Privacy Policy & Data Processing
Last updated: July 2026
At RHEMATI SpA, we value your trust and are fully committed to protecting our users' personal information. This Policy is governed by current Chilean legislation on the protection of private life (Law No. 19,628 and its amendments under Law No. 21.719), as well as World-Class security and privacy standards.
1. Information We Collect
We collect and process two types of information:
- Personal Information: Identifying details such as name, email address, phone number, and corporate data you voluntarily provide through our contact form or official channels.
- Non-Personal Information & Interactions: Technical connection data automatically collected via cookies and analytical telemetry (IP address, browser type, operating system, pages visited, and browsing behavior) for statistical and performance purposes.
2. Purpose of Data Processing
Your data is processed strictly under the following legitimate purposes:
- Manage and respond to technical inquiries and consulting requests.
- Execute and deliver our engineering, cloud architecture, and software development services.
- Monitor site performance and stability in real time through Web Vitals metrics.
- Analyze usability patterns using heatmaps and anonymous session recordings.
- Guarantee the physical and logical security of the website, detecting and mitigating potential attack vectors.
3. Security & Data Protection
We implement enterprise-grade technical and organizational measures: encryption at rest (AES-256), secure transport (exclusive TLS 1.3), strict hash-based Content-Security-Policy (CSP), and an immutable serverless infrastructure. Inferences with foundational models operate under strict Zero Data Retention policies.
4. Data Processors & Third Parties
We do not sell, trade, or lease your personal data. For the secure and optimal operation of the platform, we delegate processing to the following processors under strict privacy and confidentiality agreements:
- Hosting & Cloud Computing: Google Cloud Platform / Firebase Hosting (USA / SOC 2 and ISO 27001 certified infrastructure).
- Network & Edge Security: Cloudflare Inc. (DNS, network proxy, and global HSTS).
- Serverless Contact API: Web3Forms (Processing of contact forms).
- Telemetry & Analytics: Google Analytics 4 (Google LLC) and Microsoft Clarity (Microsoft Corp.) for usability maps (with active user consent).
5. Cookies & Consent Mode V2
We use analytical cookies to improve user experience and measure traffic. We natively respect the Google Consent Mode V2 directive: analytical scripts from Microsoft Clarity and Google Analytics are only injected after active visitor consent. You can configure your browser to block or reject cookies at any time.
6. Third-Party Sites
This website may contain links to third-party portals (e.g., external security validators). We have no control over the content or privacy policies of platforms external to RHEMATI SpA.
7. ARCO-POL Rights of the Owner
You have the full right to exercise your ARCO-POL rights (Access, Rectification, Cancellation, Opposition, Portability, and Restriction of Processing) over your personal data. To exercise these rights, please send a signed request to our compliance mailbox.
8. Privacy Officer & Contact
For legal or privacy inquiries, contact our Privacy Officer directly:
Email: [email protected]
Address: RHEMATI SpA, Santiago, Chile.
