Privacy Policy


BUENESTAR, in application of current regulations regarding the protection of personal data, informs that personal data will be treated in compliance with the provisions of articles 15 and 20 of the Political Constitution of Colombia, Law 1581 of 2012 and other regulations. regulatory and concordant, establishes the following Personal Data Protection Policy, which defines the general guidelines for the collection, treatment, storage, protection and administration of personal data legally obtained from Users and Professionals captured through the different information channels and stored in the Institution’s databases, subject to the treatment and protection of personal data. Taking into account that some of the personal data that is collected and shared, is data of minors and in accordance with article 7 of Law 1581, the parents of minors or their guardians act as their legal representatives, these will be in charge of generating a correct handling of the personal data of their represented.

In this privacy policy we describe how we collect your personal data and why we collect it, what we do with it, with whom we share it, how we protect it and your choices regarding the treatment of your personal data.

This policy applies to the processing of your personal data collected by the company for the provision of its services. If you accept the measures in this Policy, you agree that we treat your personal data as defined in this policy.


Commercial name: Buenestargroup Address: Cra 14 NO 127 69 E-mail: Cell phones: 3107698494 – 3102116087


In accordance with the provisions of article 3 of Law 1581 of 2012 and other concordant regulations, the following definitions will be taken:

a. Personal data: Any information linked or that can be associated with one or more specific or determinable natural persons.

b. Sensitive data: Sensitive data is understood to be that which affects the privacy of the Holder or whose improper use may generate discrimination, such as those that reveal racial or ethnic origin, political orientation, religious or philosophical convictions, membership in trade unions, social, human rights organizations or that promote the interests of any political party or that guarantee the rights and guarantees of opposition political parties, as well as data related to health, sexual life, and biometric data.

c. Public data: It is the data that is not semi-private, private or sensitive. Public data is considered, among others, data related to the marital status of people, their profession or trade and their quality as a merchant or public servant. Due to its nature, public data may be contained, among others, in public records, public documents, official gazettes and bulletins, and duly executed judicial decisions that are not subject to reservation.

d. Person in Charge of Treatment: Natural or legal person, public or private, that by itself or in association with others, performs the Treatment of personal data on behalf of the Person Responsible for Treatment.

e. Responsible for the Treatment: Natural or legal person, public or private, that by itself or in association with others, decides on the database and/or the Treatment of the data.

f. Owner: Natural person whose personal data is subject to Treatment.

g. Authorization: Prior, express and informed consent of the Owner to carry out the Processing of personal data.

h. Database: Organized set of personal data that are subject to Treatment.

i. Treatment: Any operation or set of operations on personal data, such as collection, storage, use, circulation or deletion.

j. Privacy Notice: Verbal or written communication generated by the Responsible, addressed to the Owner for the Treatment of their personal data, through which they are informed about the existence of the information Treatment policies that will be applicable, the way to access to them and the purposes of the treatment that is intended to give personal data.

k. Transfer: The transfer of data takes place when the Person in Charge and/or Person in Charge of the Processing of personal data, located in Colombia, sends the information or personal data to a receiver, who in turn is responsible for the treatment and is inside or outside from the country.

l. Transmission: Treatment of personal data that implies the communication of the same within or outside the territory of the Republic of Colombia when its purpose is to carry out a Treatment by the Manager on behalf of the Responsible.


We have always been committed to providing our services with the highest degree of quality, which includes treating your data with security and transparency. Our principles are:

  • Legality: We will collect your personal data for specific, explicit and legitimate purposes.
  • Data minimization: we limit the collection of personal data to what is strictly relevant and necessary for the purposes for which it was collected.
  • Purpose limitation: We will only collect your personal data for the stated purposes and only according to your wishes.
  • Accuracy: We will keep your personal data accurate and up to date.
  • Data security: we apply appropriate technical and organizational measures proportional to the risks to ensure that your data is not damaged, such as unauthorized disclosure or access, accidental or unlawful destruction or accidental loss or alteration and any other form of illicit treatment.
  • Access and rectification: you can request access or rectification of your data when you deem it appropriate.
  • Retention: We retain your personal data lawfully and appropriately and only as long as it is necessary for the purposes for which it was collected.
  • International transfers: when it is the case that your data is going to be transferred outside the country, it will be adequately protected.
  • Third parties: the access and transfer of personal data to third parties are carried out in accordance with the applicable laws and regulations and with the appropriate contractual guarantees.
  • Direct marketing and cookies: we comply with the applicable legislation regarding advertising and cookies.


The types of data that can be requested and processed are:

  • Identification data.
  • We also automatically collect data about your visit to our website as described in the cookie policy.

Whenever we request your personal data, we will clearly inform you of what personal data we collect and for what purpose. In general, we collect and process your personal data for the purpose of:

  • Provide information, services, products, relevant information and news in the sector.
  • Sending of communications.


In accordance with the applicable data protection regulations, your personal data may be processed provided that:

  • You have given us your consent for the purposes of processing. Of course you can withdraw your consent at any time.
  • By legal requirement.
  • Because there is a legitimate interest that is not undermined by your privacy rights, such as sending commercial information either by subscribing to our newsletter or by being a customer.
  • Because it is necessary for the provision of any of our services through a contractual relationship between you and us.


The data may be communicated to companies related to Buenestar for the provision of various services as data processors. The company will not make any assignment, except by legal obligation.


In accordance with the provisions of the Habeas Data Law, the owner of personal data has the following rights:

a. Be informed by the Person in Charge of the Treatment upon request, regarding the use that has been given to your personal data.

b. Know, update, delete or rectify your personal data in front of the Treatment Manager. This right may be exercised, among others, against partial, inaccurate, incomplete, fragmented, misleading data, or those whose Treatment is expressly prohibited or has not been authorized.

c. Free access to your personal data that has been processed.

d. Submit complaints to the Superintendency of Industry and Commerce for violations of the provisions of Law 1581 of 2012 and other regulations that modify, add or complement it. The personal data is the property of the Holders and only they can decide on them.

Additionally, you can exercise these rights by sending a motivated and accredited communication to


Any concerns, request (subtraction of data, rectification, update, consultation) complaint or claim associated with this policy or with the management, use and treatment of personal data delivered by users or professionals may be directed to the data processing manager of BuenEstar: through the following email


The requirements of this policy complement, and do not replace, any other existing requirements under the applicable data protection law, which will prevail in any case.

This policy is subject to periodic review and may be changed by the company at any time. When this occurs, we will notify you of any changes and ask you to re-read the most recent version of our Policy and confirm your acceptance.


After reading the Personal Data Processing Policy and if you agree, you can accept by means of a statement or a clear affirmative action, by marking a box provided for this purpose. If you do not provide your data or they are provided in an erroneous or incomplete way, it will be impossible to attend to your request.