Last updated: November 18, 2025
Version: 1.0
ABDALLA SULEIMAN SIJAM, an individual merchant identified in the Colombian Tax Registry (RUT) with tax ID (NIT) 60354078-1, with a commercial establishment located at Avenida 4 No. 11–17 Local 3–99, Barrio Centro, Cúcuta, Norte de Santander, Colombia (hereinafter, the “Company”), acts as the Data Controller for the personal data of its customers, potential customers, users of the website www.sijamsleiman.com, suppliers, and any other individuals that interact with the Company.
This Policy applies to the personal data that the Company collects, stores, uses, circulates and, in general, processes in the development of its commercial activities and its physical and virtual store, in accordance with Law 1581 of 2012 and its regulatory decrees.
For the purposes of this Policy, the following definitions—aligned with Law 1581 of 2012 and Decree 1377 of 2013—apply:
Personal Data:
Any information linked or that can be associated with one or more determined or determinable natural persons.
Sensitive Data:
Information that affects the privacy of the data subject or whose improper use may lead to discrimination (e.g., health data, political or religious orientation, etc.).
Processing:
Any operation on personal data, such as collection, storage, use, circulation or deletion.
Data Controller:
The person who decides on the database and/or the Processing of personal data; in this case, the Company.
Data Processor:
The person who processes personal data on behalf of the Controller (e.g., technology providers, payment gateways, e-commerce platforms).
Data Subject:
The natural person to whom the personal data refers.
The Company commits to applying the principles established in Law 1581 of 2012 for the Processing of personal data, including:
Legality: Processing is regulated and carried out in accordance with the law.
Purpose: Data is processed for legitimate purposes, informed to the Data Subject.
Freedom: Processing requires prior, express and informed consent, except in legally authorized cases.
Truthfulness/Quality: Information must be truthful, complete, accurate, updated and understandable.
Transparency: The Data Subject may obtain information about their data at any time.
Restricted access and circulation: Processing is subject to limits based on the nature of the data and the law.
Security: Technical, human and administrative measures are adopted to protect data against unauthorized access or fraud.
Confidentiality: All persons involved in Processing must maintain confidentiality.
Depending on the relationship with the Company, the following types of data may be collected:
Identification data: name, surname, ID number, date of birth (when requested), gender (optional).
Contact data: address, city, phone number, email.
Transactional data: purchase history, products acquired, amounts, payment methods used (without storing full card numbers).
Website usage data: IP addresses, cookie identifiers, browsing logs, language preferences, country, ZIP code, among others (according to the Cookie Policy).
Identification and contact data provided in contact, registration or subscription forms.
Identification and contact data, contractual and banking information necessary for payments and contractual obligations.
The Company does not normally request sensitive data. If required, it will explicitly inform their sensitive nature and purpose, and will only process them with express consent and under legally permitted circumstances.
Personal data collected by the Company is used mainly for the following purposes:
Manage user registrations on the Website.
Process orders, sales, and product deliveries.
Manage payment methods, invoicing and sales receipts.
Coordinate shipping and returns with logistics companies.
Fulfill obligations arising from sales or service agreements.
Respond to inquiries, complaints and claims.
Manage warranties, exchanges and returns.
Maintain customer service records for monitoring and service improvement.
Send commercial communications related to the brand Sijam Sleiman / Baraka Couture (offers, promotions, news, event invitations) via email, SMS, WhatsApp or other digital means, with prior authorization from the Data Subject.
Perform basic customer segmentation and analysis of preferences and shopping habits.
The Data Subject may request removal from marketing lists or revoke authorization at any time.
Verify identity and prevent fraud, misuse or illegal activities related to the Website or transactions.
Manage information security incidents.
Fulfill tax, accounting and reporting obligations.
Respond to administrative or judicial requirements.
Under Law 1581 of 2012, Data Subjects have the following rights:
Access, update and correct their personal data.
Request proof of the authorization granted, when applicable.
Be informed about the use of their data.
File complaints with the Company and, if not resolved, with the Superintendence of Industry and Commerce (SIC).
Request deletion or revoke authorization when principles or legal rights are not respected, unless a legal or contractual duty prevents deletion.
Access their personal data for free at least once per month or whenever substantial changes to this Policy occur.
The Company undertakes to:
Guarantee the full and effective exercise of Data Subject rights.
Request and store authorization records when required.
Clearly inform the purposes of Processing.
Keep data under secure conditions to prevent unauthorized access or alteration.
Update or correct data when necessary.
Manage inquiries and claims within legal deadlines.
Inform Data Processors about their obligations.
Comply with instructions from the Superintendence of Industry and Commerce.
The Company collects and processes personal data only with prior, express and informed consent, except in legally authorized exceptions (public data, judicial requests, etc.).
Authorization may be obtained through:
Physical or digital forms (registration, purchase, contact forms).
Acceptance of the Website’s terms and conditions.
Voluntary subscription to newsletters or mailing lists.
Any mechanism that allows maintaining evidence of consent.
For data obtained through cookies or similar technologies, consent is managed according to the Website’s Cookie Policy.
For its operations, the Company may share personal data with third parties acting as Data Processors, including:
E-commerce platform providers.
Hosting and infrastructure providers.
Payment gateways and financial institutions.
Shipping and logistics companies.
Email marketing, SMS or instant messaging service providers.
Accounting, legal and consulting partners.
The Company will:
Sign data transmission agreements or include confidentiality and security clauses in contracts.
Verify, as reasonably possible, that these third parties comply with adequate data protection standards, even if located abroad.
Ensure that international data transfers comply with Colombian regulations and, when required, obtain authorization from the Data Subject.
Data Subjects may exercise their rights through:
Email: [email protected]
Physical address: Avenida 4 No. 11–17 Local 3–99, Barrio Centro, Cúcuta, Norte de Santander, Colombia
Will be answered within 10 business days of receipt. If more time is needed, the Company will inform the requester and respond within an additional 5 business days.
Must include:
Identification of the Data Subject.
Description of the facts.
Contact information and supporting documents.
If incomplete, the Company will request corrections within 5 business days.
If the requester does not respond within 2 months, the complaint is considered withdrawn.
Complete complaints will be resolved within 15 business days, extendable by 8 additional days with prior notice.
The Company does not intentionally target products or services to minors. If minors’ data is ever processed, it will only occur when:
The data is public, or
Processing serves the best interest of the minor and has authorization from legal guardians.
The Company adopts technical, administrative and physical measures to protect data from unauthorized access, use or alteration.
Data is retained for the time necessary to fulfill its Processing purposes and any additional legal or tax retention periods. After this period, data will be deleted or anonymized.
The Company may update this Policy at any time to reflect legal changes, authority requirements or internal Process adjustments.
Significant changes will be announced on the Website and, when required, new authorization will be requested.
The current version will always be available on www.sijamsleiman.com.
