This Privacy Policy establishes the terms in which Koff & Guerrero Consultants uses and protects the information that is provided by its users when using its website. This company is committed to the security of its users' data. When we ask you to fill in the fields of personal information with which you can be identified, we do this by ensuring that it will only be used in accordance with the terms of this document. However, this Privacy Policy may change over time or be updated, so we recommend and emphasize that you continually review this page to ensure that you agree with said changes.
The website WWW.VALIDRISK.COM, hereafter "VALIDRISK," "WWW.VALIDRISK.COM" or "the website," indistinctly, discloses to the people who use it, hereafter "users," this privacy and personal data protection policy.
This privacy and personal data protection policy is part of the General Terms and Conditions of Use of the website WWW.VALIDRISK.COM. For more information, please review the General Terms and Conditions of Use located on the website, which are available at the following link: hNps://ValidRisk.com/Pub/Home/PrivacyPolicy.
Reading the General Terms and Conditions will allow users to learn how VALIDRISK collects, processes, and protects their personal data.
Access to, use of, and continuous presence on the website WWW.VALIDRISK.COM implies acceptance of this privacy policy.
Of particular importance are the enforcement of Law No. 19,628 regarding the Protection of Personal Data and Law No. 19,496 regarding Consumer Rights.
This policy, insofar as it does not contravene Chilean law, is compliant with the European General Data Protection Regulation (GDPR).
1.1 Definitions
a) Data storage: conservation or custody of data in a registry, data bank, or database.
b) Statistical data: data that due to its origin, or as a result of its processing, cannot be
associated with an identified or identifiable owner.
c) Data of a personal nature or personal data: data relating to any information concerning
natural, identified or identifiable persons.
d) Sensitive data: personal data that refer to the physical or moral characteristics of people or
to facts or circumstances of their private life or intimacy, such as personal habits, racial
origin, political ideologies and opinions, religious beliefs or convictions, physical or mental
health conditions, and sex life.
e) Registry, bank, or database: an organized set of personal data, which may be automated or
not, regardless of the manner or modality of its creation or organization, that allows data to
be linked, and for any type of data processing to be carried out.
f) Person in charge of the registry, data bank, or database: the natural or legal person in charge
of decisions related to the processing of data of a personal nature, also known as the person
in charge of processing personal data.
g) Data owner: natural person to whom personal data pertain.
h) Data processing: any operation or series of operations or technical procedures, whether
automated or not, that make it possible to collect, store, record, organize, elaborate, select,
extract, compare, interconnect, decouple, communicate, assign, transfer, transmit or cancel
data of a personal nature, or use them in any other way.
The processing of users' personal data will be subject to the following principles:
a) Lawfulness, loyalty and transparency principle: the consent of the user will be required at
all times provided that he/she is fully informed of the purposes for which personal data is
being collected.
b) Purpose limitation principle: personal data will be collected for specified, explicit, and
legitimate purposes.
c) Data minimization principle: personal data collected will be only those strictly necessary in
relation to the purposes for which they are processed.
d) Accuracy principle: Personal data must be accurate and will always be up-to-date.
e) Storage limitation principle: personal data will only be maintained so as to allow user
identification for the time necessary for the purposes of their processing.
f) Integrity and confidentiality principle: personal data will be processed in a way that
guarantees its security and confidentiality.
g) Accountability principle: the person in charge of processing will be responsible for ensuring
that the above principles are complied with.
The person responsible for the processing of personal data collected through the VALIDRISK website
is KOFF & GUERRERO CONSULTANTS S.A., Unique Tax Role No. 76.076.303-9, represented by
MANUEL REYES FUENTES, National Identity Card No. 7.508.415-3, hereafter, the person in charge of
processing.
The contact information of the person in charge of processing are:
• E-mail: contact@ValidRisk.com
• Address: Avenida Presidente Kennedy 5735, Oficina 1501, Las Condes, Santiago - Chile
• Phone number: +56 222 036 494
The personal data obtained by VALIDRISK through the forms found on its pages will be incorporated
and processed in our databases in order to facilitate, expedite and fulfill the obligations of VALIDRISK
o its users, either for the maintenance of the relationship established in the forms filled out by the
users, or to respond to a user request or query.
Specifically, user data will be obtained by VALIDRISK through the following action(s):
When registering to use ValidRisk licenses.
The data categories processed in VALIDRISK are solely identifying data. Under no circumstances are
sensitive categories such as the health status of individuals or their political opinions or religious
beliefs processed.
Sensitive data cannot be processed, except when authorized by law, when there is consent from the
owner of such data, or when such data is necessary for determining or granting health benefits that
correspond to the data owners.
The processing of personal data may only be carried out when authorized by law or when the owner
has expressly consented to it.
VALIDRISK undertakes to obtain the express, wriNen and verifiable consent of the user regarding the
personal data of which he or she is the owner, in order to process such data for one or more specific
purposes, duly informed.
The eventual disclosure of stored and processed data to the public will also be reported.
Authorization is not required for the processing of personal data coming from or collected from
sources accessible to the public when they are of an economic, financial, banking, or commercial
nature, are contained in lists relating to a category of people that are limited to providing background
information such as the individual's membership in that group, his/her profession or occupation,
educational qualifications, address, and date of birth, or are necessary for direct response
commercial communications, marketing, or the sale of goods or services.
Neither will such authorization be required for the processing of personal data carried out by private
legal entities for the exclusive use of themselves, their associates, and affiliated entities, for
statistical, pricing, or other purposes of general benefit to them.
Personal data must be used only for the purposes for which they were collected unless they come
from or have been collected from sources accessible to the public.
Sensitive data cannot be processed, except when authorized by law, when the owner has provided
consent, or when it is necessary for determining or granting health benefits to data owners.
The user has the right to withdraw his or her consent at any time. It will be as easy to withdraw as
to give consent. As a general rule, withdrawal of consent will not restrict the use of the website.
Whenever the user must or may provide their data through forms in order to make inquiries, request
information, or for other purposes related to the contents of the website, he/she will be informed if
the completion of any of these forms is mandatory due to being essential for the correct
development of the operation undertaken.
Personal data will only be retained for the minimum time necessary for the purposes of its
processing and, in any case, only for the following period: for the current licensing period or until
the user or customer requests its deletion, or until the user requests its erasure.
At the time the personal data is obtained, the user will be informed of the period during which the
personal data will be stored or, when this is not possible, the criteria used to determine this period.
The personal data of users will not be shared, sold, transferred, leased, marketed or transmiNed in any way to third parties, except as required by law.
Only people over the age of 14 will be able to consent to the processing of their personal data in a
lawful way by VALIDRISK.
If a person is under the age of 14, the consent of his/her parents, legal representatives, or the person
in charge of the child's personal care will be required, unless expressly authorized or mandated by
law.
Sensitive data belonging to adolescents under 16 years of age may only be processed with the
consent granted by their parents, legal representatives, or the person in charge of the personal care
of the minor, unless expressly authorized or mandated by law.
VALIDRISK undertakes to adopt the necessary technical and organizational measures, according to
the level of security appropriate to the risk of the collected data, so as to guarantee the security of
personal data and prevent the accidental or unlawful destruction, loss, or alteration of transmiNed,
stored, or otherwise processed personal data, as well as to prevent the unauthorized communication
or access to such data.
The website WWW.VALIDRISK.COM has an SSL (Secure Socket Layer) certificate, which ensures that
personal data is transmiNed securely and confidentially, as this transmission between the server and
the user, and vice versa, is fully encrypted.
However, because VALIDRISK cannot guarantee the impregnability of the internet or the total
absence of hackers or others who fraudulently access personal data, the person in charge of
processing undertakes to inform users, without undue delay, of any breach of personal data security
that is likely to imply a high risk to the rights and freedoms of natural persons. A personal data breach
is understood as any breach of security that results in the accidental or unlawful destruction, loss or
alteration of personal data transmiNed, stored or otherwise processed, or the unauthorized
communication of or access to such data.
Personal data will be treated as confidential by the person in charge of processing, who undertakes
to inform and to guarantee by means of a legal or contractual obligation that said confidentiality is
respected by its employees, associates, and any person to whom he/she makes the information
accessible.
The user has the following rights over his/her personal data collected by VALIDRISK and may,
therefore, exercise these rights vis-à-vis the person in charge of processing:
a) Right of access: the user's right to receive confirmation regarding whether VALIDRISK is
processing his/her personal data and, if this is the case, receive information about their
specific personal data and the processing that VALIDRISK has conducted or will conduct, as
well as, among other information, the information available regarding the origin of such
data and the recipients of the disclosures made or expected to be made of such data.
b) Right to rectification: the user's right to have his/her personal data rectified if they prove
to be inaccurate or, taking into account the purposes of the processing, incomplete.
c) Right to erasure ("the right to be forgoNen"): the right of users, unless otherwise provided
for by law, to have their personal data erased when they are no longer required for the
purposes for which they were collected or processed; when the user has withdrawn
his/her consent to the processing and there is no other legitimate reason to continue with
it; when the personal data have been processed unlawfully; when the personal data must
be erased in compliance with a legal obligation.
If the erased or rectified personal data have been previously disclosed to specific or
identifiable third parties, the person in charge of processing must notify them as soon as
possible of the action taken. If it is not possible to determine to whom it has been
disclosed, a notice that may be generally known to those who use the information in the
database will be issued.
The rectification, erasure, or blocking of personal data stored under legal obligation may
not be requested, outside of situations established by the respective law.
d) Right to restriction of processing: the user's right to limit the processing of his/her
personal data. The user has the right to obtain the restriction of processing when he/she
contests the accuracy of his/her personal data, the processing is unlawful, the person in
charge of processing no longer needs the personal data, but the user needs it to make
claims, or when the user has objected to the processing.
e) Right to data portability: in the event that the processing is carried out by automated
means, the user will have the right to receive his/her personal data from the person in
charge of processing in a structured, commonly used, machine-readable format, and to
transmit such data to another person in charge of processing. Whenever technically
possible, the person in charge of processing will transmit the data directly to the other
person in charge of processing.
f) Right to object: the user's right to stop the processing of his/her personal data or to stop
its processing by VALIDRISK.
g) Right to not be the subject of a decision that is only based on automated decision-making,
including profiling: the user's right to not be subject to an individualized decision only
based on the automated processing of his/her personal data, including profiling, unless
otherwise stipulated by legislation in force.
The user may exercise his/her rights by means of wriNen communication addressed to the
person in charge of processing, as established in Article 16 of Law N° 19.628.
If the user believes that there is a problem with or infringement of the regulations in force regarding the way in which his/her personal data is being processed, he/she will have the right to exercise the actions he/she deems appropriate before the Courts of Law.
Access to this website may involve the use of cookies. Cookies are small pieces of information that
are stored on the browser used by each user -on the different devices that may be used to navigateso
that the server remembers certain information that will later be read only by the server that
implemented it. Cookies facilitate navigation, make it more user-friendly, and do not harm the
navigation device.
The information collected through cookies may include the date and time of visits to the website,
pages viewed, time spent on the website, and sites visited just before and after it. However, no
cookie can be used to contact the user's telephone number or any other means of personal contact.
No cookie can extract information from the user's hard drive or steal personal information. The only
way for the user's private information to be part of the cookie file is for the user to personally give
that information to the server.
Cookies that make it possible to identify a person are considered personal data. Thus, the
aforementioned Privacy Policy will apply to these cookies. Accordingly, the use of cookies requires
the consent of the user. This consent will be communicated on the basis of an authentic choice, given
through affirmative and positive assent prior to initial processing. This choice is documented and can
be withdrawn.
These are the cookies that are sent to the computer or device of the user and managed exclusively
by VALIDRISK to improve the functioning of the website. The information collected is used to
improve the quality of the website, its content, and user experience. These cookies make it possible
to recognize the user as a recurring visitor of the website and customize its content to offer content
that suits their preferences.
The entity or entities in charge of providing cookies may transfer this information to third parties, if
required by law or if a third party processes this information for such entities.
The user can fully or partially disable, reject, and delete cookies installed on his/her device by configuring his/her browser (such as Chrome, Firefox, or Safari). In this regard, the procedures for rejecting and deleting cookies may differ from one internet browser to another. Consequently, the user must follow the instructions provided by the internet browser he/she is using. In the event that the user fully or partially rejects the use of cookies, he/she may continue to use the website, although the use of some of its features may be limited.
The user must read and agree to the conditions regarding the protection of personal data contained
in this privacy and cookie policy and accept the processing of his/her personal data so that the
person in charge of processing can proceed in the indicated manner, for the indicated periods of
time, and for the indicated purposes. Use of the website implies acceptance of its privacy and cookie
policy.
VALIDRISK reserves the right to modify its privacy and cookie policy at its own discretion, or in
response to a legislative or jurisprudential change. Changes or updates to this privacy and cookie
policy will be disclosed to the user.
The user is advised to check this page periodically to keep up to date on the latest changes or
updates.
This privacy and cookie policy was created on May 5, 2023 and has been updated to comply with
current legislation.
Cookie Name | Description | Provider | Category | Expiration |
---|---|---|---|---|
.AspNetCore.Antiforgery.# | It helps to avoid attack on the type of Petition Falsification in cross-sites (CSRF). | validrisk.com | Required | Session |
_grecaptcha | This cookie is used to distinguish between human and boots. This is effective for the web with The object of preparing valid reports on the use of its website. | validrisk.com | Required | Persistent |
_GRECAPTCHA | This cookie is used to distinguish between human and boots. This is effective for the web with The object of preparing valid reports on the use of its website. | google.com | Required | 179 Days |
ARRAffinity | Used to distribute the traffic to the website on several servers to optimize the times of answer. | validrisk.com | Required | Session |
ARRAffinitySameSite | Used to distribute the traffic to the website on several servers to optimize the times of answer. | validrisk.com | Required | Session |
rc::a | This cookie is used to distinguish between human and boots. This is effective for the web with The object of preparing valid reports on the use of its website. | google.com | Required | Session |
rc::b | This cookie is used to distinguish between human and boots. This is effective for the web with The object of preparing valid reports on the use of its website. | google.com | Required | Session |
rc::c | This cookie is used to distinguish between human and boots. This is effective for the web with The object of preparing valid reports on the use of its website. | google.com | Required | Session |
TiPMix | It records which group of servers is serving the visitor. This is used in conjunction with load balancing to optimize the user experience. | validrisk.com | Required | 1 Day |
x-ms-routing-name | It records which group of servers is serving the visitor. This is used in conjunction with load balancing to optimize the user experience. | validrisk.com | Required | 1 Day |