top of page
Frame 70 (1).png

Data processing policy

1.1. Identification of the Data Controller

Company name: UFO Core
Address: Medellín, Colombia
Email: legal@ufo-core.com
Website: www.ufo-core.com

UFO Core (hereinafter, “UFO”) acts as the Data Controller in accordance with the applicable data protection regulations in the countries where it operates in LATAM.

1.2. Applicable Legal Framework

This policy is mainly governed by:

  • Law 1581 of 2012 – Personal Data Protection (Colombia)

  • Decree 1377 of 2013

  • Data protection principles recognized in LATAM

  • International privacy best practices (GDPR as a reference)

1.3. Definitions

Personal data: Information related to or that can be associated with a natural person.
Sensitive data: Information that affects the data subject’s privacy (e.g., biometric or financial data).
Processing: Any operation performed on personal data (collection, storage, use, circulation, or deletion).
Data subject: The natural person who owns the data.

1.4. Data Collected

UFO may collect, among others:

  • Identification data (name, ID, company, position)

  • Contact data (email, phone, country)

  • Business and financial information provided by clients or partners

  • Technical and browsing data (IP, cookies, logs, metadata)

  • Information provided through forms, demos, events, or integrations

Sensitive data will not be collected without explicit authorization.

1.5. Purposes of Processing

Personal data will be processed for:

  • Providing and managing UFO Core services

  • Financial origination, analysis, and automation processes

  • Commercial, contractual, and support management

  • Compliance with legal and regulatory obligations

  • Statistical analysis, analytics, and product improvement

  • Commercial, educational, and product communications

1.6. Data Subject Rights

The data subject may at any time:

  • Access, update, and rectify their data

  • Request proof of authorization

  • Be informed about the use of their data

  • Revoke authorization and/or request deletion

  • File complaints with the competent authority

Requests will be handled through legal@ufo-core.com

1.7. Authorization

Data processing is carried out with the prior free, express, and informed authorization of the data subject, obtained through digital forms, contracts, or affirmative actions.

1.8. Data Transfer and Transmission

UFO may transfer or transmit data to:

  • Technology providers

  • Strategic partners

  • Corporate clients

Always ensuring appropriate levels of security and confidentiality.

1.9. Information Security

UFO implements technical, administrative, and organizational measures to protect information, including access controls, encryption, environment segregation, and auditing.

1.10. Validity

This policy becomes effective upon publication and may be updated at any time.

bottom of page