PERSONAL DATA PROCESSING POLICY

PAXI PATH – Health & Wellbeing Experiences

1. Purpose

This Personal Data Processing Policy establishes the principles, purposes, and procedures applied by PAXI PATH for the collection, use, storage, circulation, and protection of personal data, in accordance with Colombian data protection regulations and applicable international standards.

2. Scope

This Policy applies to all personal data collected and processed by PAXI PATH through its website, digital forms, communication channels, and operational activities, including data provided by users, partners, and stakeholders.

3. Responsible Party

Responsible for Data Processing:
PAXI PATH
Health & Wellbeing Experiences
Country of operation: Colombia
Email: care@paxipath.com

PAXI PATH acts as the Data Controller for the purposes described in this Policy.

4. Definitions

For the purposes of this Policy:

  • Authorization: Prior, express, and informed consent granted by the Data Subject for the processing of personal data.

  • Personal Data: Any information associated with or identifiable to a natural person.

  • Sensitive Data: Data that affects the intimacy of the Data Subject or may generate discrimination, including health-related information.

  • Data Subject: The natural person whose personal data is processed.

  • Processing: Any operation performed on personal data, such as collection, storage, use, circulation, or deletion.

5. Legal Framework

This Policy is governed by, among others:

  • Colombian Constitution, Article 15

  • Law 1581 of 2012

  • Decree 1377 of 2013

  • Other applicable regulations on personal data protection

6. Principles Governing Data Processing

PAXI PATH applies the following principles:

  • Legality: Data processing is conducted in accordance with applicable law.

  • Purpose Limitation: Data is processed for specific, explicit, and legitimate purposes.

  • Freedom: Data processing is carried out only with the prior authorization of the Data Subject, except where legally exempt.

  • Transparency: Data Subjects may obtain information about the processing of their data at any time.

  • Data Minimization: Only data strictly necessary for the stated purposes is collected.

  • Security: Appropriate technical and organizational measures are adopted to protect personal data.

  • Confidentiality: All personal data is treated as confidential.

7. Types of Data Collected

PAXI PATH may collect:

  • Identification data (name, email, phone number)

  • Contact information

  • Country or city of residence

  • Information voluntarily provided through forms or communications

  • Limited health-related information strictly necessary for orientation purposes, when expressly authorized

PAXI PATH does not provide medical services directly and does not process clinical records.

8. Purpose of Data Processing

Personal data collected by PAXI PATH is used for the following purposes:

  • Responding to information requests and inquiries

  • Initiating and managing conversations related to wellbeing experiences

  • Providing professional orientation and follow-up communication

  • Coordinating with carefully selected partners, when applicable and authorized

  • Improving service quality and user experience

  • Complying with legal and regulatory obligations

Personal data will not be used for purposes other than those stated without prior authorization.

9. Processing of Sensitive Data

Sensitive data, including health-related information, is processed only when:

  • The Data Subject has given explicit authorization

  • The data is strictly necessary for orientation or coordination purposes

  • Legal exceptions apply

The Data Subject is not required to authorize the processing of sensitive data.

10. Data Subject Rights

Data Subjects have the right to:

  • Access their personal data

  • Request correction, update, or deletion

  • Revoke authorization for data processing

  • Request information about how their data is used

  • File complaints with the Colombian Superintendence of Industry and Commerce, after prior consultation with PAXI PATH

11. Procedures to Exercise Rights

Requests may be submitted via email to care@paxipath.com and must include:

  • Full name of the Data Subject

  • Contact information

  • Description of the request

  • Proof of identity, if required

Requests will be addressed within legally established timeframes.

12. Data Security

PAXI PATH implements reasonable technical, administrative, and organizational measures to protect personal data against unauthorized access, loss, alteration, or misuse.

13. Data Retention

Personal data is retained only for as long as necessary to fulfill the stated purposes or comply with legal obligations, after which it is securely deleted or anonymized.

14. Amendments

PAXI PATH reserves the right to update this Policy at any time. Changes will be communicated through the website.

15. Effective Date

This Policy is effective as of the date indicated above.

Contact

Get in touch for your wellness journey

Email

Phone

care@paxipath.com

+57 300 5617726

© 2025.

links

Personal Data Processing Policy