Personal data is considered to be any information concerning natural, identified or identifiable persons.
Cookies are files that contain a small amount of information collected by a given website about the users, which is stored in the browser used by each user, and is available to be consulted by the website when the user accesses it.
This document contains the legal mentions or references that will serve to regulate the conditions under which the site or web page collects, manages and retains ("treats") the personal data of users who access, browse and use the site or web page.
This document also describes the rights of users (e.g. to know if the website is processing their data, right to have their data corrected or deleted, where applicable) and the obligations of the website in relation to the processing of their personal data.
In the event that you wish to prepare a document containing all the rules governing the interaction of users with the content that the website itself makes available, with the products and/or services offered on it, and with the identification of the persons responsible for the site, the following model is available and better adapted to this circumstance general terms and conditions of use.
European Data Protection Regulation (GDPR)
The European Data Protection Regulation (GDPR) is the international regulation that has been in force in the European Union since 2018, in relation to the protection of personal data, and has become a standard or model, even for countries that are not part of the European Union.
In addition, the GDPR itself establishes that this regulation should be applied, in certain circumstances, to the processing of personal data of individuals residing in the Union, even when such processing is carried out outside its borders.
Although it has no direct application in Chile, some of its elements have been incorporated into this model, which are in harmony with or do not contravene national regulations, and which allow websites to offer privacy policies in line with international standards.
Specifically, it incorporates the principles relating to data processing and the rights of users derived from the processing of their personal data.
The applicable principles are:
- Lawfulness, fairness and transparency: the consent of the user will be required at all times after full transparent information of the purposes for which the personal data is collected.
- Purpose limitation: personal data will be collected for specified, explicit and legitimate purposes.
- Data minimization: the personal data collected will be only those strictly necessary in relation to the purposes for which they are processed.
- Accuracy: personal data must be accurate and will always be updated.
- Limitation of the storage period: personal data will only be kept in a form that allows the identification of the user for the time necessary for the purposes of its processing.
- Integrity and confidentiality: personal data will be treated in a way that guarantees its security and confidentiality.
- Proactive responsibility: the person responsible for the processing shall be responsible for ensuring that the above principles are complied with.
The rights granted to users are as follows:
- Right of access: to know whether or not the website is processing your personal data.
- Right of rectification: to have your personal data modified, in the appropriate cases.
- Right of deletion ("the right to be forgotten"): to obtain the deletion of your personal data, where applicable.
- Right to limitation of processing: to limit the processing of your personal data.
- Right to data portability: to transfer your personal data from one data controller to another.
- Right of opposition: not to carry out the processing of your personal data or to cease the processing thereof.
- The right not to be subject to a decision based solely on automated processing, including profiling.
How to use this document
This document contains the privacy and data protection policy of a website, i.e. the rules relating to the processing (collection, management and retention) of personal data of the people who use it. It is therefore useful for all those websites that collect personal data from the people who use it.
With the purpose of harmonizing the GDPR regulations with the Chilean legislation in force, this privacy and data protection policy will incorporate the following content:
- the identity and contact details of the person(s) responsible for the processing of personal data (this may be the owner(s) of the website or other persons) and how to contact them;
- the categories of personal data that will be processed: only identifying data (e.g. name, surname, telephone number, e-mail) or also sensitive personal data (e.g. racial origin, political opinions, religious convictions, health data);
- the way in which the website collects personal data from its users;
- the purposes of the processing for which the personal data is intended;
- the period of retention of personal data on the website;
- the recipients of the personal data collected on the website;
- information on the rights deriving from the processing of personal data (access, rectification, deletion, limitation, portability and opposition);
- if used, information about the website's own cookies;
- if used, information about third-party cookies on the website; and
- in case of using social media plugins (e.g. Facebook, Twitter), information about social media cookies.
Once this document has been completed and downloaded, it can be uploaded to the appropriate website.
We have also taken into consideration the rules of the Data Protection Regulation of the European Union.
How to modify the model
You fill out a form. The document is drafted before your eyes, based on your answers.
Upon completion, you will receive it in Word and PDF formats. You can modify and reuse it.