MANUAL – PROCEDURE FOR ASSISTING APPLICATIONS FOR THE EXERCISE OF ARCOi RIGHTS
TORRES and TORRES LARA & ASSOCIATES LAWYERS ([NUEVA-RED])
The purpose of this Manual is to inform the workers, suppliers, customers, users of the website and the general public, the procedure that will be followed by the application (Form N° 1) made by a natural person that requires the exercise of access rights, rectification, cancellation or opposition (ARCO), with respect to the information of which it is the owner and that is contained in the [NUEVA-RED] personal data banks owned by Torres and Torres Lara & Associates (hereinafter, TYTL).
LEGITIMACY TO EXERCISE ARCO RIGHTS
The exercise of rights can be carried out:
1. By the holder of personal data, proving his identity and presenting a copy of the National Identity Document or equivalent.
2. By legal representative accredited as such.
3. By a representative expressly empowered to exercise the right, attaching a copy of his or her ID or equivalent document, and the title that proves the representation.
* If you are the owner or representative of the owner of the personal data, you must fill out Form N° 1, so that you can exercise your ARCO rights. If the Form N° 1 is downloaded via web, filled out and sent electronically, the scanned ID must be attached as a file. The same applies to the case of the title that proves the representation of a person other than the owner of the personal data.
REQUIREMENTS OF THE APPLICATION (Form N° 1)
The request must be addressed to the TYTL Security Officer and the following information must be recorded:
1. Names and surnames of the holder of the right and accreditation of the same (by ID), and in the case of his or her representative, the same (ID), plus the document that accredits him or her as such.
2. Specific request that gives rise to the request.
3. Domicile and / or email, for the purposes of the corresponding notifications.
4. Date and signature of the applicant.
5. Documents supporting the request, if applicable.
RECEPTION, SUBSANATION OF THE APPLICATION AND ADDITIONAL INFORMATION REQUIREMENT
All requests submitted will be received by the Security Officer of TYTL, with proof of receipt by electronic communication or charge. In the event that the request does not meet the requirements mentioned above, TYTL, within a period of 5 days from the day after receipt of the request, will make observations for breach that can not be saved ex officio. The person making the request will have a maximum period of 5 days to correct them. Once the indicated period has elapsed without the rectification occurring, the application shall be deemed not filed.
In the event that the information provided in the application is insufficient or erroneous in a way that does not allow your attention, TYTL may require, within 7 days of receiving the request, additional documentation to the owner of the personal data to attend it.
Within 10 days of receipt of the request, counted from the day after receipt of the request, the owner of personal data will accompany the additional documentation deemed appropriate to support your request. Otherwise, this request will be deemed not filed.
COST OF APPLYING PROCESS
The exercise by the owner of personal data of their rights ARCO, has no cost. The application and the procedure are free.
FORM OF RESPONSE
TYTL, through its Security Representative, will respond in the manner and terms described in this Manual, which respect the provisions of the Personal Data Protection Law Regulations. All requests will be answered, regardless of whether or not personal data of the owner of the same appear in the personal data bank.
TYTL, in your answer, will refer only to those data that have been specifically indicated in your request. Both the request by the owner of the personal data, as well as the response by TYTL must be presented in a clear, legible, understandable and easily accessible.
TYTL has a Security Officer who will be in charge of the duty to respond to your request.
RIGHTS TO BE EXERCISED BY THE PERSONAL DATA HOLDER
Right of access
The owner of personal data has the right to obtain information about himself or herself that is subject to treatment in the personal data bank of TYTL, the form in which they were collected, the reasons that motivated their collection and at the request of whom the collection was made, as well as the transfers made or expected to be made of them. This right, as it is understood, must be exercised in case the owner does not know how his or her data is in the personal data bank of TYTL without his or her consent. If the person has given their consent, it is presumed that they have accepted and know the reasons why their data are in the TYTL personal data bank.
Right of Rectification
It is the right of the holder of personal data to modify the data that prove to be inaccurate, erroneous or false. The rectification request must indicate to which personal data it refers, as well as the correction that must be made in them, accompanying the documentation that supports the origin of the rectification requested. You can also request, by rectification, the update and / or incorporation of new data to the TYTL personal data bank, accompanying the documentation that supports the provenance and interest founded for it.
Right of Cancellation
The holder of the personal data may request the deletion or cancellation of your personal data bank TYTL personal data when they are no longer necessary or relevant for the purpose for which they were collected, when the deadline for its treatment, when it has revoked its consent and in the other cases in which it is not being treated according to the Law, the Regulation and the purposes for which it gave its consent.
The request for deletion or cancellation may refer to all the personal data of the person contained in the personal data bank or only to some part of them. The deletion or cancellation will not proceed when the personal data must be preserved by virtue of statistical reasons, by mandate of some Law or according to the contractual relations between the person responsible and the owner of the personal data, which justify the treatment of them.
Right of Opposition
The owner of personal data has the right to not carry out the processing of their personal data or to cease it, when they have not given their consent for its collection because they were taken from the source of access to the public.
Even if you have given your consent, the owner of personal data has the right to object to the processing of your data, if it proves the existence of well-founded and legitimate reasons related to a specific personal situation that justify the exercise of this right. In case the opposition is justified, TYTL will proceed to the cessation of the treatment that has given rise to the opposition.
APPLICATIONS AND RESPONSE TERMS
Access Request
The maximum term for the answer by TYTL before the exercise of right of access, will be 20 days counted from the day following the presentation of the request by the owner of the personal data.
If the request is estimated, TYTL will proceed to issue the requested information to the applicant.
Request for Rectification, Cancellation or Opposition
In the case of the exercise of these rights, the maximum response time of TYTL will be 10 days counted from the day following the presentation of the corresponding request.
Extension of Deadlines
The corresponding deadlines for the response or attention of the ARCO rights may be extended once, and for a maximum period of time, as long as the circumstances justify it.
The justification of the extension of the term must be communicated to the owner of the personal data within the term that is intended to be extended.
The total or partially negative response by TYTL to the request of any right of the owner of personal data, must be duly justified.
ADMINISTRATIVE INSTANCE – GENERAL DIRECTORATE OF PERSONAL DATA PROTECTION
In case the answer is totally or partially negative by TYTL and this is not duly justified, the owner of the personal data is assisted by the right to appeal to the General Directorate for the Protection of Personal Data claiming, in the terms established by Law, to exercise their ARCO rights.
In order to be assisted by the administrative instance and initiate the guardianship procedure by it, the owner of the personal data must, obligatorily, have first resorted to TYTL and have obtained from him or her a total or partially negative response within the established timeframe and indicated in this Manual, since it is an essential requirement that, in order to request a guardianship before the administrative instance, the request has been previously submitted to the owner of the personal data bank.
Legal base:
Law on Protection of Personal Data – Law No. 29733
Regulation of the Law on Protection of Personal Data – Supreme Decree No. 003-2013-JUS (Chapter I of Title IV of the Regulations, articles from 47 to 59)
i Access, Rectification, Cancellation and Opposition