At ARBIO we rely on the generosity and support of individuals like you to carry out our vital conservation work. That is why we want to be completely transparent about why we need the personal details we request when you engage with us and how we will use them.
As you browse our website and whenever you communicate with us, we collect information. It deepens our understanding of what works and what doesn’t, which helps make our communications more effective. The more we understand our supporters and the people we engage with, the more efficiently we are able to operate and the more funds we can direct into conservation.
ARBIO ensures the maximum security and protection of the personal data which clients or potential clients, in order to make use of our services, provide through the website and other documents or forms.
2. Objective and purpose
Privacy information does not include information that is available through publicly accessible sources. Such means of electronic, optical and other technological communication designed to provide information to the public and open to general consultation includes telephone directories, newspapers and magazines, social communication media, professional lists, repertoires of anonymized jurisprudence, the Public Registries administered by the National Superintendency of Public Registries as well as any other registries or databanks qualified as public according to law, the Public Administration entities in relation to the information that must be delivered in application of the Law Nº 27806, the Law of Transparency and Access to Public Information.
In accordance with Law No. 29733 – Personal Data Protection Law (hereinafter, the “Law”) and its Regulations, approved by Supreme Decree No. 003-2013-JUS, ‘personal data’ is understood to be all information about a natural person who identifies or makes oneself identifiable through means that can be reasonably used.
‘Personal data processing’ is understood as any technical operation or procedure, automated or not, that allows the collection, registration, organization, storage, conservation, preparation, modification, extraction, consultation, use, blocking, deletion, communication by transfer or by diffusion or any other form of processing that facilitates the access, correlation or interconnection of personal data.
ARBIO developed its Policy for the treatment of personal data in compliance with the guiding principles established in the Law mentioned below:
- Principle of legality: the collection of personal data of our users and/or customers by fraudulent, unfair or illegal means is rejected.
- Principle of consent: Consent will be obtained for the processing of personal data of our clients.
- Principle of purpose: The personal data of our clients will be collected for a specific, explicit and lawful purpose, and will not be extended to another purpose that has not been unequivocally established as such at the time of collection.
- Principle of proportionality: all processing of personal data of our clients will be adequate, relevant and not excessive for the purpose for which they were collected.
- Principle of quality: Personal data will be truthful, accurate and, as far as possible, updated, necessary, relevant and adequate with respect to the purpose for which they were collected.
- Principle of security: they will be kept in such a way that their security is guaranteed and only for the time necessary to fulfill the purpose of the collection.
ARBIO has the appropriate security measures in place in accordance for the treatment to be carried out, and the necessary technical, organizational and legal measures will be adopted to guarantee confidentiality of personal data.
4. Information on personal data
The client is informed and freely and voluntarily authorizes ARBIO to collect, store, preserve, access, use, delete or update their Personal Data for their activities in Peru. In that sense, the personal data to which ARBIO has access as a result of the services it provides or from completed forms, will be incorporated into the corresponding ‘Personal Data Bank’, forming the organized set of personal data of clients and visitors on the website created by ARBIO and registered in the National Registry for the Protection of Personal Data.
The personal data provided by clients will be treated with complete confidentiality and may only be known and handled by ARBIO staff who need to know said information to provide the services offered. ARBIO undertakes to keep professional secrecy regarding personal data and guarantees to maintain them with all necessary security measures. Authorization will not be necessary when the personal data is necessary for the execution of a contractual relationship in which the Personal Data Holder is a party.
If the registered data turns out to be inaccurate, in whole or in part, or incomplete, ARBIO may update and/or replace them with the corresponding rectified or completed data.
The personal data requested from clients through the different forms on the website are basic contact data and are adequate, relevant and not excessive in relation to the purpose for which they are collected.
5. Purpose of the processing of personal data
The client expressly authorizes ARBIO to use their data for the contracting of services, as well as for the development of commercial and marketing actions, whether of a general nature or adapted to their personal characteristics. Said actions may be carried out by email or other equivalent means of communication.
Personal data will be purged when they are no longer necessary for the purposes for which they were collected. However, they will be kept for as long as ARBIO may be held liable for this relationship with customers. Subsequent processing for historical, statistical or scientific purposes will not be considered incompatible.
6. Transfer of personal data nationally or internationally
The client authorizes the transfer of their data to companies at a national or international level (cross-border flow) related and/or associated with ARBIO in order to be able to properly manage and store the services requested by the clients and the subsequent procedures, in relation to the purpose indicated in the previous sections, extending to them the express authorization for their use. ARBIO guarantees the adequate level of protection of the personal data of the clients for the transfer of personal data, in accordance with a protection comparable to that provided by this Law or by international standards on the matter.
ARBIO declares that it uses third-party servers for the sending and storage of data banks by technological means, for which there will be cross-border flow with the companies: (i) Amazon Web Services, located in Seattle, USA (ii) Google Inc, located in California, USA and (iii) DonorBox, located in California, USA.
Likewise, ARBIO declares that it uses email marketing service providers; therefore it will carry out cross-border flow with MailChimp company located in Atlanta, GA, United States of America.
These personal data may also be communicated to administrative entities, judicial and/or police authorities, as long as it is established by law.
7. Advertising purposes
8. Security of personal data
In compliance with current regulations, the Information Security Directive approved by Directorial Resolution No. 019-2013-JUS / DGPDP of the National Authority for the Protection of Personal Data, ARBIO has adopted technical and organizational security and confidentiality measures appropriate to the category of personal data, necessary to maintain the required level of security, in order to avoid, as far as possible, the alteration, loss or unauthorized treatment or access that may affect integrity, confidentiality and availability of information.
However, the transmission of information through communication networks and the Internet is not totally secure; For this reason, and despite the fact that ARBIO will make its best efforts to protect personal data, it cannot guarantee their security during transit to the website. All the information that Internet clients provide by this means will be sent at their own risk.
9. Exercise of the Rights of Access, Rectification, Cancellation and Opposition
Internet users and/or clients who have provided personal data to ARBIO can contact us, in order to be able to exercise their rights to their information including its: access, update, inclusion, rectification and deletion, to prevent the purveying of their personal data, express their opposition to the treatment or objective treatment of the data, in the terms included in the current legislation. These rights may only be exercised by the owner of the personal data or his/her attorney, in accordance with the law.
In order to exercise these rights, users and/or clients should go to the following email address email@example.com, and place in the subject line: “Protection of Personal Data” and specify their data, proving their identity and the reasons for their request. Whoever signs the request must attach a simple copy of the documents that prove the identity of the owner (National Identity Document or equivalent document) or, where appropriate, that of the attorney-in-fact, as well as a simple copy of the power of attorney granted by notarial means when applicable.
Likewise, ARBIO informs its clients of the existence of administrative means to assert their rights to exercise before the National Data Protection Authority or before the Judicial Power for the purposes of the corresponding habeas data action.
To make any type of query regarding this Policy, you can contact the following email address: firstname.lastname@example.org
This Policy for the Treatment of Personal Data is published on September 30th, 2020.