Data Privacy Policy

Scope

Make known to all our employees, contractors, clients, and in general all the agents that interfere in the development of the business the data privacy policies, to know, update and rectify the information that has been collected about them and that rests in the Databases or files of K2 in compliance with international information protection regulations.

This policy applies to clients, employees, contractors, suppliers and, in general, third parties that have a direct or indirect relationship with K2.

Applies to all databases, files, websites and files of personal information held by K2

Data Privacy Policy Guidelines

K2, as data privacy controller and in order to properly execute its activities and strengthen relationships with third parties, collects, stores, uses, circulates, transmits, transfers, updates, rectifies and deletes personal data, including data sensitive, corresponding to natural persons with whom you have or have had a relationship, such as workers, customers, suppliers, distributors, creditors at the national and international level.

Likewise, K2 protects the privacy of the sensitive data of the holders of the information, understanding these as those that affect the privacy of the holder or whose improper use may generate discrimination, such as those that reveal racial or ethnic origin, political orientation , religious or philosophical convictions, membership in trade unions, social or human rights organizations or that promote the interests of any political party or that guarantee the rights and guarantees of opposition political parties as well as data related to health, life sexual and biometric data at national and international level

Data treatment

In accordance with the limits established by current international laws, K2 must take into account:

• The owner of the data grants its prior and express authorization to carry out the treatment thereof, except in cases where said authorization is not required by law.
• The treatment is unavoidable, in order to ensure the vital interest of the owner of the data when he is physically or legally incapacitated. In these events, the legal representatives must grant their authorization
• In case of request of the data by public entities, these must be necessary for the recognition, exercise or defense of a right in a judicial process.
• Implement the necessary measures when data processing has a historical, statistical or scientific purpose. In this event, the measures leading to the suppression of the identity of the holders must be adopted.

Rights of the data owner

K2 in all data processing will be respectful of the rights of the owners. For the purposes of this policy, the owner of the data will have the following rights:

• Know, update and rectify your personal data against those responsible for the treatment or those in charge of the treatment This right may be exercised, among others, against partial, inaccurate, incomplete, fractioned, misleading data, or those whose treatment is expressly prohibited or has not been authorized with the regulations that regulate, add, execute, complement, modify, suppress or repeal.
• Request proof of the authorization granted to K2 except when expressly excepted as a requirement for treatment.
• Be informed by the person responsible for the treatment or the person in charge of the treatment, upon request of the owner, regarding the use given to their personal data.
• Revoke the authorization at any time and/or request the deletion of the data, when the principles, rights and constitutional and legal guarantees are not respected in the treatment.

In accordance with the purpose of this declaration, the owner, in relation to their non-public data, has the right to knowledge, access, rectification, updating, revocation and/or deletion of their data at any time.

K2 Data Privacy Obligations

• Guarantee the owner, at all times, the full and effective exercise of the right to process personal data.
• Request and keep, under the conditions provided in the regulatory decrees and other regulations that modify or reform them, a copy of the respective authorization granted by the owner.
• Duly inform the owner about the purpose of the collection and the rights that assist him by virtue of the authorization granted.
• Keep the information under the necessary security conditions to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access.
• Guarantee that the information provided to the person in charge of the treatment is true, complete, exact, updated, verifiable and understandable.
• Update the information, communicating in a timely manner to the person in charge of the treatment, all the news regarding the data that you have previously provided and adopt the other necessary measures so that the information provided to it is kept up to date.
• Rectify the information when it is incorrect and communicate, through the available and most expeditious means of communication, what is pertinent to the person in charge of the treatment.
• Process queries and claims formulated in the terms indicated in the law.
• Adopt an internal manual of policies and procedures to guarantee adequate compliance with the law and, in particular, for dealing with queries and complaints.
• Inform, through the available and most expeditious means of communication, the person in charge of the treatment when certain information is under discussion by the owner, once the claim has been filed and the respective procedure has not been completed.
• Inform at the request of the owner about the use given to their data.
• Inform the data protection authority when there are violations of the security codes and there are risks in the administration of the information of the holders.

Data privacy purposes

The following purposes are established for the treatment of information according to the profile and/or role.

• Processing and administration of data as a client or user of K2
• Offer through its own means or jointly with third parties Information on new product launches and/or benefits.
• Additional information that benefits the operation and/or handling of our products in case of inconveniences or failures.
• Comply with the notification of information of interest when you have requested it.
• Study and store information associated with requests for any of our products that we, as a future client, must know to establish the commercial relationship.
• Address requests, complaints or claims.
• Send communications related to the commercial activities of K2, news and useful information for professional practice, products, offers, news, invitations to events, job offers, propaganda, publicity and/or surveys about our products, services and/or products and services of our business partners.
• Statistical purposes, marketing or relational analysis of information, research, innovation and development of new products and/or services.
• Sharing, including the transfer and transmission of your personal data, to third countries for the purposes related to the operation.
• Use for security and protection matters inside the company's facilities.
• Mailing.
• Use for legal, administrative and commercial purposes.
• Report to control entities
• Use emails, text messages (SMS and/or MMS) or any analog or digital means of the holders for commercial purposes.
• Use and treatment of the image to include them on photographs; procedures analogous to photography; audiovisual productions (Videos); as well as the Copyright; the Related Rights and in general all those intellectual property rights that have to do with image rights.

Data security and privacy

K2, in application of the principle of security in data processing, will provide the administrative and technological measures that are necessary to provide security to the records, avoiding their adulteration, loss, consultation, use or unauthorized or fraudulent access.