Logo con rostro Ojo izquierdo Ojo derecho
GET STARTED
LOG IN
GET STARTED
LOG IN

DATA POLICY

Talk&Boom

Through this means, “Talk&Boom: Spanish starts now!” (hereinafter “Talk&Boom”) establishes its Personal Data Policy, which will be applied in compliance with Law 1581, 2012 and its Regulatory Decree 1377, 2013. This policy will define the mechanisms to guarantee, in an adequate and suitable way, the processing of personal data collected until now and in the future in its databases and in relation to its contractual, labor, and commercial activities, among others, in order to enable the data owners to exercise their right to Habeas Data.

This data policy is governed by the principles of legality, purpose, freedom, truth or quality, transparency, restricted access and circulation, security, and confidentiality.

  1. IDENTIFICATION

The following are the identification details of the Personal Data Processor:

  • Full name: Rodrigo Andrés Moreno López
  • Place of residence:  Calle 134a #19-34 (Bogotá D.C., Colombia)
  • Phone number: (+57) 3183658090
  • E-mail: info@talkandboom.com
  • 2. LEGAL FRAMEWORK

The present policy is governed by the following Colombian regulatory framework:

  • Political Constitution
  • Law 1266, 2008
  • Law 1581, 2012
  • Regulatory Decree 1727, 2009
  • Regulatory Decree 2952, 2010
  • Regulatory Decree 1377, 2013
  • Constitutional Court’s sentence C – 1011, 2008
  • Constitutional Court’s sentence C – 748, 2011
  • 3. OVERVIEW

Talk&Boom is committed to protecting personal, private, and/or confidential information obtained within the legal framework of its business activities.

In compliance with current regulations, this document aims to establish Talk&Boom’s procedure for protecting entrusted information, seeking to limit the processing of personal data collected, which have been voluntarily provided by our clients, contractors, suppliers, employees, former employees, visitors and any person who has any kind of relationship with the Company.

Personal, private, or confidential information can be obtained by Talk&Boom through the following channels:

  1. Business or professional relationship with the client, supplier, or third parties related to the Company.
  2. Employment relationship with employees and former employees.
  3. Application for selection processes.
  4. Attendance at training, seminars, talks, or courses.
  5. Sending of emails requesting or providing information.

It is made clear that by providing any type of personal information to Talk&Boom, the data owner accepts that such information will be used in accordance with this policy, emphasizing that the Company will not use the supplied data for purposes other than those established in this document.

The use of personal data for a purpose different from that indicated in this Policy must be framed within the applicable legal or jurisprudential exceptions or have the express authorization of the data subject. The exceptions referred to will be defined in this Policy.

  • 3. DEFINITIONS
  • Privacy Notice: It is the verbal or written communication generated by the Data Processor, addressed to the Data Owner for the processing of their personal data, through which they are informed about the existence of the information processing policies that will apply to them, how to access them, and the purposes of the processing intended for the personal data.
  • Authorization: The prior, express, and informed consent of the Data Owner to carry out the personal data processing.
  • Database: An organized set of personal data subject to processing.
  • Channels to exercise rights: These are the means of receiving and addressing requests, inquiries, and complaints that the Data Controller and the Data Processor must make available to the data subjects.
  • Personal Data: Any information related to one or more identified or identifiable natural persons.
  • Public Data: Data that is not semi-private, private, or sensitive. Public data includes, among others, data related to the marital status of individuals, their profession or occupation, and their status as merchants or public servants. By their nature, public data may be contained, among others, in public registers, public documents, gazettes and official bulletins, and duly executed court rulings that are not subject to confidentiality.
  • Sensitive Data: Data that affects the privacy of the Data Owner or whose improper use may lead to discrimination, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, membership in trade unions, social organizations or human rights organizations, as well as data concerning health, sexual life, and biometric data.
  • Data Processor: An individual or legal entity, by itself or in association with others, that carries out the processing of personal data on behalf of the Data Controller.
  • Habeas Data: It is a fundamental right enshrined in Article 15 of the Political Constitution, which allows all people to know, update and rectify the information collected about them in databases of public and private entities.
  • Principle of Legality: The personal data processing must comply with what is established by law and other provisions that develop it.
  • Principle of Purpose: The data processing must obey a legitimate purpose in accordance with the Constitution and the Law, which must be informed to the Data Owner.
  • Principle of Freedom: The data processing can only be carried out with the prior, express, and informed consent of the Data Owner. Personal data cannot be obtained or disclosed without the prior authorization of the Data Owner, unless it is required by law or by a court order.
  • Principle of Truth or Quality: The information subject to data processing must be truthful, complete, accurate, up-to-date, verifiable, and understandable. The processing of partial, incomplete, fragmented, or misleading data is prohibited.
  • Principle of Transparency: The right of the Data Owner to obtain information at any time and without restrictions about the existence of data concerning them must be guaranteed in the data processing.
  • Principle of Restricted Access and Circulation: The data processing depends on the nature of personal data, the provisions of the law, and the Political Constitution. The data processing can only be carried out by persons authorized by the Data Owner and/or by those provided for by law. Personal data, except for public information, cannot be made available on the Internet or other means of mass communication or disclosure unless it is restricted to the Data Owners or authorized third parties in accordance with the law.
  • Principle of Security: The information subject to processing must be handled with all necessary technical and administrative measures to provide security to the records, preventing their alteration, loss, or unauthorized and fraudulent use.
  • Principle of Confidentiality: All persons involved in the processing of personal data must guarantee the confidentiality of the information, even after their relationship with any of the tasks involved in the processing has ended. Personal data can only be provided or communicated for the development of activities authorized by law.
  • Data Controller: The individual or legal entity that, by itself or in association with others, makes decisions about the data and its processing.
  • Data Owner: Natural person whose personal data is subject to processing.
  • Processing: Any operation or set of operations performed on personal data, such as collection, storage, use, circulation, or deletion of data.
  • PQR (Petition, Query, Request): Request from the Data Owner or persons authorized by them or by law to correct, update, or delete their personal data or to revoke the authorization.
  • Client: The entity to whom the Company provides professional services through a commercial relationship.
  • Supplier: The entity that supplies goods or services to the Company through a commercial relationship.
  • Employee: The individual who provides personal services to the Company under an employment contract.
  • Third Party: The individual or entity that, although having a commercial or training relationship with the Company, is not an Employee, Client, or Supplier.
  • National Database Registry: It is the public directory of databases subject to data processing that operate in the country. It is managed by the Superintendence of Industry and Commerce and is freely accessible to citizens.
  • 4. DATABASE CONTENT

Talk&Boom stores general information such as: full name, identification number and type, gender, and contact details (email address, physical address, landline and mobile phone numbers). Additionally, it collects, stores, uses, circulates, and deletes Personal Data of natural and legal persons with whom it has or has had a relationship, especially clients, distributors, suppliers, creditors, debtors, and employees. Talk&Boom may have data for the processing of employee and contractor databases, as well as information about employment history and other sensitive data required by the nature of the contractual relationship. Sensitive information may be stored in these databases with prior authorization from the Data Owner, in compliance with the provisions of Articles 5 and 7 of Law 1581, 2012.

The information provided by users through access to the website: www.talkandboom.com (hereinafter referred to as the website) will be treated in accordance with the provisions of this data policy. By accessing the website, users authorize and accept each and every clause contained in the TERMS AND CONDITIONS OF THE WEBSITE.

  • 5. PURPOSES OF PERSONAL DATA

Talk&Boom collects and processes this information for the purpose of carrying out the activities related to the provision of services offered by the company, within the normal course of its business. For this reason, contracts entered into will be governed by the provisions of this Policy or will include a clause that regulates the processing of information within them. The data obtained by Talk&Boom may eventually be shared with third parties, judicial or administrative authorities, for quality reviews, audits, supervisory activities, or as a reference for future business. In any case, personal data of third parties whose Data Controller is not Talk&Boom will be processed according to the purpose of the services provided or contracted, in order to comply with the commercial or legal relationship established.

Similarly, Talk&Boom may process the information of individuals with whom it has already ended its commercial relationship and of third parties related to the company in order to send commercial information that may be of interest, such as event invitations, newsletters, sector reports, publications, or any other purpose within the ordinary course of the Company’s business.

Purpose of Photo and Video’s Processing. It is possible that individuals entering Talk&Boom premises or attending events may be photographed or filmed. This material may be used for the following purposes:

  1. Maintaining and ensuring the security of individuals and property within the premises. The data may eventually be transferred to private security companies in accordance with the regulations governing such activity and/or best market practices.
  1. Creation of materials such as videos, brochures, reports on contracted services, institutional POP material, which may be presented or disseminated for loyalty, information, and promotional purposes.

Notwithstanding the above, individuals entering Talk&Boom premises may choose not to authorize the aforementioned processing of their personal data. In such cases, they should complete the non-authorization form for the personal data processing, with the guarantee that the data will be destroyed in accordance with the respective practices of private security companies or applicable regulations.

  • 6. RIGHTS OF THE DATA OWNER[1]

The data subjects and individuals whose personal data is being processed have the following rights:

  • Right of access: Obtain all information about their own personal data, the processing applied to it, the purpose of the data processing, the location of the databases, and the communications made regarding their information. They may also request proof of the authorization granted to Talk&Boom. Talk&Boom guarantees the data subject free access to the information subject to processing.
  • Right of update: Update their personal data when it has undergone any changes.
  • Right of rectification: Rectify information that is inaccurate, incomplete, or non-existent.
  • Right of erasure: Cancel, at any time, their personal data when it is excessive, irrelevant, or the data processing is contrary to regulations.
  • Right to revoke consent. Revoke the authorization or request the deletion of data, provided that the Superintendence of Industry and Commerce has determined that Talk&Boom has engaged in conduct contrary to the law and the Constitution.
  • Right to present complaints and claims or to take legal action. File complaints with the Superintendence of Industry and Commerce for violations of the law.

Any of the rights mentioned here can be exercised by the following individuals:

  1. The Data Owner.
  2. The Data Owner’s heirs.
  3. The representative and/or attorney-in-fact of the Data Owner.
  4. Another person designated by the Data Owner.
  • 7. NO NEED FOR AUTHORIZATION

According to applicable regulations, the following cases do not require the Data Owner’s authorization for the processing or transmission of their personal data[2]:

  • When the information is required by a public or administrative entity exercising its legal functions or by a court order.
    • When the information belongs to databases of a public nature.
    • In cases of medical or health emergencies.
    • For authorized historical, statistical, or scientific purposes as per the law.
    • When it concerns data related to the Civil Registry of Individuals.

In these cases, although the Data Subject’s authorization is not required, other principles and legal provisions regarding the protection of personal data will still apply.

  • 8. OBLIGATIONS OF TALK&BOOM

Based on this Policy, Talk&Boom undertakes the following obligations:

  • Ensure that the Data Owner can fully and effectively exercise the right of Habeas Data.
    • Inform the Data Owner of the purpose of the data collection and their rights. Talk&Boom commits to respecting the security and privacy conditions of the information. The owner of the information, in turn, will ensure that it is truthful, complete, accurate, up-to-date, verifiable, or understandable.
    • Prevent the alteration, loss, unauthorized or fraudulent consultation, use, or access of the information.
    • Request and retain copies of authorizations granted by the Data Subject.
    • Carry out the rectification or deletion of data when applicable.
    • Update the information reported by the data controllers within the following five (5) business days.
    • Report data security breaches and information management risks to the data protection authority.
    • Process inquiries and complaints submitted by the Data Owners regarding the provided information.
    • Refrain from disclosing information that is under dispute by the Data Owner and has been blocked by the Superintendence of Industry and Commerce or any other competent authority.
    • Only allow access to the information to individuals who are authorized to access it.
    • Comply with instructions or requirements issued by the Superintendence of Industry and Commerce.
    • Provide personal data to authorities when the legality of the request and the relevance of the requested data are verified. The delivery of the information will be documented, ensuring that it meets all its attributes (authenticity, reliability, and integrity) and highlighting the duty of protection over this data, the security measures, and the risks of its misuse, both to the requester and the recipient.

9. RESPONSIBLE AREA FOR THE DATA POLICY

Any request, complaint, or claim related to the handling of personal data should be sent physically or electronically to the following contact information:

  • Place of residence: Calle 134a #19-34, apto 303 (Bogotá D.C., Colombia)
  • Phone number: (+57) 3183658090
  • E-mail: elprofedelenguas@gmail.com

10. DATA PROTECTION PROCEDURE

Any request, complaint, or claim related to the handling of personal information must be submitted in writing or by email and should include at least the following information:

  1. Identification of the Data Subject, providing evidence of the right to the information, including the following details:
    1. Full name
    1. Type and identification number, along with a copy of the document.
    1. Place of residence
    1. Phone number
    1. E-mail
    1. Description of the events giving rise to the complaint
    1. Documentation serving as evidence of the events

If the complaint is incomplete, the individual will be given a period of five (5) business days to correct the deficiencies. If the individual fails to respond within one month following the request, it will be deemed that they have withdrawn the complaint.

Talk&Boom will respond to the request, complaint, or claim within fifteen (15) business days from the day following the receipt of the request. If it is not possible to provide a response within the specified timeframe, the interested party will be notified of the reasons for the delay and the expected date of response.

11. SENSITIVE DATA

Talk&Boom advises against providing sensitive data to the company unless the Data Subject deems it necessary to do so in order to fulfill activities carried out with the company.

We kindly request that if any individual transmits sensitive data to the Company through any channel, it should be sent with the appropriate authorization for processing, for legitimate business purposes and as specified in this document.

Talk&Boom will only obtain information classified as sensitive data under the following circumstances:

  1. When the Data Owners provide their express and prior authorization, either at the time of data collection or thereafter.
    1. When the data processing is necessary to protect the vital interests of the Data Owner, with the prior authorization of the individual exercising legal representation on behalf of the Data Owner.
    1. When the data processing is carried out in the course of legitimate activities and with the necessary safeguards. These data may not be disclosed to third parties without the prior authorization of the Data Owner.
    1. When the data is necessary for the recognition, exercise, or defense of a right in a judicial process.
    1. When there is a historical, statistical, or scientific purpose, in which case all measures must be taken to eliminate the identity of the Data Subjects.

12. PROCESSING OF PERSONAL DATA OF MINORS

In accordance with the Colombian Code of Childhood and Adolescence, Talk&Boom will process the personal data of minors, taking into account that the rights of children and adolescents take precedence over others. The data processing will only be carried out when explicit authorization is obtained from their legal representatives and in compliance with the requirements imposed by the law. The opinions of minors will be taken into account when using their personal data.

13. INTERNATIONAL TRANSFER OF DATA

In the event that an international transfer of data is required[3], Talk&Boom commits to not transferring data to third countries that do not comply with the standards of personal data protection required by the Superintendence of Industry and Commerce, except for the following exceptions:

  1. If the data owner has given their express and unequivocal consent for the transfer.
    1. For reasons of public health or hygiene.
    1. For banking or stock exchange transfers, in the event that Talk&Boom engages in such transactions.
    1. For transfers covered by international treaties in which Colombia is a party, based on the principle of reciprocity.
    1. For transfers necessary for a contract between the data owner and the Data Controller, provided that the data subject’s authorization is obtained.
    1. For transfers in the public interest or for the recognition, exercise, or defense of a right in a judicial process.

14. SECURITY

Talk&Boom commits to adopting and complying with the guidelines provided by the Superintendence of Industry and Commerce regarding all matters related to the security of personal data obtained. Talk&Boom will make its best efforts to enhance the security standards that protect the collected personal information.

15. PROHIBITIONS

  1. Talk&Boom prohibits access, use, management, transfer, communication, storage, and any other processing of sensitive personal data without the authorization of the data owner and the Company.
  2. Talk&Boom prohibits the recipients of this personal data processing policy from engaging in the behaviors described in the Computer Data Protection Law 1273, 2009, unless authorized by the data owner and/or the Company, as applicable.

16. ROLES Y RESPONSABILIDADES

All members of Talk&Boom share the responsibility for the proper handling of personal data. Within each department that handles personal data, rules and procedures will be adopted to comply with the Manual. In case of any doubts, please refer to the email elprofedelenguas@gmail.com to process the request.

17. TEMPORALITY OF PERSONAL DATA

The retention of data will be determined by the purpose for which it was collected. Once the purpose for which the data was collected has been fulfilled, Talk&Boom will proceed to destroy or return the data, or retain it as required, adopting technical measures to prevent inappropriate processing.

18. COOKIES

Cookies are pieces of information sent by websites and stored in your browser with the purpose of providing a better browsing experience on our websites and improving our services. It is important to clarify that even if the user does not accept cookies, part of the information, in an anonymous form, may still be collected by the website’s automatic databases.

19. DATA POLICY VALIDITY

Any modification to this policy will be made at the discretion of Talk&Boom, within the applicable regulatory parameters. The information collected by Talk&Boom will be kept indefinitely as long as it serves its purpose and is necessary to ensure compliance with legal, labor, and accounting obligations. The Data Owner has the right to request the removal of their information, as long as it does not contradict Talk&Boom’s own obligations. Talk&Boom may modify this Data Policy whenever deemed necessary, in accordance with regulatory changes in this matter. All updates shall be recorded at the end of the document for the purpose of third-party notification. Talk&Boom recommends and requests its customers, suppliers, consultants, users, and all individuals who have or wish to have any relationship with the Company to periodically review this Policy in order to stay informed about the data protection mechanisms implemented by the company for the safeguarding of personal information.

20. START DATE

This Policy is effective upon its publication.

21. UPDATINGS

Version 1: 19th May 2025

[1] In accordance with article 8 of Colombian law 1581, 2012.

[2] Law 1581, 2012, article 10.

[3] Law 1581, 2012, article 26

Get Started
Log In
× How can I help you?