01 611 4353
ENG ESP

Privacy Policy of the Wiese Foundation

This document sets forth the Privacy and Personal Data Protection Policy of the Augusto N. Wiese Foundation (hereinafter, the "Policy"), designed within the framework of Law No. 29733 – Personal Data Protection Law and its Regulations approved by Supreme Decree No. 016-2024-JUS, in order to ensure that the processing of personal data is carried out under the following essential commitments:

  • Confidentiality of the information provided by data subjects.
  • Lawful, fair, and responsible processing of personal data, in accordance with the respective purposes.
  • Application of organizational, technical, and legal security measures, according to the sensitivity of the data and the level of identified risk, in line with the provisions of the National Authority for Personal Data Protection (ANPD).

This Policy is expressed in the following terms:

1. Purpose:

The purpose of this Policy is to regulate the processing of personal data that the Augusto N. Wiese Foundation (hereinafter, the "Foundation") collects, uses, stores, and, where applicable, transfers, in compliance with Law No. 29733 – Personal Data Protection Law, its new Regulations approved by Supreme Decree No. 016-2024-JUS, the Information Security Directive (D.R. 019-2013-JUS/DGPDP), and other complementary provisions.

2. Owner of the personal data banks:

The Augusto N. Wiese Foundation, with RUC 20101887341, domiciled at Calle Las Camelias 185, Office 803, San Isidro, Lima, Peru. For any matter related to the processing of personal data, data subjects may contact info@fundacionwiese.org or call +51 (1) 611-4353.

3. Data banks:

The personal data banks managed by the Foundation include information about applicants, employees and former employees, suppliers, visitors and donors, website users, event registrants, project beneficiaries, and video surveillance material. The data provided by data subjects may be validated, supplemented, and/or updated by the Foundation from any other publicly accessible sources, in accordance with the provisions of the Personal Data Protection Law and other applicable regulations; such data will be incorporated into the Foundation's databases.

4. Retention period:

Data will be retained for as long as necessary under the law and/or insofar as it serves the purposes described below (purpose principle). Personal data collected through video surveillance, in accordance with Directive 01-2020-JUS/DGTAIPD, will be retained for a period of 30 days.

5. Purposes:

Personal data collected are processed to comply with legal, tax, and accounting obligations applicable to the Foundation, as well as for the following:

a) Employees (applicants, current and former employees): preparation and/or management of the employment relationship (application, job performance, evaluation, sanctions, termination) and volunteer activities.

b) Suppliers (bidders, current and former suppliers): management of the goods and services procurement process (identification, selection, contracting, termination, commercial references) and administration of the contractual relationship.

c) Donors (prospective, current, and former donors): register and update contact details; process and account for donations; issue receipts/certificates; monitor and report on future social programs.

d) Visitors to the El Brujo Archaeological Complex (La Libertad): management of visits; statistics; institutional marketing and promotion. Access to the complex, its digital platforms, and/or cultural, tourism, or educational services offered by the Foundation implies express acceptance of this Policy, as well as consent for the processing of personal data provided by the data subjects, either in person or digitally, always under the principles of legality, proportionality, purpose, consent, and data quality established in the applicable regulations.

e) Project beneficiaries: register and manage beneficiaries, verifying eligibility and community targeting, coordinating activities and transportation, and measuring results and impact, to develop programs aligned with the Foundation's purposes.

f) Event registrants: register and accredit participants; coordinate logistics and communications; measure satisfaction/impact; manage audiovisual material with consent; process payments, if applicable; fulfill legal obligations; and address ARCO rights, with the support of secure technology providers.

g) Video surveillance: physical and asset security.

Where individuals refuse to provide—or to allow the Foundation to maintain—their personal data, and such data are required to comply with legal obligations or do not require consent, the Foundation may obtain and maintain them in accordance with legal limitations.

6. Transfers:

The Foundation may transfer personal data to:

(a) Strategic partners, for the purpose of carrying out institutional programs, activities, and projects;

(b) Service providers, to enable IT services, cloud processing and storage, accounting, security, digital marketing, event organization, legal services, payroll management, and similar services; and/or to entrust the processing of personal data; both within and outside national territory. This will be done under contracts ensuring adequate protection standards. In cases of cross-border data flow, it will first be verified that the recipient country has a level of protection equivalent to that provided by law.

(c) Authorities and state entities, to comply with legal obligations and/or institutional agreements.

7. Security measures:

To safeguard data security, the Foundation applies legal, technical, and organizational measures aligned with the Information Security Directive approved by Directoral Resolution No. 019-2013-JUS/DGPDP, including access controls, encryption, backups, secure deletion policies, instructions and protection clauses, ongoing staff training and awareness, and procedures for notifying the National Authority for Personal Data Protection (ANPD) of incidents or security breaches.

8. Rights of personal data subjects:

Personal data subjects may exercise their rights to information, access, updating, inclusion, rectification, deletion, cancellation, objection, portability, objective processing, supplementation, protection, compensation, and other legally recognized rights, in accordance with current regulations. To do so, they must submit a written request or send an email using the contact details provided in this Policy, attaching a copy of their ID card or another official document. The Foundation will respond within the legal deadlines for each request, according to the corresponding right.

9. Representative:

The Foundation has designated Ms. Carmen Leticia López Elías as its representative for the purposes of this Policy and, in general, its personal data protection program. She is authorized to manage all communications, requests from data subjects, claims, complaints, or similar matters arising from administrative procedures. She can be contacted via info@fundacionwiese.org or at +51 (1) 611-4353.

10. Updates:

This Policy will be reviewed annually or whenever there are regulatory changes or substantial modifications in data processing. Any update or modification to this Policy will be communicated publicly through its publication on www.fundacionwiese.org/en/data-protection-policy

Last update: September 2025

Contact us

If you are interested in collaborating with the Wiese Foundation, we invite you to send us a message.

Phone : 01 611 4353