Add your promotional text...

en
START
en
START

Legal

Data Privacy Policy

1. Introduction

This Data Privacy Policy aims to inform users, clients, and companies about the collection, use, storage, protection, and processing of their personal and corporate data within the scope of the services offered by the Company (“We” or “the Company”).

We are committed to ensuring the confidentiality, integrity, and security of the data, complying with applicable personal data protection regulations in the countries where we operate:

  • Peru: Law No. 29733 – Personal Data Protection Law and its Regulations (Supreme Decree 003-2013-JUS).

  • United States: California Consumer Privacy Act (CCPA) and sector-specific federal regulations.

  • Colombia: Statutory Law 1581 of 2012 and Decree 1377 of 2013.

  • Chile: Law 19.628 on the Protection of Private Life and complementary regulations.

  • Ecuador: Organic Law on the Protection of Personal Data (2021).

  • Brazil: General Data Protection Law – LGPD (Law No. 13.709/2018).

2. Data We Collect

a. Personal Data of Clients

  • Full name

  • Address

  • Occupation

  • Email address

  • Mobile phone number

  • Landline phone number

  • Gender

b. Company Data

  • Legal business name

  • Identification number (RUC, NIT, CNPJ, or equivalent)

  • Contact data of representatives or responsible parties

3. Purpose of Processing

The collected data will be used for the following purposes:

  • Administrative and contractual management of clients.

  • Creation, maintenance, and access to user accounts.

  • Communication with clients (notifications, support, billing).

  • Compliance with legal and regulatory obligations.

  • Service usage analysis and platform improvement.

  • Marketing activities, provided that prior consent from the data subject exists.

4. Legal Basis for Processing

Data processing is carried out based on:

  • Explicit consent from the data subject (Peru, Colombia, Chile, Ecuador, Brazil).

  • Execution of a contractual relationship (services provided by the Company).

  • Compliance with applicable legal obligations in each country.

  • Legitimate interests of the Company, provided that the rights of the data subject do not prevail (CCPA, LGPD).

5. Storage and International Transfer

Data is stored in cloud infrastructure and servers provided by openai.com, located primarily in the United States.

This involves international data transfer, which is carried out under adequate protection mechanisms:

  • Standard contractual clauses and confidentiality commitments.

  • Compliance with LGPD (Brazil) and Andean regulations (Colombia, Ecuador, Peru).

  • Security guarantees required by CCPA regulations in the U.S. and other applicable laws.

6. Rights of Data Subjects

Data subjects have the right to:

  • Access: know what data is held about them.

  • Rectification: correct inaccurate or incomplete information.

  • Deletion / Erasure: request that their data be deleted when applicable.

  • Objection: oppose the use of their data for specific purposes.

  • Portability: request the delivery of their data in a structured format (according to LGPD and Andean regulations).

  • Withdrawal of consent: revoke the authorization previously granted at any time.

These rights may be exercised by sending a written communication to the contact email address (see Section 11).

7. Data Retention

Personal data will be kept only for the time necessary to fulfill the purposes described or as long as a contractual relationship exists.

After that period, data will be deleted or anonymized, except when legal retention is required (e.g., tax or accounting obligations).

8. Security Measures

We implement reasonable technical, organizational, and administrative measures to protect information against:

  • Unauthorized access

  • Misuse

  • Loss or theft

  • Alteration or destruction

These include:

  • Restricted access control policies.

  • System monitoring.

  • Confidentiality agreements with staff and third parties.

9. Processors and Third Parties

Data may be processed by technology providers, including openai.com, acting as data processors, subject to contracts that ensure compliance with applicable regulations.

Data will not be shared with third parties other than those authorized, except in the case of a legal requirement or explicit consent from the data subject.

10. Country-Specific Rules

  • Peru: Registration in the National Registry of Personal Data Protection; compliance with the National Authority for Personal Data Protection.

  • United States: Transparency regarding the use of information; right to opt-out of data sale under CCPA.

  • Colombia: Notification to the Superintendency of Industry and Commerce (SIC) in case of security incidents.

  • Chile: Habeas data process and limitation on the use of data for purposes different than those consented.

  • Ecuador: Compliance with the principles of legality, informed consent, and data minimization.

  • Brazil: Compliance with LGPD, obligation to designate a Data Protection Officer (DPO), and reporting to the National Data Protection Authority (ANPD) in the event of incidents.

11. Contact

To exercise your rights or make inquiries about this Policy, you may contact us at:

Email: marketing@aivahub.com

12. Updates to This Policy

We reserve the right to modify this Policy at any time. Updates will be notified to data subjects through the official communication channels.

Continued use of our services after publication of changes implies acceptance of the new version of the Policy.Política de Privacidad de Datos.

Terms and Conditions
Private Data Policy
Cookies Policy
@2025 AIVA. All rights reserved.
marketing@aivahub.com
Legal
Contact
USA
PERU
marketingperu@aivahub.com
+1 (347) 562-8420
+51 922 644 303