General Policies and Guidelines for Personal Data Protection (Privacy Policy)

Press release published on 26 July 2013 (Only in Spanish)

In compliance with the personal data protection regulation (Law 1266 of 2008, Law 1581 of 2012, Decree 1074 of 2015, and other regulations that modify, complement, or replace them), BANCO DE LA REPÚBLICA (the Central Bank of Colombia), in its capacity as Data Controller, informs its policy and general guidelines for personal data protection (privacy policy) that have been provided to it:

  • General Information- Data Controller

    • BANCO DE LA REPÚBLICA, TIN 8600052167, Main Office: Bogotá, D. C.

    • Contact: Through the Citizen Services System (SAC in Spanish): On-site service points, Call Center (National toll-free line: 01 8000 911745), web-based service

    • In compliance with Article 25 of Law 1581 of 2012 and its regulatory decrees, Banco de la República registered in the National Registry of Databases (RNBD in Spanish), the databases containing personal data subject to processing and for which it is responsible (controller). The registered databases can be consulted at:

Website of the Superintendence of Industry and Commerce - National Registry of Databases (RNBD)
 

  • Information Security

Banco de la República is committed to the security and protection of the personal data for which it is responsible. Its management systems for handling information have the current ISO 9001 and ISO/IEC 27001 certifications, the latter referring to information security. The policies and standards of the Bank's information management system are focused on protecting the confidentiality of information. Some mechanisms that support these policies and standards include network access control and/or authentication devices, and software to manage authorization levels and monitor system and registry activity, among others. Documents and information are preserved in compliance with and within the terms set forth in Article 55 of Law 31 of 1992. See the information security policies (only in Spanish).

Specific Policies for the Processing of Personal Data

The specific policies for processing your personal data provided to Banco de la República on account of its constitutional or legal functions or services may be consulted in the regulations of the respective function or service by virtue of which you provided such data to the Bank. Consult the regulations for Central Banking services, and cultural services, only in Spanish (Luis Ángel Arango Library), or access the Citizen Services System (SAC).

Purpose of the Processing of Personal Data

Personal data provided to Banco de la República may be processed (collected, stored, used, put into circulation, or deleted) for the specific purpose for which they were provided, including the construction of indicators and statistics for the monitoring and control of such processes and services, the controls of law, legal oversight, and, in any case, to comply with its other constitutional and legal functions of the Bank.

The specific purpose of the processing of the personal data provided by you to Banco de la República may be found in the regulation of the function or service by virtue of which you provided such data to the Bank. Please consult the regulations for Central Banking services, and cultural services, only in Spanish (Luis Ángel Arango Library), or access the Citizen Services System (SAC).

Particularly, in relation to cultural activity, your personal data may be processed (collected, stored, used, put into circulation, or deleted) in order to adequately provide cultural services offered by the Bank, such as: the Gold Museum, Library Network, Concert Hall of the Luis Ángel Arango Library, Casa de la Moneda (The Mint Museum), Botero Museum, and Miguel Urrutia Art Museum, along with other art, numismatic and philatelic collections, cultural areas, and centers; as well as to disclose our cultural services, products, programs, and events, news of interest related to such activity, including the construction of indicators and statistics for the follow-up of this activity, legal controls or oversight, and, in any case, to comply with the other constitutional and legal functions of the Bank.

Personal Data of Children and Teenagers

It is possible that Banco de la República receives or has received data from children and teenagers who access its services, especially those of a cultural nature, and therefore, the provision of their personal data is optional.

Banco de la República shall ensure the proper use of the personal data of children and teenagers, and shall respect their best interest in their processing, providing the protection of their fundamental rights and, as far as possible, considering their opinion as owners of their personal data.

Sensitive Personal Data

Given the scope of some of the Bank's functions, services, and activities, it is possible that it may receive sensitive personal data, for which it is advised that the provision of such data is optional and, in the event that such data is provided, it will be processed for the purposes mentioned above.

To control and record the entry, stay, and exit of the Bank’s facilities in the development of our security system, it is necessary to record personal data, which may include the verbal provision of primary identification data, the taking of a photograph, fingerprint, and the use of video surveillance, as applicable. In these events, by means of posters or notices or verbally, as the case may be, the purpose and processing of the data collected will be informed.

Recording of Images (Photographs or Videos) During our Events

If you attend our events, please be aware that the events of Banco de la República may be photographed or videotaped, including the attendees or guests, in which case the treatment of your image will have the purpose of using such records in different media such as television broadcasts, the internet, and other written publications related to the events that we promote in the development of our constitutional and legal functions and our institutional communication strategy aimed at promoting the approach of the Bank with the citizens. Given that by attending and participating in this event, you could be part of such records, please consider the personal data processing policies described herein.

Registration at Receptions of Buildings and Areas Where Personal Data Are Collected for Entry to the Facilities or Areas with Video Surveillance

If you are a visitor or user, we inform you that upon entering our facilities, you will be asked to provide or register your personal data in the system, books, or access control forms indicated by our security personnel. This may include taking a photograph, capturing your fingerprint, and the use of video surveillance, as the case may be. Therefore, by providing your information, Banco de la República is authorized to verify it and process it (collect it, store it, use it, or delete it) with the purpose of controlling and registering the entrance, stay, and exit of our facilities in the development of our security system.

As the owner of the personal data provided, you may access, know, update, and rectify them; be informed about their use; submit queries and claims; or request the deletion of these, where appropriate. To do this, you can contact the Citizen Services System (SAC) through the points of on-site services, the call center (national toll-free line: 01 8000 911745), or the web.

Exercise of the Rights of the Holders of the Personal Data

The holders of personal data may access, know, update, and rectify such data; be informed about the use given to them; submit inquiries and complaints about the handling of such data; revoke the authorization; or request the deletion of their data where appropriate and other rights conferred by law.

To exercise your fundamental right of habeas data, you may use the contact mechanisms informed by the Bank or through the Citizen Services System (SAC): On-site service points, Call Center (National toll-free line: 01 8000 911745), or web-based service. 

The procedures and terms for the attention of inquiries, claims, and other requests related to the exercise of the right of habeas data shall follow the provisions of Law 1266 of 2008 and the principles on data protection set forth in Law 1581 of 2012.

Política de cookies

Nuestros sitios web Portal Corporativo; Portal de Investigaciones Económicas; y Portal de la Actividad Cultural utilizan cookies propias y de terceros. Las cookies son archivos que se descargan en el equipo o dispositivo móvil de un usuario durante la visita a la página web con la finalidad de almacenar y recuperar datos. Como la mayoría de los sitios en internet, en nuestros sitios web se utilizan cookies para: i) establecer niveles de protección y seguridad de la información, ii) personalizar y facilitar la navegación del usuario. Las cookies se asocian únicamente a un usuario anónimo y su equipo, sin embargo, no proporcionan referencias que permitan deducir datos personales del usuario, y iii) medir estadísticamente la actividad del sitio web, con el fin de introducir mejoras en su contenido en función del análisis cualitativo y cuantitativo de los datos de uso que hacen los usuarios.

En nuestros sitios web utilizamos 2 tipos de cookies: i) cookies técnicas que son necesarias para navegarlos, además para controlar el tráfico y la comunicación de datos con el fin de establecer niveles de protección y seguridad de la información, y ii) cookies de Google Analytics que se utilizan para medir cómo interactúan los usuarios con los contenidos, sobre las cuales se puede ampliar la información en: Uso de las cookies de Google Analytics en sitios web. (El Banco de la República utiliza atuvc, __atuvs, _gat, _gid,_ga_* y SESS*, entre otros). 

Nuestros sitios web no circularán con terceros datos personales de los usuarios. Los sitios web de terceros que estén referenciados en enlaces de nuestros sitios web, tienen sus propias políticas de protección de datos personales o de cookies, las cuales son ajenas al Banco de la República y, por consiguiente, no lo vinculan; los usuarios podrán autorizarlas o no al acceder a tales sitios web.

Teniendo en cuenta que los sities web listados hacen uso de las cookies anteriormente descritas, al ingresar el usuario podrá aceptar el uso de las mismas o, en su defecto, continuar con la navegación desactivándolas al pulsar “No aceptar y continuar”. 

El Banco de la República puede modificar esta política de cookies en la oportunidad que requiera para cumplir con la normatividad que sea aplicable.

Effective Date

The effective date of these personal data protection policies is 18 June 2013.

Charter for the dignified treatment of citizens accessing the services or information of Banco de la República de Colombia (only in Spanish).