For RSK Group, hereinafter referred to as “RSK”, privacy, confidentiality, and taking care of personal data of individuals is essential, which is why it is committed to protecting your personal information and ensuring that your privacy is respected.
This personal data protection policy is based on RSK’S commitment with the privacy and security of information related to the personal data of our clients and users; and it is based on the principles of confidentiality, proportionality, integrity, transparency, availability, and the current legal obligations.
The personal data protection policy described below provides how RSK collects, processes, and protects the personal data that you provide or that RSK collects through the “BOX” platform (hereinafter referred to as the “Platform”), websites that have been implemented and those that will be implemented in the future, as well as forms and other RSK channels.
RSK will process personal data in compliance with Law 19.628 “Law on Protection of Privacy”, and other regulations related to the safeguarding, protection, and confidentiality of personal data.
a) “Personal data”: any information related or referred to an individual, identified or identifiable through means that can be reasonably used.
b) “Sensitive personal data”: data that refers to the physical or moral characteristics of individuals, or to the facts or circumstances of their private life or intimacy, such as personal habits, racial origin, ideologies, beliefs, political opinions, and sexual life.
c) “Data processing”: any operation or complex of operations or technical procedures, whether automated or not, that makes it possible to collect, store, record, organize, elaborate, select, extract, confront, interconnect, dissociate, communicate, assign, transfer, transmit or cancel personal data, or use them in any other way.
e) “Data processor”: individual or legal entity who processes personal data on behalf of the data controller by reason of a legal relationship with the latter.
f) “User”: individual who enters or uses the Platform and expressly authorizes the processing of his/her personal data by the Platform.
g) “Personal data subject”: individual whose personal data is subject of processing and regarding which RSK is the controller or the processor, as applicable.
h) “Data transfer”: Occurs when the data controller and/or data processor located in Chile sends the information or personal data to a recipient, which in turn is responsible for its processing and is located inside the country or abroad.
i) “Data transmission”: processing of personal data involving the communication thereof inside or outside the territory of the country when the processing is to be carried out by the data processor on behalf of the data controller.
II. Data Controller
Provider: RSK Group.
Tax identification number: 76.148.404-4.
Legal representative: María Luisa Flores Olivares.
Address: Avenida Bosques de Montemar No. 30, office 1311, district of Viña del Mar, Valparaíso Region.
III. Legal Basis for Data Processing.
The processing of personal data by RSK is based on the explicit, prior, unequivocal, free, and informed consent of the data subject and/or the law.
IV. Purpose of Data Processing.
RSK will process data that is strictly necessary for the fulfillment of the following purposes:
- Provide the services enabled on the Platform properly.
- Manage your registration, requests, and interaction as User of the Platform.
- Manage the contractual relationship arising from the execution of the services enabled on the Platform.
- Manage requests received in the contact form of the Platform, forms of inspectors or your intention to subscribe to our newsletter.
- Take all necessary actions to confirm and update your User information, including the validation of your identity when performing operations with RSK, analyzing data from your client, service provider or employee profile. For this purpose, RSK will be able to use your geolocation data, data from the device through which you access the Platform and contact data in order to protect the security of your information and that of RSK’s clients.
- Use your geolocation data to determine the available services in a certain territory. Similarly, in the case of an Inspector, and only while the Platform is in active mode, we will process your geo reference for the traceability of the Services and for determining the rate applicable to the service contracted by the client.
- For business or advertising purposes, in order to promote and give the possibility to request for Services on the Platform and keep you informed of the features of the Platform.
- Analyze the User’s behavior while browsing on the Platform.
- Comply with legal obligations.
- In order to maintain the quality of the services, verify instructions and prevent fraud.
- Finally, the data may be used with statistical, historical and research purposes, inter alia, in which cases, to the extent possible, your data will be used anonymously, meaning that it will not be possible to determine the identity of the individual to whom they belong.
For such purposes, RSK may collect your data by different means, such as access and use of the Platform, submittal of online forms, emails, online chat, among other authorized channels in accordance with the current legislation.
V. Data Communication
As a general rule, RSK will not share your personal data with third parties, unless there is a legal mandate that authorizes it, and also when you consent to it.
- With third party service providers that are exclusively related to the services enabled on the Platform. Such providers may access your personal data as Data Processors and may process your data on behalf of RSK. For this, RSK has adopted a selection criterion for providers so they can deliver their services in compliance with the data protection policies defined by RSK in matters of confidentiality, safeguarding of information, cybersecurity, inter alia.
- With the selected inspector for the execution of the contracted Services through the Platform.
- To process requests made by Users and to comply with the agreed obligations.
- Users of the Platform may perform evaluations of Clients and Inspectors. In this regard, data subjects hereby authorize that such opinions be published in the Platform to provide Users with more information on the Services performed by the Inspectors and contracted by the Clients.
- To contribute to the prevention of fraud or to enforce or protect the rights and property of RSK or RSK’s clients.
- To protect the personal security of RSK’s employees, third party representatives or the public in general.
- To comply with any law, regulations, summons or injunction.
- In the event that, for strategic or other business reasons, RSK decides to sell, purchase, merge or reorganize the business. In such case, such transaction could include the disclosure of your personal information to actual buyers, or the reception thereof by the sellers. RSK’s policy is to adequately protect personal information in these types of transactions.
VI. International Transmission and Transfer.
VII. Validity of Data Processing.
Personal data of data subjects regulated by this policy will be kept for as long as necessary in connection with the aforementioned purposes. However, certain personal data may be kept for a longer period if required by legal or regulatory provisions, in which case they will be kept for the period provided for in said provisions.
VIII. ARCO Rights.
Data subjects have the following rights:
- Right of access: Data subjects may request RSK information on whether their personal data are being processed by it, and access them if necessary.
- Right of rectification: Data subjects may request that RSK modify or amend their personal data when they are inaccurate, outdated, incomplete or misleading.
- Right of cancellation: Data subjects may request that RSK suppress or delete their personal data when the consent for its processing has been revoked and there is no lawful basis for processing them, when the processing is unlawful, or when the data have expired.
- Right of opposition: means the right of the data subject to request that RSK refrain from processing specific data.
Data subjects may exercise these rights at any time by contacting RSK through the contact form available at http://rskgroupco.com/company.html or by sending an email to the following email address firstname.lastname@example.org.
For RSK, the security of your information is essential, for which it has appropriate policies and adequate technical and organizational measures to properly safeguard and protect your personal data against unlawful or unauthorized access, loss, accidental destruction, damage, illegal or unauthorized use and disclosure.
XI. Changes in this Policy.
This Policy shall be effective as of the date of its publication, i.e., January 1st, 2023.