Privacy policy
We may process, transfer and disclose your information for the purposes of: providing you with services, managing your accounts with us and complying with your instructions; verifying your identity; detecting and preventing fraud and money-laundering; compliance with laws and public duties; monitoring and/or recording your telephone calls and electronic transactions in order to accurately carry out your instructions; to assist in improving our services and in the interests of security and crime prevention.
Data usage policy
By providing us with any information you will be agreeing to the provisions established below in addition to any other terms you have agreed with us where relevant. Please ensure you have read and understood these terms before you send us any information. They will apply to any information you have already provided. If you are a customer or client of AutoSalud (and/or any of its subsidiaries), details of the information we collect and how we use it will also be set out in the terms and conditions of the relevant product or service. In the event of a conflict between this Data Protection Policy and the terms and conditions of your specific product or service, the terms and conditions of your specific product or service will take precedence. We reserve the right to revise or supplement this Data Protection Policy from time to time at our sole discretion, and you agree to revisit this policy regularly at www.autosalud.net to ensure you are familiar with the most current version. By continuing to deal with us you will be agreeing to any such changes. You must not send us personal information about someone else without first getting his or her consent for it to be used and disclosed in the ways set out in this policy. This is because we will assume he or she has consented – although we may still ask for confirmation from them. Where you do give us information about someone else, or someone else discloses a connection with you, that information may be taken into account with your other personal information. We treat your privacy very seriously and we understand that you will wish to know how we will use the information we collect from or about you. We use your personal information in accordance with this data protection policy and will fully comply with all applicable Venezuelan legislation. It is important that you take all necessary and appropriate steps to protect your data yourself (for example, by ensuring that all passwords and access codes are kept secure).
Governing law
These terms and your use of this website are governed by and construed in accordance with laws of the Bolivarian Republic of Venezuela and any disputes will be decided only by the courts of the Bolivarian Republic of Venezuela.
Data Protection Directive
GLOBAL:
AutoSalud is GDPR compliance. The European Directive 95/46/EC governs the processing of personal data in the EU and will now be replaced by the GDPR as of May 25, 2018. The Directive introduced minimum standards, which had to be implemented by separate legislation in each EU Member State. This gave Member States the option to extend the scope of the Directive or retain pre-existing higher standards, or decide not to take full advantage of derogations, which explains why different data protection standards apply across Europe. It can be found online: https://ec.europa.eu/justice/policies/privacy/docs/95-46-ce/dir1995-46_part1_en.pdf
VENEZUELA:
The Constitution of the Bolivarian Republic of Venezuela (the Constitution) establishes general principles that serve as a framework for the protection of information. These principles were developed by decision No. 1318 of the Supreme Court of Justice (TSJ for its Spanish acronyms) of August 2011, guarding the honor, privacy, intimacy, self-image, confidentiality, and reputation of individuals. The principles are:
Principle of free will, which implies the need of a prior, free, informed, unequivocal and revocable consent for the use, and collection of personal data.
Principle of legality, according to which the collection of personal data entails that the limitation to information self-determination is a result of a legal provision.
Principle of purpose and quality, which means that the collection of personal data must respond to predetermined purposes, motives, or causes that are not contrary to constitutional and legal provisions, is also a prerequisite to obtain valid consent. Data can only be extracted and treated for the fulfilment of specific, explicit, and legitimate purposes related to the activity of those who get them. This principle entails the necessary proportionality in the collection of data, which must be adequate, relevant, and not excessive.
Principle of temporality or conservation, under which the data should be preserved until the purposes or objectives that its collection are achieved.
Principle of accuracy and self-determination, which means that the data must be complete, accurate and up to date, in response to the real situation of the person as the data may be subject to control by the individuals whose data is collected. The interested party must have clear and expeditious procedures to obtain from the person responsible for the use or receipt of the information: the confirmation of the use of data; the purposes of such registers and its recipients; the rectification or cancellation of inaccurate, inadequate, or excessive data, and the knowledge of such modifications by those whose wrong information has been communicated.
Principle of foreseeability and integrity: Although the rights relating to the collection of information should be initially aimed at protecting the rights of the individuals whose information is collected, the analysis of the impact that the collection of data has on such rights cannot be isolated and without reference to data that may be collected in other registries.
Principle of security and confidentiality, which implies the guarantee of confidentiality, of no alteration of data by third parties, and of access to such data by the competent authorities in accordance with the law. The data must be protected from alteration, loss, accidental destruction, unauthorized access, or fraudulent use. This protection goes as far as preventing international data transfers to States whose legislation does not guarantee a level of protection like the one described.
Principle of guardianship, which means that in addition to having judicial protection to enforce the right to access the information and obtain knowledge of the use of the personal data, there should be public entities that ensure the right to the protection of personal data with powers to create or implement simplified models and based on technical standards to measure the level of efficiency of the structures and procedures in place and the level of protection of the personal data.
Principle of liability, under which a violation of the right to the protection of personal data gives rise to liability and the imposition of civil, criminal, and administrative penalties, as the case may be.