 17 (k) and 18 (f) of Statutory Law 1581 of 2012, which establishes general provisions for the Protection of Personal Data (LEPD), and Article 13 of Decree 1377 of 2013, which regulates the aforementioned law.

This policy applies to all personal data recorded in databases that are subject to processing by the data controller.

Definitions established in Article 3 of the LEPD and Article 3 of Decree 1377 of 2013

  • Authorization: Prior, express, and informed consent of the Data Subject to carry out the processing of personal data.

  • Database: An organized set of personal data subject to processing.

  • Personal Data: Any information linked to or that can be associated with one or more identified or identifiable natural persons.

  • Public Data: Data that is not semi-private, private, or sensitive. Public data includes, among others, information related to a person's marital status, profession or occupation, and status as a merchant or public servant. Due to their nature, public data may be contained in public records, public documents, official gazettes and bulletins, and final judicial decisions that are not subject to confidentiality.

  • Sensitive Data: Data that affects the privacy of the Data Subject or whose improper use may lead to discrimination, such as data revealing racial or ethnic origin, political orientation, religious or philosophical beliefs, membership in trade unions, social or human rights organizations, or organizations promoting the interests of any political party, as well as data related to health, sexual life, and biometric data.

  • We receive, collect, and store any information you enter on our website or provide to us in any other way. In addition, we collect the Internet Protocol (IP) address used to connect your computer to the Internet; login information, email address, password, computer and connection information, and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications), payment details (including credit card information), comments, suggestions, product reviews, recommendations, and personal profile information.

  • Data Processor: A natural or legal person, public or private, who by itself or in association with others processes personal data on behalf of the Data Controller.

  • Data Controller: A natural or legal person, public or private, who by itself or in association with others decides on the database and/or the processing of the data.

  • Data Subject: A natural person whose personal data is subject to processing.

  • Processing: Any operation or set of operations performed on personal data, such as collection, storage, use, circulation, or deletion.

  • Privacy Notice: A verbal or written communication generated by the Data Controller and addressed to the Data Subject for the processing of personal data, informing them about the existence of information processing policies, how to access them, and the purposes for which their personal data will be processed.

  • Transfer: The transfer of data occurs when the Data Controller and/or Data Processor located in Colombia sends personal data to a recipient who is also responsible for processing and is located within or outside the country.

  • Transmission: Processing of personal data that involves the communication of such data within or outside the territory of the Republic of Colombia when the purpose is for the processor to carry out processing on behalf of the controller.

​

2. Authorization of the Data Processing Policy

​

According to Article 9 of the LEPD, the processing of personal data requires the prior and informed authorization of the Data Subject. By accepting this policy, any Data Subject who provides personal information consents to the processing of their data by MERCAVICOLA INSTITUCIONAL S.A.S under the terms and conditions established herein.

Authorization from the Data Subject will not be required in the following cases:

  • Information requested by a public or administrative entity in the exercise of its legal functions or by court order.

  • Data of a public nature.

  • Cases of medical or health emergencies.

  • Processing of information authorized by law for historical, statistical, or scientific purposes.

  • Data related to the Civil Registry of individuals.

​

​

3. Data Controller

​

​

The Data Controller of the databases covered by this policy is MERCAVICOLA INSTITUCIONAL S.A.S, whose contact information is as follows:

Address: AC 19 # 25-40. LOCAL 80154. CC PALOQUEMAO, Bogotá, Colombia
Email: gerencia@mercavicola.com
Phone: (+57) 1 3686259
Tax ID (NIT): 900.801.424-1

 

4. Processing and Purposes of the Databases

MERCAVICOLA INSTITUCIONAL S.A.S, in the development of its business activities, processes personal data related to natural persons contained in databases used for legitimate purposes, in compliance with the Constitution and the law.

The following table (Table I) presents the different databases managed by the company and the purposes assigned to each of them.

 

​

Database                                                   Purpose

Employee Databases                                Resumes and all matters related to employee welfare

Customer Databases                                Operational and administrative management, sales services and after-sales services

Supplier Databases                                  Operational and administrative management

 

​5. Browsing Data

​

When you carry out a transaction on our website, as part of the process we collect personal information that you provide to us, such as your name, physical address, and email address. Your personal information will be used only for the specific purposes mentioned above.

The navigation system and the software necessary for the operation of this website collect certain personal data whose transmission is implicit in the use of Internet communication protocols.

By their nature, the information collected could allow users to be identified through association with data held by third parties, although this is not the purpose of the collection.

This category of data includes the IP address or domain name of the device used by the user to access the website, the URL address, the date and time of the request, and other parameters related to the user’s operating system.

These data are used exclusively to obtain anonymous statistical information about the use of the website or to verify its correct technical operation and are deleted immediately after verification.

​

​6. Cookies or web bugs

​

​This website uses cookies or web bugs to collect personal data from users. Their use is limited to facilitating user access to the website.​​

​

​

​

​

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

If you do not wish us to process your data

​

​

​

​

​

​

​

​

If you do not want us to process your data, please contact us at gerencia@mercavicola.com or send us a letter to: AC 19 # 25-40. LOCAL 80154, Bogotá, Colombia.

​

7. Data Subject Rights

​

In accordance with Article 8 of the LEPD and Articles 21 and 22 of Decree 1377 of 2013, Data Subjects may exercise several rights regarding the processing of their personal data. These rights may be exercised by:

  • The Data Subject, who must sufficiently verify their identity through the means provided by the Data Controller.

  • The legal heirs of the Data Subject, who must prove such status.

  • The representative and/or attorney-in-fact of the Data Subject, upon proof of representation or authorization.

  • By stipulation in favor of another person.

​

The rights of children and adolescents shall be exercised by those legally authorized to represent them.

​

The rights of the Data Subject are the following:

Right of access or consultation:
The Data Subject has the right to be informed by the Data Controller, upon request, about the origin, use, and purpose given to their personal data.

​

Rights of complaints and claims

The law distinguishes four types of claims:

Correction claim:
The right of the Data Subject to update, rectify, or modify partial, inaccurate, incomplete, or misleading data, or data whose processing is expressly prohibited or not authorized.

Deletion claim:
The right of the Data Subject to request the deletion of data that is inadequate, excessive, or does not respect constitutional and legal principles, rights, and guarantees.

Revocation claim:
The right of the Data Subject to revoke the authorization previously granted for the processing of personal data.

Infringement claim:
The right of the Data Subject to request correction of non-compliance with personal data protection regulations.

Right to request proof of authorization:


Except when authorization is not required in accordance with Article 10 of the LEPD.

Right to file complaints with the Superintendence of Industry and Commerce:
The Data Subject or their heirs may submit a complaint only after completing the consultation or claim process with the Data Controller or Data Processor.

​

8. Data Subject Support

​

MERCAVICOLA INSTITUCIONAL S.A.S will handle petitions, consultations, and claims through which Data Subjects may exercise their rights.

Phone: (+57) 1 3686259
Email: gerencia@mercavicola.com

​

9. Procedures to Exercise Data Subject Rights

​

9.1 Right of Access or Consultation

According to Article 21 of Decree 1377 of 2013, Data Subjects may consult their personal data free of charge in the following cases:

  • At least once every calendar month.

  • Whenever substantial changes are made to the information processing policies.

  • ​

For consultations requested more than once per month, MERCAVICOLA INSTITUCIONAL S.A.S may charge only the costs of shipping, reproduction, and certification of documents.

To exercise the right of consultation, the Data Subject must send a written request to:

Email: gerencia@mercavicola.com
Subject line: “Exercise of the Right of Access or Consultation”

or by mail to:

AC 19 # 25-40. LOCAL 80154. CC PALOQUEMAO, Bogotá, Colombia

​

The request must include:

  • Full name of the Data Subject

  • Copy of the ID document and, if applicable, the representative’s identification

  • Description of the consultation request

  • Contact address for notifications

  • Date and signature of the applicant

  • Supporting documents when necessary

The Data Subject may choose one of the following methods to receive the requested information:

  • On-screen viewing

  • Written copy sent by certified or regular mail

  • Email or other electronic means

  • Any other system compatible with the database structure

Once the request is received, MERCAVICOLA INSTITUCIONAL S.A.S will respond within ten (10) business days. If it is not possible to respond within that period, the applicant will be informed of the reason for the delay and the new response date, which may not exceed five (5) additional business days.

After the consultation process is completed, the Data Subject may file a complaint with the Superintendence of Industry and Commerce.

 

9.2 Claims Procedure

The Data Subject may exercise their right to file a claim regarding their personal data by sending a written request to:

Email: gerencia@mercavicola.com
Subject: “Exercise of the Right of Claim”

or by mail to:

AC 19 # 25-40. LOCAL 80154. CC PALOQUEMAO, Bogotá, Colombia

The request must include:

  • Full name of the Data Subject

  • Copy of the ID document and proof of representation if applicable

  • Description of the facts and the request for correction, deletion, revocation, or infringement

  • Address for notifications

  • Date and signature of the applicant

  • Supporting documents if applicable

If the claim is incomplete, the applicant will be notified within five (5) days to correct the issue. If the required information is not provided within two (2) months, the claim will be considered withdrawn.

Once the claim is received, the database will include the notice “claim in process” within two (2) business days, which will remain until the claim is resolved.

​

The claim will be resolved within fifteen (15) business days. If additional time is required, the applicant will be informed, and the extension may not exceed eight (8) additional business days.

After completing the claims process, the Data Subject may file a complaint with the Superintendence of Industry and Commerce.

 

10. Validity

 

The databases managed by MERCAVICOLA INSTITUCIONAL S.A.S will be processed for the time reasonably necessary to fulfill the purposes for which the data were collected.

Once those purposes have been fulfilled, and unless legal obligations require otherwise, the company will proceed to delete the personal data in its possession.

We reserve the right to modify this privacy policy at any time. Therefore, we recommend reviewing it frequently. Changes will take effect immediately after they are published on the website.

If significant changes are made to this policy, we will notify users so they are aware of:

  • What information we collect

  • How we use it

  • Under what circumstances we use or disclose it

If you wish to access, correct, modify, or delete any personal information we have about you, please contact us at gerencia@mercavicola.com or write to:

AC 19 # 25-40. LOCAL 80154. CC PALOQUEMAO, Bogotá, Colombia​

 

11. Security measures

​

Our company is hosted on the Wix.com platform, which provides the online platform that allows us to sell our products and services.

Your data may be stored through Wix.com’s data storage, databases, and general applications. Wix stores your data on secure servers behind a firewall.

​

All direct payment gateways offered by Wix.com comply with PCI-DSS standards, administered by the PCI Security Standards Council, a joint effort of brands such as Visa, MasterCard, American Express, and Discover.

These requirements ensure the secure handling of credit card information by our store and its service providers.

In order to comply with the security principle established in Article 4 (g) of the LEPD, MERCAVICOLA INSTITUCIONAL S.A.S has implemented technical, human, and administrative measures to protect personal data against unauthorized access, alteration, loss, misuse, or fraud.

Additionally, through the signing of data processing agreements, the company requires its data processors to implement the necessary security measures to guarantee the confidentiality and protection of personal data.

The security measures implemented by MERCAVICOLA INSTITUCIONAL S.A.S are detailed in its Internal Security Manual.

We may contact you to:

​

  • Notify you about your account

  • Resolve issues related to your account

  • Handle disputes

  • Collect fees or payments owed

  • Conduct surveys or questionnaires

  • Send updates about our company

  • Enforce our User Agreement or applicable laws

​

For these purposes, we may contact you via email, telephone, text messages, or postal mail.

​

DIANA RIVEROS PALACIOS
Legal Representative

Updated: February 2024

​

bugs 2021.JPG

OUR LOCATIONS

CONTACT

CONTACT FORM

Processing plant
Carrera 24 # 22A - 63
Monday to Saturday 6:00 AM - 3:30 PM

Points of sale
Paloquemao Market
L80188 - L80154 (Chicken Section)
Monday to Saturday 6:00 AM - 3:30 PM
Sundays and holidays: 6:00 AM - 2:00 PM
In Bogotá, Colombia.
E-mail
info@mercavicola.com

Deliveries
Mobile: +57 322 478 2839

Offices
Phone: +601 3686259

Address
Carrera 24 # 22A - 63
Mercavicola Institucional SAS
NIT: 900.801.424-1

Your message was sent. We will get in touch with you soon!

SITE INFORMATION

Impact and sustainability

Consumer protection

  • Instagram
  • Facebook
  • X
  • Youtube
  • TikTok
  • LinkedIn

© 2020  made by Mercavicola Institucional. Made with   Wix.com

bottom of page