Privacy policy

In our country, the law that applies to per­sonal informa­tion is the pro­tec­tion of per­sonal data (Number 19,628), in force since August 1999, with changes in the years 2002 and 2011.[1]

The pro­ces­sing of per­sonal data (if any ope­ra­tion or complex of ope­ra­tions or technical pro­cedures, automated or not, that allow to collect, store, record, orga­nize, pro­cess, select, extract, compare, inter­connect, disso­ciate, com­mu­nicate, yield, transfer, transmit or cancel per­sonal data, or use them in any other form.) can only be done if the person aut­ho­rizes, prior know­ledge of the pur­pose for which the data is mai­n­tained and the pos­si­bility of making it public. Both the aut­ho­riza­tion and the revo­ca­tion of the aut­ho­riza­tion must be done in writing. No aut­ho­riza­tion is necessary if the data can be found in a public register when they are of an eco­nomic, financial, banking or commer­cial nature, they are con­tained in lists related to a category of per­sons that are limited to indica­ting informa­tion such as the individual's membership. That group, their pro­fes­sion or activity, their educa­tional quali­fica­tions, neither addresses or date of birth, or are necessary for commer­cial com­mu­nica­tions of direct response or commer­cializa­tion or direct sale of goods or services, nor is aut­ho­riza­tion required for the exclusive private use of compa­nies.

Whoever is responsible for the data pro­ces­sing (or responsible for the regi­s­t­ra­tion), can transmit the data they own to third par­ties, wit­hout the need for human interven­tion, when a) the rights of the per­sons whose informa­tion is in the data are guarded and b) the trans­mis­sion is related to the tasks and pur­poses of the partici­pa­ting orga­niza­tions. For the trans­mis­sion to be made, you must have the fol­lowing informa­tion:

a) The individualiza­tion of the requesting party;

b) The reason and pur­pose of the request (this is important for the third party, because only the informa­tion granted for the indicated reason can be used), and

c) The type of data that is trans­mitted.

The owner of the data is the one who declares the admis­si­bility of sending the data. The rule does not apply if the informa­tion is acces­sible to the public or trans­mitted to inter­na­tional orga­niza­tions in the case of trea­ties.

The data must be elimi­nated, in a secure manner, when it lacks a legal basis or has expired (mea­ning the one that has lost relevance due to the pro­vi­sion of the law, the fulfill­ment of the condi­tion or the expi­ra­tion of the period indicated for its validity. or, if there is no express norm, due to the change in the facts or cir­cum­stances that it sets forth). They have to be modi­fied if they are erroneous, inaccu­rate, equivocal or incomplete. And they have to be blo­cked (that is, the temporary sus­pen­sion of any pro­ces­sing ope­ra­tion of the stored data, which means that they cannot be ope­rated in any way) the data whose accu­racy cannot be estab­lished or whose validity is doubtful and with respect to the cancella­tion does not cor­respond. All the above must be done by the owners of the data.

People who have a job in rela­tion to per­sonal data must keep secret about these data, unless they are public know­ledge, this obliga­tion does not cease once the employ­ment rela­ti­onship ends.

The data must be used only for the pur­poses for which they were collected, unless they are obtained or come from public access sources, all informa­tion must be accu­rate and real.

Sen­si­tive data cannot be treated (these are per­sonal data that refer to the phy­sical or moral cha­racte­ristics of people or to facts or cir­cum­stances of their private life or privacy, such as per­sonal habits, racial origin, ideo­logies and political opi­nions , reli­gious beliefs or con­vic­tions, phy­sical or mental health states and sexual life.)

The owner of the per­sonal data of third par­ties must be diligent, being responsible for the damages caused by their lack of diligence.

Eve­r­yone has the right to demand informa­tion from the person responsible for their tre­at­ment, the informa­tion they have about it, its origin, its pur­pose and the orga­niza­tions or compa­nies that had access to them. Ano­ther right that people have is to request the modi­fica­tion, blo­cking or cancella­tion of the per­sonal data collected, in the cor­responding cases, being an addi­tional cause to those already indicated, the fact that they are used for commer­cial com­mu­nica­tions and do not wish to con­tinue appea­ring in the respec­tive regi­stry, whe­ther defini­tively or tempora­rily; When these modi­fica­tions or cancella­tions are made, a free copy must be given to the person with the updated informa­tion, in addi­tion to the data pro­cessor, if you sent these inaccu­rate data to third par­ties, you must notify them of its modi­fica­tion as soon as pos­sible, if you know the third par­ties, giving informa­tion to them in a per­sonal way, if they did not know them, giving public notice, this right is inali­enable for the par­ties. Likewise, people have the right to obtain a free half-yearly copy of the data that the treater has in their pos­ses­sion.

Modi­fica­tion, blo­cking or cancella­tion cannot be requested in the fol­lowing cases:

a) When this prevents or hinders the proper per­formance of the auditing func­tions of the required public body, or

b) Affect the reserva­tion or secret estab­lished in legal or regulatory pro­vi­sions, the national secu­rity or the national interest; or

c) The data stored by legal man­date, outside the cases con­tem­plated in the respec­tive law.

If the person responsible for the data does not respond to the request, within 2 days of request, or refuses for rea­sons other than national secu­rity, the person can go to the court of letters to request the modi­fica­tion. The request will be noti­fied by cedula, and the data pro­cessor has 5 days to answer and give all the evidence, if it does not have it in its power, it can request that a hea­ring be held to take the test. Sub­sequently a judg­ment will be handed down, on which recourse of appeal is made, within the period of 5 days from the noti­fica­tion, on appeal no appeal of cas­sa­tion. If accepted, a deadline for compli­ance will be given and the controller can be fined with a fine of 1 to 10 UTM, if not complied with, a fine of 2 to 50 UTM[2] will be imposed.

The responsible party shall be liable for all damages caused by the improper tre­at­ment, in addi­tion to orde­ring its modi­fica­tion, blo­cking or cancella­tion, and the judge may take the measures to pro­tect the rights, the compen­sa­tion shall be determined by the judge.[3]

[1] (online)  Library of Chilean Congress, Law 19628.

[2] (online)
Monthly Tax Unit (UTM): Unit defined in Chile that cor­responds to an amount of money expressed in pesos and determined by law, which is updated perma­nently by the Con­sumer Price Index (CPI) and is used as a tax measure.

[3] This report was made by Álvaro Morales Cabezas, a lawyer with a degree from the Catholic Univer­sity of the Most Holy Concep­tion

14. Analysis by WiredMinds

Our website uses counting pixel technology provided by WiredMinds GmbH ( to analyze visitor behavior. In connection with this, the IP address of the visitor is processed. The processing occurs only for the purpose of collecting company based information such as company name, for example. IP addresses of natural persons are excluded from any further processing by means of a whitelist. An IP address is not stored in LeadLab under any circumstances.

While processing data, it is our outmost interest to protect the rights of natural persons. Our interest in processing data is based on Article 6(1)(f) GDPR. At no time is it possible to draw conclusions from the collected data on an identifiable person.

WiredMinds GmbH uses this information to create anonymized usage profiles of the visit behavior on our website. Data obtained during this process is not used to personally identify visitors of our website.