Skip to main content

HANKE S.A.S. – E.S.P. is committed to protecting the privacy of individuals who visit its website and those who use its contact channels. Therefore, guarantees the protection of rights such as Habeas Data, privacy, intimacy, good name and image, for this purpose all actions will be governed by principles of good faith, legality, self-determination, freedom and transparency.

This Privacy Policy outlines the types of personal information HANKE S.A.S. – E.S.P. collects through its contact channels and how it is used, shared, and protected in compliance with the General Data Protection Regulation (GDPR). By means of this Privacy Policy, HANKE S.A.S. – E.S.P. would like to inform the general public of the nature, scope, and purpose of the personal data collected, used and processed. Furthermore, data subjects are informed, by means of this Privacy Policy, of the rights to which they are entitled.


The present Privacy Policy is based on the terms used by the General Data Protection Regulation (GDPR). Therefore, it should be legible and understandable for the general public. To ensure this, we allow ourselves to define the terminology used:

  • Personal data: all information associated with an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity.
  • Data subject: any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
  • Controller or responsible for the processing/treatment: natural or legal person, public or private, who, by themselves or in association with others, carries out the processing of personal data, and determines the purposes and means of the processing of personal data.
  • Third party: natural or legal person, public authority, agency or other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
  • Notice of Privacy: verbal or written communication generated by the controller addressed to the data subject for the processing of their personal data, through which they are informed about the existence of the Privacy Policies that will be applicable to them, the way to access them and the purposes of the treatment that is intended to be given to their personal data.
  • Databases: organized set of personal data that is subject to processing.
  • Private data: data that, due to its intimate or reserved nature, is only relevant to the data subject.
  • Public data: data that is not private or sensitive. Public data are considered, among others, data relating to the marital status of people, their profession or trade and their status as a merchant or public servant. Due to its nature, public data may be contained, among others, in public records, public documents, official newsletters, and duly executed judicial rulings that are not subject to confidentiality.
  • Sensitive data: those that affect the privacy of the data subject or whose improper use may generate discrimination, such as those that reveal racial or ethnic origin, political orientation, religious or philosophical convictions, membership in unions, social organizations, human rights or that promotes the interests of any political party or guarantees the rights of opposition political parties, as well as data related to health, sexual life and bio-metric data.
  • Processing/Treatment: any operation or set of operations on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or making available otherwise, alignment or combination, restriction or elimination.
  • Restriction of processing: marking of stored personal data with the aim of limiting their processing in the future.
  • Profiling: any form of automated processing of personal data, in particular to analyze or predict aspects concerning an individual’s characteristics, such as nationality, age, interests, socioeconomic situation, gender, etc., to make predictions or decisions about them.
  • Pseudonymization: processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable data subject.
  • Transfer: the transfer of data takes place when the controller of the processing of personal data sends the personal data to a recipient, who in turn is responsible for the processing of personal data.
  • Consent: any free, specific, informed and unequivocal manifestation of the will of the data subject by which they, by means of a declaration or a clear affirmative action, express their agreement with the processing of personal data that concerns them.
  • Claim: request for correction, updating or deletion of the information contained in the database used by the controller, or request for alleged non-compliance with any of the duties contained in the General Data Protection Regulation (GDPR), made by the data subject or their representatives.
  • Address: Servicio Nacional de Aprendizaje SENA. Carretera Central Variante Buga – Tulúa Buga, Colombia
  • Tax ID number (NIT): 901152818-8
  • General manager: Tobias Hanke
  • E-mail:
  • Website:
5.1. General data collection

The website collects a series of general data and information when a data subject or an automated system accesses the website. This general data and information is stored in the server log files. Data that may be collected:

  • Browser types and versions used.
  • Operating system used by the access system.
  • Website from which an access system reaches our website.
  • Sub-websites.
  • Date and time of access to the site.
  • Internet Protocol address (IP address).
  • Internet service provider of the accessing system.
  • Any other similar data and information that may be used in the event of attacks on our information technology systems.

When using these general data and information, HANKE S.A.S. – E.S.P. does not draw any conclusions about the interested party. Rather, this information is necessary to:

  • Deliver the content of our website correctly.
  • Optimize the content of our website.
  • Ensure the long-term viability of our information technology systems and technology of the website.
  • Provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack.

Therefore, HANKE S.A.S. – E.S.P. statistically analyzes the data and information collected anonymously, with the aim of increasing the protection and security of our company’s data, and ensuring an optimal level of data protection. Anonymous data from the server log files are stored separately from all personal data provided by the data subject.

5.2. Collection of data through Contact Form

When you use our Contact Form, we may collect the following types of personal information:

  • Name
  • Email address
  • Any other information voluntarily provided by you in the message

HANKE S.A.S. – E.S.P. collects this information for the following purposes:

  • To respond to your inquiries or requests submitted through the Contact Form.
  • To provide information about our products or services, if requested.
  • To improve our website and services based on the feedback and information received.

The individuals who use our Contact Form should provide truthful information about their personal data for the purposes of establishing an adequate relationship with HANKE S.A.S. – E.S.P., whether for the provision of services, or for compliance with its legal and/or contractual obligations.

HANKE S.A.S. – E.S.P. presumes the veracity of the information provided and does not verify, nor assumes the obligation to verify the identity of its clients, nor the veracity, validity, sufficiency and authenticity of the data that they may provide. Therefore, HANKE S.A.S. – E.S.P. does not assume responsibility for damages and/or losses of any nature that may arise from the lack of veracity, validity, sufficiency or authenticity of the information, including damages that may be due to homonyms or impersonation.


This Privacy Policy outlines how HANKE S.A.S. – E.S.P. treats and processes personal data in accordance with the General Data Protection Regulation (GDPR). Therefore:

  • The treatment will be lawfull and clear, ensuring that the processing aligns with the principles of fairness and transparency.
  • Personal data will be collected, stored, used and circulated only for as long as is necessary and reasonable in accordance with the purposes for which authorization is requested.
  • It will be only collected and processed personal data that is necessary for the specific purposes for which it was collected. Excessive or irrelevant information will be not processed.
  • Communications with commercial content will never expose email information of our clients.
  • Our database will not be sold, trade, shared or otherwise transfer to third parties for commercial purposes, except transfers for the purposes of responding to your requests or as required by law.

This Privacy Policy outlines the specific purposes for which HANKE S.A.S. – E.S.P. collects and processes personal data in accordance with the General Data Protection Regulation (GDPR). The personal data of clients in general are collected for the following purposes:

  • To respond to your inquiries, provide assistance, and address any specific requests or concerns you may have communicated through the Contact Form.
  • To process your orders, fulfill product or service requests, and facilitate transactions.
  • To promote and advertise our activities, products and services.
  • To comply with legal obligations and regulatory requirements. This includes meeting legal and regulatory standards, responding to lawful requests, and fulfilling obligations related to the protection of personal data.

The collection, storage, use, circulation or deletion of personal data by HANKE S.A.S. – E.S.P. requires the free, prior, express and informed consent of the data subject to carry out the processing of personal data. It will be understood that the authorization meets these requirements when it is expressed in writing, orally or through unequivocal conduct of the data subject that allows it to be reasonably concluded that the authorization was granted. In no case can silence be assimilated to unequivocal conduct.

HANKE S.A.S. – E.S.P., in its capacity as responsible for the processing of personal data, has provided the necessary mechanisms to obtain the authorization of the data subjects, guaranteeing in all cases that it is possible to verify the granting of said authorization. With the aforementioned authorization, the data subject accepts the policies and conditions established in this document.

The data subject’s authorization will not be necessary in the following cases:

  • Personal data is required by a public or administrative entity in the exercise of its legal functions or by court order.
  • It is data of a public nature.
  • The processing of personal data is authorized by law for historical, statistical or scientific purposes.
  • It involves data related to the civil registry of people.

The data subject will be able to grant HANKE S.A.S. – E.S.P. with the authorization for the use of their personal data through:

  • The consent check-box displayed at the Contact Form.
  • Unequivocal conduct of the data subject that allows it to be reasonably concluded that they have granted the authorization.

With the consented authorization procedure, in accordance with the General Data Protection Regulation (GDPR), it is guaranteed that the data subject has been made aware of both the fact that their personal data will be collected and used for certain and known purposes, and that they have the option of knowing any variation and specific use that has been given to them. The foregoing in order for the data subject to make informed decisions in relation to their personal data and control the use of their personal information.


Under the General Data Protection Regulation (GDPR), the data subject has the following rights regarding their personal information:

11.1. Right of confirmation

Each data subject shall have the right to obtain from the controller the confirmation as to whether or not personal data concerning them are being processed.

11.2. Right of access

Each data subject shall have the right to access, at any time, to their personal data stored by the controller, and to have a copy of this information.

11.3. Right to rectification

Each data subject shall have the right to rectify, with the controller, inaccurate or incomplete information concerning them. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

11.4. Right to erasure

Each data subject shall have the right to request the deletion of their personal data from the controller’s database where one of the following cases applies:

  • The personal data have not been treated in accordance with the principles, duties and obligations provided for in the General Data Protection Regulation (GDPR).
  • The personal data are no longer necessary in relation to the purposes for which they were collected or processed.
  • The period necessary to fulfill the purposes for which the personal data were collected has been exceeded.
  • The data subject withdraws consent to which the processing is based according to the GDPR, and where there is no other legal or contractual basis for the processing.
  • When it deems appropriate.
11.5. Right of restriction of processing

Each data subject shall have the right to request the restriction of the processing of their personal data where one of the following cases applies:

  • The data subject has requested the rectification of their personal data.
  • There is no legal or contractual basis for the processing, however the data subject opposes the erasure of their personal data and requests instead the restriction of its use.
  • The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
  • The data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.
11.6. Right to data portability

Each data subject shall have the right to receive and transfer their personal data between data controllers in a structured, commonly used, and machine-readable format. According to this, the right to portability will be effective when:

  • Applies to personal data that a data subject has provided to a data controller.
  • Encompasses data provided based on consent or for the performance of a contract.
11.7. Right to object

Each data subject shall have the right to object to the processing of their personal data. In this case, HANKE S.A.S. – E.S.P. shall no longer process their personal data, unless legitimate grounds for processing can be demonstrated, which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims.

When HANKE S.A.S. – E.S.P. processes personal data for direct marketing purposes, the data subject shall have the right to object the processing of personal data concerning them for such marketing. In this case, HANKE S.A.S. – E.S.P. will no longer process such personal data for marketing purposes.

In addition, the data subject has the right, based on their particular situation, to object the processing of their personal data by HANKE S.A.S. – E.S.P. for statistical or historical research purposes, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

11.8. Right to withdraw Privacy Policy consent

Each data subject shall have the right to withdraw their consent to processing of their personal data at any time.


Under the General Data Protection Regulation (GDPR), when a data subject wishes to exercise their rights, they may, at any time, contact HANKE S.A.S. – E.S.P.. The methods to exercise the rights of the data subject are the following:

12.1. Requests and consultations

In accordance with this Privacy Policy, clients of HANKE S.A.S. – E.S.P. and users of its website, can exercise their rights to know, update, rectify and delete their personal data, or to revoke the consent granted to HANKE S.A.S. – E.S.P. from the processing of their personal data, by sending their request to:

  • The E-mail
  • The website in the Contact section.
12.2. Claims

HANKE S.A.S. – E.S.P. guarantees the right to claim for the correction, update or deletion of data, or when the alleged breach of any of the duties contained in the General Data Protection Regulation (GDPR) and other applicable regulations is noted.

The claim will be processed under the following rules:

  • If the claim received does not have complete information that allows it to be processed, such as the identification of the data subject, the description of the facts that give rise to the claim, and documents that support the claim, the interested party will be notified so that they can complement it. If two months have elapsed from the date of the notification without the applicant presenting the required information, it will be understood that they have withdrawn the claim.
  • If for any reason HANKE S.A.S. – E.S.P. receives a claim that is not part of its jurisdiction, the interested party will be informed of this situation.
  • Once the complete claim is received, it will be included in the HANKE S.A.S. – E.S.P. Said claim will be valid until it is processed.
  • The maximum term to address the claim will be fifteen business days counted from the day following the date of receipt. When it is not possible to attend to it within such period, the interested party will be informed, before the expiration of the period, of the reasons for the delay and the date on which their claim will be attended to.
12.3. Information to guarantee the right to file claims

The request for rectification, update or deletion must be submitted through the means enabled by HANKE S.A.S. – E.S.P. indicated in its Privacy Policy, and contain, at a minimum, the following information:

  • Information and means of contact to receive the response such as name, telephone number, e-mail and residence address of the data subject.
  • Documents that prove the identity of the data subject or their representative.
  • Clear and precise description of the personal data which the data subject seeks to exercise any of the rights.
  • If necessary, other elements or documents that facilitate the location of personal data.
12.4. Complaint procedure before the respective entity

The data subject or representative may only file a complaint with the respective entity in charge of carrying out such process, once the consultation or claim process has been exhausted before HANKE S.A.S. – E.S.P., in accordance with the aforementioned procedures.


HANKE S.A.S. – E.S.P. will keep in mind, at all times, that personal data is the property of the people to whom it refers and that only they can decide about it. In this sense, their use will be only for those purposes for which they are duly authorized, and in all cases respecting the General Data Protection Regulation (GDPR).

In accordance, HANKE S.A.S. – E.S.P. undertakes to permanently comply with the following duties:

13.1. Duties regarding the data subject
  • Inform the data subject clearly and sufficiently about the purpose of the collection and the rights granted to them by virtue of the authorization granted.
  • Guarantee the data subject, at all times, the full and effective exercise of the right of Habeas Data, that is, knowing, updating or rectifying their personal data.
  • Inform at the request of the data subject about the use given to their personal data.
  • Process queries and claims made in the terms indicated in this policy.
  • Timely update, rectify or delete data.
  • Allow access to the information only to people authorized by the data subject or empowered by law for this purpose.
  • Inform the respective legal entity when violations of security codes occur and there are risks in the administration of the data subjects’ information.
  • Comply with the instructions and requirements issued by the General Data Protection Regulation (GDPR).
13.2. Duties regarding the quality, security and confidentiality of personal data
  • Observe the principles of quality, security and confidentiality in the terms established in the General Data Protection Regulation (GDPR).
  • Keep the information under the security conditions necessary to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access.
  • Update information when necessary.
  • Rectify personal data when appropriate.

In development of the security principle established in the General Data Protection Regulation (GDPR), HANKE S.A.S. – E.S.P. has implemented appropriate technical and organizational measures to ensure the security and confidentiality of your personal information. Consequently, security practices are periodically reviewed and updated to prevent unauthorized access, disclosure, alteration and destruction of data.

However, the data subject assumes the risks that arise from delivering their personal information in digital mediums such as the Internet, and having their data processed in digital databases, which may in principle have security gaps as cyber attacks, technical or technological failures, among others. Therefore, an absolute protection may not be guaranteed.


The website contains information that allows quick electronic contact with our company, as well as direct communication with us. If an interested party contacts HANKE S.A.S. – E.S.P. by means of an email or a Contact Form, the personal data transmitted by the interested party will be automatically stored. These personal data voluntarily transmitted by the interested party to HANKE S.A.S. – E.S.P. are stored for the purpose of processing them or contacting the interested party.


The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the legislators in laws or regulations to which the controller is subject to.

If the storage purpose is not applicable, or if a storage period prescribed by the competent legislator expires, the personal data must be blocked or erased in accordance with legal requirements.


The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment or the initiation of a contract.


The website uses cookies. Cookies are text files that are stored on a computer system through an Internet browser. Through the use of cookies, can provide the users of this website its use in a more user-friendly manner, which would not be possible without the cookie setting.

Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet sites and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified by the unique cookie ID.

Cookies also allow website users to be recognized. The purpose of this recognition is to make it easier for users to use the website. The website user that uses cookies does not need to enter their access data each time they enter the website, since these are taken by the website, so the cookie is stored on the user’s computer system. Another example is the cookie of a shopping cart in an online store. The online store remembers the items that a customer has placed in the virtual shopping cart using a cookie.

The data subject may, at any time, prevent the setting of cookies through by means of the corresponding configuration of the Internet browser used and, therefore, may permanently deny the installation of cookies. Furthermore, already installed cookies can be deleted at any time from the Internet browser or other software programs. If the user deactivates the setting of cookies in the Internet browser used, some functions of may not be accessible.

19. DATA COLLECTION THROUGH APPLICATIONS OR PLUGINS INTEGRATED INTO THE WEBSITE has integrated other applications or plugins to be able to offer its services and facilitate the user experience of this website.

Each application operates under its own privacy policies, which will be presented below:

19.1. Google Maps incorporates the Google Maps link from to visually display geographic information. When using Google Maps, Google also collects, processes and uses data about the use of map functions by visitors.

To learn more information about data processing by Google LLC and its privacy policies, visit:

19.2. Google reCAPTCHA

This site is protected by Google reCAPTCHA, a system that allows web servers to distinguish between human and automated access to websites.

To learn more about the terms and conditions of this service, please visit: Find more information about Google LLC‘s privacy policies at:

19.3. CookieYes GDPR Cookie Consent

CookieYes GDPR Cookie Consent is a plugin that facilitates compliance with the GDPR (General Data Protection Regulation) through a banner integrated into the website.

To learn more about the terms and conditions of this service, please visit:


HANKE S.A.S. – E.S.P. reserves the right to make modifications or updates to this Privacy Policy at any time, to address legislative developments, internal policies or new requirements for the provision or offering of its services or products.