PRIVACY POLICY AND PERSONAL DATA PROTECTION

IDENTIFICATION OF THE RESPONSIBLE PARTY

This Privacy Policy regulates the processing of personal data carried out by DATTA SpA (hereinafter, "DATTA" or the "Responsible Party"), on its platform connecting IT professionals and companies (www.dattainc.com). DATTA declares its domicile in Chile and its subjection to national legislation, specifically to Law No. 19,628 on Protection of Private Life and its current amendments. The USER expressly consents that DATTA: a) Is authorized to promote their professional profile with companies seeking professionals matching their experience; and b) Is authorized to use their data to make analytical improvements to the platform.

PRINCIPLES OF DATA PROCESSING

In compliance with the obligation of protection by design and by default (Article 14 quáter of Law 19,628), DATTA ensures that only data strictly necessary for the purpose of the service will be processed. Processing shall be governed by the principles of lawfulness, purpose, proportionality, data quality, security, accountability and transparency, in accordance with applicable regulations.

DATA COLLECTED

For the provision of labor intermediation and professional connection services, DATTA collects the following categories of data:

• Identification Data: Full name, RUT or national ID, date of birth, nationality.
• Contact Data: Email address, phone number, physical address.
• Professional Profile Data: Curriculum Vitae, work experience, technical skills (technology stack), salary expectations, links to code repositories (e.g., GitHub) or portfolios.
• Transaction Data: Bank information for payment processing to professionals or charges to companies, as applicable.
• Navigation Data: IP address, device type, operating system and behavior on the platform.

PURPOSE OF DATA PROCESSING

Personal data shall be processed exclusively for the following purposes, in accordance with applicable legislation.

• Platform management: Create and manage user accounts (Professionals and Companies).
• Intermediation (Matchmaking): Analyze profiles through algorithms to connect professionals with compatible job offers.
• Identity verification: Validate the truthfulness of provided information to maintain ecosystem security.
• Contract fulfillment: Process payments, invoicing and management of the business relationship.
• Service improvement: Anonymized statistical analysis to optimize user experience.

LAWFULNESS BASIS AND CONSENT

Data processing is based on:

• Performance of the service provision contract or pre-contractual measures.
• Free, informed, specific and unambiguous consent from the data subject, given at the time of registration.
• Compliance with legal obligations (tax, labor, etc.).

INTERNATIONAL DATA TRANSFERS

Given the global nature of DATTA, personal data of professionals may be transferred to companies located outside national territory in order to realize labor opportunities for candidates. These transfers are carried out in accordance with Title V of Law 19,628:

• Adequate countries: Transfers to countries that provide adequate levels of protection according to the Data Protection Authority.
• Contractual guarantees: In the absence of an adequacy decision, DATTA shall execute standard contractual clauses ensuring data protection at destination.
• Express consent: For specific non-routine transfers, express consent from the data subject shall be requested for international transfer.

RIGHTS OF DATA SUBJECTS

The data subject may exercise their rights before DATTA at any time through the designated contact email:

• Access: Request information about their data, origin and recipients.
• Rectification: Correct inaccurate, outdated or incomplete data.
• Erasure (Deletion): Request deletion of their data when lacking legal basis or have expired.
• Objection: Object to the processing of their data for specific purposes.
• Portability: Request a copy of their data in a structured, commonly used format for transfer to another responsible party.

INFORMATION SECURITY

DATTA implements appropriate technical and organizational measures to ensure data security, including encryption, access controls and regular audits, in accordance with the security principle established in applicable legislation. In case of a security breach affecting your rights, corresponding reporting shall be made in accordance with applicable regulations.

VALIDITY AND MODIFICATIONS

DATTA reserves the right to modify this policy to adapt it to legislative or jurisprudential developments. Any modification shall be notified to users with appropriate notice.