You are in:

Habeas Data - Privacy notification


PROCOLOMBIA, (herein after referred to as the “Entity”) in compliance with Colombian Statute 1581 of 2012 and other applicable legislation, is responsible for the Use of personal data.

1) Your rights as Personal Data Holder include: A) To access, update, withhold or rectify your personal data. This right can be exercised, inter alia, against partial, inaccurate, incomplete, fractured, or any prohibited or unauthorized Use of personal data; B) To request evidence of authorization granted prior to the Use of personal data;  C) To Receive information about the Entity’s use of personal data; D)  To lodge a complaint to the Superintendent of Industry Commerce and Tourism and the Financial Superintendent for infractions, in accordance with applicable legislation and other policies that modify, add or complement the aforementioned. E) To access, free of charge, personal data subject of Use.

2) General Information: a) Address: Calle 28 No. 13 A-15 Piso 35, Bogotá, D.C., b) Email :, c) Telephone: 5600100 (Bogota), d) (related web pages).

3) You may exercise your rights by contacting the Entity through the following channels: Data Holders may utilize the Entity’s mailing system at or in person at Calle 28 No. 13 A-15, Floor 1, Bogotá D.C., from Monday to Friday from 8:00 a.m. to 6:00 p.m.

4) Entity branches responsible for handling petitions, consultation, and complaints: The receipt of petitions, consultations and complaints is channeled through Information Centers – as per section 3 of this guideline.

5) Procedure to access, update, withhold or rectify: As a Data Holder, you can request to update, withhold, revoke or rectify data and/or consult or submit a complaint related to the Use of your personal data as per section 3 of this guideline.

The Entity shall validate, analyze, classify your request and issue a response subject to the timelines prescribed by Law, utilizing the same channel by which the request was made, or any other channel specified at the time of initial request. Exemptions are applicable when the Data Holder has a legal or contractual duty to remain in the Entity’s database.

These requests shall be processed as long as they fulfill the following conditions:

  1. The request must be addressed to the Party Responsible or in Charge of the Use of personal data.
  2. The request must include identification of the Data Holder, his successor in title, representative, or agent.
  3. The request must include a description of the circumstances that give rise to the request.
  4. Notification data
  5. The request must also include supporting documents and facts.


If a case arises where the request is incomplete with respect to the aforementioned conditions, the applicant shall be required to provide all outstanding information within a 5-day period from the day that the request was assessed as incomplete. If all outstanding conditions are not satisfied within a 2-month period from the date the request was assessed as incomplete, the applicant shall be deemed to have waived the claim.

Once a request has been accepted it shall be classified as “request in process.”

A response shall be issued within a 15- day review period. The time limit starts the day after the request is received.

If a response is not issued within the review period prescribed by the Personal Data Law due to the complexity of such request, the Entity shall notify the applicant about the reasons for such delay. When notified of the difficulties of issuing a response within the term indicated by Law, the applicant shall be informed of a future date by which the initial request shall be answered, not to exceed 8 days following the expiry of the first term.

6) PROCOLOMBIA Policies for Personal Data Use

  1. Compliance with the Use of personal data within the parameters prescribed by the Colombian Constitution and applicable legislation.
  2. Obtaining express authorization granted through physical, electronic and/or telephone means that will allow the Entity to verify that personal data will not been collected and stored in the Entity’s electronic or physical records without required consent of Personal Data Holder. Additionally, authorization can be implied from actions that allow/suggest reasonable assumption of Data Holders’ voluntary consent provision for the Use of their personal information.
  3. Guaranteeing the confidentiality, integrity and availability of personal data by the parties responsible and in management of same.
  4. Ensuring that personal data shall only be Used by the Entity’s personnel that require this information to fulfill activities related to their role or that of their managers. The latter shall access this information in accordance with their contractual obligations.
  5. Ensuring that Entity personnel must guarantee confidential use of the data both during the term of their contractual obligations and after the termination of such obligations.
  6. Ensuring that the use of personal data is in accordance with the objectives authorized by personal data holders.
  7. Complying with the non-disclosure of personal data on the Internet or any other mass media outlet, unless the information is public or is required by Law.
  8. Protection of personal information in accordance with the timelines specified under document retention tables.
  9. Timely update and communication of information to any authorized third party (data controllers), which is related to new developments with respect to data previously administered, and adoption of necessary measures for subsequent and regular information updates.
  10. Correction of inaccurate information and communication of applicable updates to any authorized third party (data controllers).
  11. Processing any requests or complaints made by Data Holders within the timelines prescribed by Law. If issues arise, a case manager shall inform the applicants/complainants.
  12. Deletion of personal data from the Entity’s database upon request, with the exemption of Data Holders who have a legal or contractual duty to remain in the data base.
  13. Managing of personal data under strict security parameters to avoid any potential risk of data corruption, unauthorized use or fraudulent access.
  14. Ensuring adequate security measures for the Use of personal data classified as sensitive, including among others, the personal data of employees’ children.
  15. Ensuring the consolidation of a corporate culture that advocates for, and safeguards, the rights of Data Holders through skill development.
  16. Guaranteeing the full and effective practice of the rights of habeas data to all Data Holders.
  17. Adequately informing Data Holders about the purpose of data collection and the rights of the Entity by virtue of granted consent.
  18. Guaranteeing that all information provided to any authorized third party, within the parameters of applicable legislation, is truthful, complete, accurate, up to date, verifiable and understandable.
  19. Exchanging personal information with other public entities as requested to fulfill their duties in the areas of taxation, research, and judicial processes among others
  20. Modification of established policies at any time. Modification shall occur in accordance with applicable legislation, and will come into effect from the date such modifications are made publicly available.
  21. Ensuring that transfer of personal data to countries that do not provide adequate data protection is strictly prohibited.
  22. Enforcing policies for internal data controllers to report the information gathered in the data bases they administer and provide any updates to the Office of Personal Data Protection, including reporting of new data bases created.
  23. Ensuring registration and reporting of any new information from data bases in the National Data Base Registry – RNBD, pursuant to applicable legislation.
  24. Publishing the Privacy Policy at
privacy_policy.pdf Descarga el consolidado completo en PDF

PROCOLOMBIA, en cumplimiento de la Constitución Política Nacional, Ley 1581 de 2012 y demás normas concordantes, es responsable del tratamiento de sus datos personales. ¿Autoriza a ProColombia el manejo de sus datos personales?

Oficinas Proexport
Primer centro de información
Segundo centro de información
Tercer centro de información