Privacy Policy and Personal Data Processing

Diseñando Soluciones S.A.S. (hereinafter "the Company"), identified with Colombian tax ID (NIT) 901807113-7, domiciled at Calle 135 No 47-45 Floor 402, Bogotá, Colombia, is the entity responsible for processing personal data collected through this website and in the course of its business activities.

Website: https://disenandosoluciones.com Email for personal data matters: comercial@designingsolutions.com.co

In accordance with Colombian Law 1581 of 2012 and Decree 1377 of 2013, the following definitions apply:

• Personal data: Any information linked or that may be associated with one or more identified or identifiable natural persons.
• Processing: Any operation or set of operations on personal data, such as collection, storage, use, circulation, or deletion.
• Data subject: Natural person whose personal data is subject to processing.
• Data controller: Natural or legal person who decides on the database and/or data processing.
• Data processor: Natural or legal person who processes personal data on behalf of the controller.
• Consent: Prior, express, and informed consent of the data subject to carry out personal data processing.
• Database: Organized set of personal data that is subject to processing.
• Privacy notice: Verbal or written communication addressed to the data subject to inform them about the existence of data processing policies.
• Sensitive data: Data that affects the privacy of the data subject or whose misuse may lead to discrimination (racial or ethnic origin, political orientation, religious beliefs, health data, sexual life, biometric data).

Personal data processing shall be governed by the following principles established in Article 4 of Law 1581 of 2012:

• Principle of legality: Processing is a regulated activity that must comply with the provisions of the law.
• Principle of purpose: Processing must serve a legitimate purpose, which must be communicated to the data subject.
• Principle of freedom: Processing may only be carried out with the prior, express, and informed consent of the data subject.
• Principle of truthfulness or quality: Information subject to processing must be truthful, complete, accurate, updated, verifiable, and understandable.
• Principle of transparency: The data subject's right to obtain information about the existence of data concerning them is guaranteed.
• Principle of restricted access and circulation: Processing may only be carried out by persons authorized by the data subject.
• Principle of security: Information subject to processing must be handled with the necessary technical, human, and administrative measures to ensure security of records.
• Principle of confidentiality: All persons involved in the processing of personal data are required to guarantee the confidentiality of the information.

The Company collects the following types of personal data:

• Identification data: Full name, email address, phone number, and company name, voluntarily provided through our contact forms.
• Browsing data: IP address, browser type, pages visited, time spent, and website interaction data, automatically collected through cookies and tracking technologies.
• Communication data: Content of messages sent through contact forms, email, or chat.
• Professional data: Job title, company, and industry sector, when voluntarily provided.

The Company does NOT collect sensitive data through this website.

The personal data collected will be used for the following purposes:

• Responding to information requests, quotes, and business inquiries.
• Sending communications related to our software development, consulting, automation, analytics, artificial intelligence, and DevOps services.
• Improving the browsing experience on our website.
• Performing statistical and website usage analysis.
• Fulfilling contractual obligations arising from the provision of services.
• Managing business relationships with clients and prospects.
• Sending commercial and promotional information about our services (with prior consent).
• Complying with applicable legal and regulatory obligations.

In accordance with Article 8 of Law 1581 of 2012, data subjects have the following rights:

• To know, update, and rectify their personal data before the Company in its capacity as data controller.
• To request proof of the consent granted for data processing.
• To be informed by the Company, upon request, about the use given to their personal data.
• To file complaints with the Superintendence of Industry and Commerce for violations of the provisions of Law 1581 of 2012.
• To revoke consent and/or request deletion of their data when the processing does not respect the constitutional and legal principles, rights, and guarantees.
• To access their personal data that has been subject to processing free of charge.

To exercise any of the aforementioned rights, the data subject may send a request to comercial@designingsolutions.com.co indicating:

• Full name of the data subject.
• Identification number.
• Description of the facts giving rise to the request.
• Contact address and email.
• Supporting documents (if applicable).

Response times in accordance with the law:

• Inquiries (Art. 14, Law 1581 of 2012): The Company will respond within a maximum of ten (10) business days from the date of receipt. If it is not possible to respond within this period, the interested party will be informed of the reasons for the delay and the date of response, which in no case may exceed five (5) business days after the expiration of the first term.
• Complaints (Art. 15, Law 1581 of 2012): The maximum term to address a complaint is fifteen (15) business days from the day following the date of receipt. If it is not possible to address the complaint within this period, the interested party will be informed of the reasons for the delay and the date of response, which in no case may exceed eight (8) business days after the expiration of the first term.

The Company may transfer and/or transmit personal data to third parties in the following cases:

• To technology service providers acting as data processors (web hosting, analytics, email services) located in Colombia or abroad.
• To competent authorities when required by law or court order.
• To business partners for the fulfillment of the purposes described in this policy.

In all cases, the Company will require third-party recipients to comply with adequate personal data protection standards and will execute the corresponding processing agreements in accordance with applicable regulations.

For international transfers, the Company will ensure that the receiving country has adequate levels of data protection or, otherwise, the corresponding transfer agreements will be executed in accordance with Article 26 of Law 1581 of 2012.

This website uses cookies and similar technologies to:

• Ensure the proper functioning of the website.
• Analyze website usage through tools such as Google Analytics.
• Improve the browsing experience and personalize content.

Types of cookies used:

• Essential cookies: Necessary for the basic functioning of the website.
• Analytics cookies: Allow collecting statistical information about website usage.
• Preference cookies: Store user settings such as language.

Users can manage cookies through their browser settings. Disabling certain cookies may affect the website's functionality.

The Company implements reasonable technical, human, and administrative measures to protect personal data against unauthorized access, loss, alteration, or destruction, including:

• Data encryption in transit using HTTPS/TLS protocol.
• Role-based access control for authorized personnel.
• Periodic review of implemented security measures.
• Staff training on personal data protection.

However, no data transmission or storage system can guarantee 100% security. The Company commits to notifying data subjects and the Superintendence of Industry and Commerce in the event of any security incident that compromises the confidentiality of personal data, in accordance with applicable regulations.

This privacy policy takes effect from June 1, 2026, and shall remain in effect as long as the Company continues to operate and process personal data.

Personal data will be retained for the time necessary to fulfill the purposes described in this policy or for the period required by applicable legal provisions.

The Company reserves the right to modify this policy at any time. Any changes will be published on this website and, when significant, data subjects will be notified through available means.

The data protection authority in Colombia is the Superintendence of Industry and Commerce (SIC), before which data subjects may file complaints and claims related to the processing of their personal data.

Superintendence of Industry and Commerce Address: Carrera 13 No. 27-00, Bogotá, Colombia Phone: (+57 601) 587 0000 Website: www.sic.gov.co

For any inquiry, request, or complaint related to the processing of your personal data, you may contact us at:

Email: comercial@designingsolutions.com.co Address: Calle 135 No 47-45 Floor 402, Bogotá, Colombia Website: https://disenandosoluciones.com