Privacy and Habeas Data

PERSONAL DATA PROCESSING AND PROTECTION POLICY (Habeas Data)

OMNICON is committed to the protection of personal data.

Therefore, through its Personal Data Processing Policy, Omnicon guarantees the intimacy, privacy rights and good name of individuals, applying in a harmonious and comprehensive manner the principles of purpose, freedom, veracity or quality, transparency, access and restricted circulation, security and confidentiality.

All persons who provide personal data to Omnicon will be able to know it, update it, rectify it, delete it or revoke the authorization previously granted.

PURPOSE OF THE POLICY

The purpose for which the personal data is managed and processed will be completely adjusted to the law; OMNICON treats the personal data of the Holders, for its own use with the purposes that were requested or by requirements of public entities. The Personal Data of the Holders are used by OMNICON to:

• Execute the commercial, operational and/or administrative activities of OMNICON, aimed at fulfilling its corporate purpose.

• Send the information to government entities by legal requirement.

• Consult information on the restrictive lists, control lists (National and International Lists), information centers, Clinton List, Attorney General’s Office, Comptroller’s Office, National Police, among other related media; to detect possible associations of natural and/or legal persons linked to Money Laundering and Terrorist Financing activities.

• Support external and internal audit processes.

• For the execution of judicial and extrajudicial processes in the cases permitted and required by law.

• For verification of references of employees, suppliers and/or active clients in the databases.

Personal Data will be used by Omnicon for the purposes indicated in this Policy, therefore, OMNICON will not sell, license, transfer or disclose Personal Data, except that:

• The Holder expressly authorizes to do so.

• The Holder’s information is related to a merger, consolidation, acquisition, divestment or other restructuring process of OMNICON.

• Is permitted by law.

This Policy determines:

1. The administrative structure of OMNICON for the adoption and implementation of policies consistent with Law 1581 of 2012 and other pertinent regulations.

2. The adoption of internal mechanisms to put these policies into practice including implementation tools, training and education programs.

3. The adoption of processes for the attention and response to queries, requests and claims of the Holders, with respect to any aspect of the treatment.

SCOPE OF THE POLICY

OMNICON’s Personal Data Protection Policy will apply to all databases and/or files that contain personal data, which for OMNICON is subject to Treatment as the person responsible and/or in charge of processing personal data. The most representative owners of this information are customers, employees, suppliers and visitor.

The processing of personal data must be done in the terms, conditions and scope of the owner’s authorization and/or in application of the special rules when any legal exception to do so is appropriate.

RESPONSIBLE FOR THE PROCESSING OF PERSONAL DATA.

On behalf of OMNICON, the Administrative Area will be responsible for processing personal data, with offices in: Plasa Salomia located at Carrera 6 N°45-120 and Zonamerica located at CALLE 36 128 321, both in the city of Santiago de Cali -Colombia, with contact telephone number (1) 6203555 and email: administracion@omnicon.co

VALIDITY OF THE POLICY.

The Policy is effective from the date of its publication and leaves without effect the other institutional provisions that are contrary to it. All information not contemplated in this policy will be regulated in accordance with the General Data Protection Regime.

Any additional concern you can write to us at Administracion@omnicon.co, the messages will be answered as soon as possible.

Below, you can download and fully understand the Personal Data Processing Policy.

https://p2fb08.p3cdn1.secureserver.net/wp-content/uploads/Politica-de-Tratamiento-de-Datos-Personales.pdf