GRIO SA, with Tax Identification Number 20602769136 (hereinafter referred to as “The Company”), located at Av. Circunvalación Golf Los Incas 134, Santiago de Surco, makes its Privacy Policy available to web users visiting the website www.gr-am.com, in compliance with Law No. 29733, the Law on Personal Data Protection (hereinafter referred to as the “LPDP”), its Regulations approved by Supreme Decree No. 016-2024-JUS (hereinafter referred to as the “Regulations”), and related complementary norms.
This Privacy Policy explains the types of personal data we collect, the purposes of its processing, the retention period in our private data bank, the security measures implemented, and the procedure for web users to exercise their rights as data subjects.
The Company collects the following information from web users: full name, company, and email address. This information will be stored in our Personal Data Bank, “Web Users,” registered with the National Registry for Personal Data Protection for a period of two (2) years or until the data subject requests, through the exercise of the right of cancellation, to revoke their consent for data processing.
The data subject also has the right to be informed in a detailed, simple, express, unequivocal, and prior manner about the purpose for which their personal data will be processed. The Company explicitly declares that it does not share or sell personal information to third parties without user consent, except as legally required or for essential business operations. The collected data will only be used for the purposes outlined below and will not be transferred, sold, or shared for commercial purposes without prior authorization.
The personal data provided by web users through the online platform will be used for the following purposes:
To fulfill the aforementioned purposes, The Company may share personal data strictly for essential business operations and only with third parties necessary to achieve those purposes. These third parties will not use personal data for any other purposes without user consent, and appropriate security measures will be applied to protect personal data in compliance with the LPDP and its Regulations.
Third-party recipients of personal data may include:
This information will be continuously updated in this online Privacy Policy and will remain available for consultation at any time.
As data subjects, web users have the right to access their data held by The Company, learn about its processing, rectify inaccuracies or incomplete information, and request the deletion or cancellation of data when deemed unnecessary for the stated purposes, or oppose its processing for specific purposes.
Web users may, at any time, revoke their consent and limit the use or disclosure of their data. The Company recognizes and guarantees the right to information and the rights of access, rectification, cancellation, and opposition (ARCO rights) granted to web users as data subjects.
To exercise these rights, data subjects should submit a request to The Company via email at contacto@gr-am.com.
The request should include:
Data subjects must provide proof of identity (e.g., copy of their ID). If submitted by a legal representative, proof of representation and a copy of their ID must also be included.
The response time for requests is:
These deadlines may be extended once for an equal period, provided circumstances justify it. Any extension and its justification will be communicated to the data subject within the original timeframe.
Data cancellation requests may not be granted if The Company must retain the data for historical, statistical, scientific, contractual, or legally mandated purposes.
If ARCO rights or the right to information are denied or not addressed within the specified timeframe, web users may file a complaint with the National Authority for Personal Data Protection under the Ministry of Justice and Human Rights: Calle Scipion Llona 350, Miraflores, Lima, Peru.
Web users can opt out of receiving communications, including text messages, at any time by following the cancellation instructions provided in communications or contacting us at contacto@gr-am.com. The Company will process such requests promptly and in compliance with applicable laws.
The Company implements technical and organizational security measures to protect the personal data of web users from unauthorized access, loss, misuse, alteration, or disclosure. These measures include encryption of sensitive information, secure storage systems, access control policies, and regular monitoring of systems to detect vulnerabilities. While we strive to safeguard your personal data, no system can be completely secure, and we cannot guarantee absolute protection against all risks.
The Company recognizes that web users may be between 14 and 18 years old, and in such cases, data processing will require their consent, provided the information is presented in a comprehensible manner. Where the law requires parental or guardian intervention, it will be duly adhered to.
Consent for processing minors’ data will not be granted for activities or services restricted for their age.
To improve our processes, The Company may modify or update this Privacy Policy to align with regulatory changes, adopt best practices, enhance service quality, or communicate new alternatives. Users are encouraged to review these terms periodically to stay informed about any changes and their implications for their data.
Supported by:
2024 © All rights reserved | InfraCorp