Personal data processing policy

EatCloud is governed by the principle of confidentiality. In this way, the information provided by the user will be validated in the Information Systems, databases or databanks of duly authorized third parties, under the commitment to maintain the confidentiality of personal, commercial, accounting, technical, commercial information or that which is obtained from the execution and exercise of its functions.

EatCloud may use proprietary information systems and databases supplied by the user and validated with databases with authorization for the processing of information. EatCloud guarantees the user that when it comes to the transfer of personal data, it will comply with the provisions of local law.

All information you provide to EatCloud is subject to EatCloud’s Privacy Policy and Privacy Policy. Use of the services implies your consent to the collection, use of this information, transfer of this information to the United States or other countries for storage.

Object. Provide the necessary and sufficient information to stakeholders and establish guidelines to ensure the protection of personal data that are processed through EatCloud’s procedures.

Target audience. It shall apply to all databases, both physical and digital, that contain personal data and are subject to processing by EatCloud, considered responsible. Likewise, in those cases in which they operate as responsible for the processing of personal data.

The policy is aimed at providing users with the necessary and sufficient information about the different treatments and purposes for which their data will be used, as well as the rights that they can exercise against EatCloud.
This policy is mandatory knowledge and compliance by all natural or legal persons responsible for the administration of EatCloud’s personal databases.

Scope.
To process the different requests and claims made by the Owners of the Information. To comply with the requirements of the regulations in force regarding Personal Data Protection.
To provide due protection to the interests and needs of the holders of the Personal Information processed by EatCloud.
Data collected. EatCloud collects the following data:
Data that users provide to EatCloud, such as the data they provide when filling out the registration form.
Data that is generated when using our services, such as device details, location and app usage.
Data that is generated when they manage donations through our app such as donation characterization.
Data from other sources, such as other users or account owners, business partners, general, insurance or financial solution providers, and government authorities.
Data from users when they apply for registration, update or use their accounts. It may include your name, email address, phone number, username and password, address. It also includes information about the vehicle used to mobilize donations. We may also infer demographic data from other information we collect from users.
Data that users submit when they contact the service desk, document area or otherwise communicate with EatCloud. This may include comments, photographs or other recordings that users collect, including audio or video (such as from dashcams), and send to the service desk or the document area. It also includes metadata related to the method used to contact EatCloud.
Donation itinerary information, including travel times and dates, transport provider details, delivery zone and products.
Accurate or approximate location data of users who use any website services and donation managers who use app services to enable and improve the use of our apps, optimize operation stages, facilitate ad serving and delivery, and prevent and detect fraud.
Data about the devices used to access our services, including hardware models, IP address or other unique device identifiers, operating systems and versions, software, preferred languages, advertising identifiers, and mobile network or device movement information.

Data processing. EatCloud will perform operations including collection, storage, organization, use, circulation, transmission, transfer, updating, rectification, erasure, deletion and management of the data according to the nature and in accordance with the purposes set out in this Policy. Personal data will be processed in accordance with the stakeholder and in proportion to the purpose as described below.

Specifically, the treatment will be given as follows:
a.- Control and attend the requests related to the provision of services.
b.- Develop and implement linkage and permanence programs.
c.- Manage the necessary information for the fulfillment of the obligations.
d.- Evaluate the quality of the services rendered.
e.- To carry out campaigns, dissemination activities and training.
f.- To send a response to the requests made.
g.- To carry out follow-up, monitoring and evaluation tasks.
h.- Send communications issued by the follow-up, monitoring or evaluation areas.
i. Submitting reports to authorized entities or areas.
j.- To provide information services through the different means of contact.
k.- To carry out all the necessary activities for the fulfillment of the different stages of the operation.
l.- Any other purposes determined within the framework of EatCloud’s functions.

Security Actions. EatCloud is committed to user security and implements the following actions:
Use device, location, profile and usage data, among others, to prevent, detect and combat fraud. This includes identifying fraudulent accounts or uses of our services, preventing use of the services by unauthorized users, verifying the identity of related users, and preventing and combating unauthorized access to user accounts.
Use ratings, reported incidents and other feedback to promote compliance with our terms of use and as a reason to deactivate the accounts of users with low ratings or who otherwise violate those terms.
Share information about serious security incidents or local compliance with third parties including other entities involved in the operation in order to prevent them from posing a risk to the platform or users using the services and share this information with the persons affected by such incidents, if they led to the deactivation of the account.
Use ratings, usage and other data to avoid compatibility between users and donors with increased risk of conflict.

Use information collected through the service desk (which may include call recordings) to provide customer support, including to investigate and address user concerns, and to monitor and improve customer support responses and processes.

Use the data in testing, research, analysis, product development and machine learning processes in order to optimize the user experience. This allows us to improve the security of our services, make them more convenient and easier to use, and develop new services and functions.

Use data from the devices to identify subjects whose actions put the operation at risk.

Data transfer and transmission. EatCloud may transfer and transmit personal data to third parties with whom it has an operational or contractual relationship. It may also transfer such data to other countries for storage.
Necessary measures will be taken to ensure that persons with access comply with this Policy.

Holder’s authorization. The processing requires the prior and informed authorization of the Data Subject, which must be obtained by any means that may be subject to subsequent consultation. The authorization shall be deemed to comply with these requirements when the following are manifested (i) in writing, (ii) orally or (iii) by unequivocal conduct on the part of the holder that allows the reasonable conclusion that he/she granted the authorization

The authorization of the Holder shall not be necessary when dealing with:
a) Information required by the Entity, in the exercise of its legal functions or by court order.
b) Data of a public nature.
c) Cases of medical or health emergency.
d) Processing of information authorized by law for historical, statistical or scientific purposes.
e) Heat maps.

EatCloud informs in a clear and precise manner the treatment to which your personal data will be subjected and the purpose of the same. The optional nature of the answer to the questions asked, when they deal with sensitive data or with the data of children and adolescents. The rights you have as a holder. The identification, physical or electronic address and telephone number of the data controller. EatCloud retains proof of compliance with the above.

Responsible area. Requests, queries and claims made by the holders of personal data that are under treatment of EatCloud may submit requests to exercise their rights to know, update, rectify and delete data, or revoke the authorization that should be addressed to:

– Phone: +57 323 9023235
– Email: soporte@eatcloud.com
– Website: www.eatcloud.com

Procedure to attend to the rights of the holders.

Written requests should be sent by e-mail and should contain at least the following information:

a. The identification of the Holder.
b. Contact information (physical and/or electronic address and contact telephone numbers).
c. The documents proving the identity of the Holder, or the representation of its representative.
d. The clear and precise description of the Personal Data with respect to which the Data Subject seeks to exercise any of the rights.
e. The description of the facts giving rise to the claim.
f. Documents to be asserted.
g. Signature and identification number.
h. Filing in original.

In case the request is submitted through another authorized channel, the area in charge will forward it to the personal data protection office.

Deadlines for response to requests or claims: Requests received through the above means will be answered within a maximum term of ten (15) working days counted from the date of receipt.

In case of impossibility to attend the consultation within such term, the interested party shall be informed before the expiration of the ten (15) days, stating the reasons for the delay and indicating the date on which the consultation will be attended, which in no case may exceed eight (8) working days following the expiration of the first term.

In the event that the request or claim is submitted without compliance with the above legal requirements, the claimant will be requested within five (5) days following receipt of the claim, to correct the faults and submit the missing information or documents.

After two (2) months from the date of the request without the applicant submitting the required information, it shall be understood that the request or claim has been withdrawn.

Revisions. The Entity shall carry out review processes or audits on personal data protection, verifying directly or through third parties, that the policies and procedures have been properly implemented in the Entity.

Versions and updates of the policy. Any substantial change in the personal data processing policies will be communicated in a timely manner to the data subjects through the usual means of contact and/or through the website: www.eatcloud.com.