Privacy Policy

Privacy & Data Protection Policy

Purpose

Law No. 21,719, published on December 13, 2024, and effective December 1, 2026, is the Chilean legislation that regulates the protection and processing of personal data in Chile. This legislation governs activities involving the use of data about individuals (“Personal Data”) by third parties, whether in a physical or digital environment, in order to protect their right to freedom of choice and their right to privacy as a natural person (“Data Subject”).

This Privacy and Data Protection Policy (“Policy”), applicable to UpSociative, aims to reinforce our commitment to privacy, security, and transparency regarding the use of Personal Data necessary for the provision of our services (“Services”).

Pursuant to Law 21,719, you have the right to request at any time the exercise of your rights of access, rectification, erasure, objection, and data portability (ARSOP).

The request can be made by sending an email to dpo@upsociative.com.

The response period will be 30 calendar days, extendable once for another 30 calendar days, which will be notified in due course.

In cases of rectification, erasure, or objection, you may also request the temporary blocking of your data, which will be resolved within 2 business days.

We will retain your data only for the time necessary to fulfill the stated purpose or as long as a legal or contractual obligation exists. Once this period has expired, the data will be securely deleted or anonymized.

Special Privacy and Data Protection Cases

International Transfers: If personal data is transferred outside of Chile, UpSociative will verify that the recipient country offers an adequate level of protection. If it does not, we will implement appropriate safeguards, such as standard contractual clauses or other mechanisms recognized by Law No. 21,719.
Minors: We do not process data of minors under 14 years of age without the express consent of their legal representatives. In the case of adolescents between 14 and 18 years of age, we respect their progressive autonomy; if sensitive data of minors under 16 years of age is involved, the express authorization of their representatives is required.

In the event of a security incident affecting personal data, UpSociative will notify the Personal Data Protection Agency and the affected data subjects without undue delay, within the timeframes established by Law No. 21,719.

Which data do we collect about you?

To provide our services, we need to collect certain information about you:

Identification and contact information: name, telephone number, email address, company, position, or role, among others.
Technical browsing and web analytics data: IP address, pages visited, cookies.
Data related to commercial requests.
Service preferences.
We do not collect sensitive data unless expressly authorized by the data subject.

How do we collect personal data?

Cookies and similar technologies

A cookie is a small piece of data (text files) that a website generates when visited by a user and stores in the user’s device’s browser. It is used to remember information about you, such as your language preference, login information, or form completion information.

Certain types of cookies are essential for the website to function and cannot be disabled. Non-essential cookies can be set, according to the user’s preferences, in their browser. However, we advise you that modifying the cookie settings on the UpSociative pages may disable some functions, affecting the usability of our tools and platforms.

The UpSociative website uses the following types of cookies:

Strictly Necessary cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the website may not then work properly.
Performance cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site.
Functionality cookies: These cookies allow the website to offer enhanced functionality and personalization. If these cookies are not allowed, some or all of these features may not work properly.
Social media cookies: These cookies are set by a range of social media services that we have added to the site to allow you to share our content with your friends and contacts. They are capable of tracking your browser across other sites and building up a profile of your interests. They may impact the content and messages you see on other websites you visit. If you do not allow these cookies, you may not be able to see or use these sharing tools.
Advertising cookies: These cookies may be set through our site by our advertising partners. These companies may use them to build a profile of your interests and show you relevant ads on other websites based on their unique identifiers of your browser and internet device. If these cookies are not allowed, you will experience less advertising tailored to your interests.

Provisions by Jurisdiction of Access

In addition to what is stated in this global policy, the following specific rules will apply depending on the jurisdiction from which the user accesses our website:

Chile | Law No. 21,719: Express and unambiguous consent for non-essential cookies, default blocking of advertising and analytics until acceptance. ARSOP rights will be honored within the timeframes established by law.
Colombia | Law 1581/2012: Prior, express, and informed consent; visible notice; immediate opt-out; incident reporting to the SIC.
United States | CCPA/CPRA and state laws: Right to opt-out of sales/sharing; banner with “Do Not Sell or Share My Personal Information” button; recognition of Global Privacy Control (GPC).
European Union and other countries | GDPR, PIPL, LGPD, others: Explicit consent (opt-in) for non-essential cookies; enhanced transparency; International transfers only with legal guarantees.

General Provisions

This Policy applies exclusively to UpSociative Services. Products and services purchased from UpSociative partners will be subject to their own terms of use and privacy policies, as determined by them.

The terms of this Policy may be modified at any time due to legislative changes by regulatory bodies or in the Services provided, as a result of updates to technological tools, or when necessary, at UpSociative’s discretion.

Therefore, the date of the last update will be indicated in this Policy, and if a relevant update or modification occurs, we will provide due transparency regarding any modified content.

Last updated: September 16, 2025