Privacy Policy
Last updated: March 9, 2026
This Privacy Policy describes how Puente OS SpA ("Puente OS", "we", "us", or "our") collects, uses, stores, and protects information obtained through the Puente OS platform (the "Platform"), including the Puente OS Plugin for Shopify (the "App") and any related services, integrations, and products.
By using the Platform, installing the App, or signing a service agreement with us, you ("Client", "Merchant", or "you") agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our services.
1. Who We Are
We are the data controller for information processed through the Platform. For personal data of your end customers processed through automations, we act as a data processor on your behalf.
2. What Data We Collect and Access
2.1 Client Account Data
Data you provide when creating an account or signing a service agreement:
| Data Category | Examples |
|---|---|
| Contact information | Name, email, phone, job title |
| Company information | Company name, RUT/Tax ID, address, industry |
| Billing information | Invoice details, payment method (we do not store credit card numbers) |
| Credentials | API keys and access tokens for connected systems (encrypted at rest) |
| Configuration data | Automation rules, workflows, agent settings, integration preferences |
2.2 Operational Data from Connected Systems
The Platform connects to your existing systems (ERP, eCommerce, logistics, payments, etc.) and may access the following types of data depending on your configuration:
| Data Category | Examples | Purpose |
|---|---|---|
| Orders | Order ID, line items, status, shipping/billing address, tags, notes | Workflow automation, routing, reporting |
| Products | Titles, descriptions, prices, images, variants, inventory levels | Catalog sync, dynamic pricing, inventory management |
| Fulfillments | Fulfillment status, tracking numbers, carrier info | Logistics automation, tracking |
| Customers | Customer ID, name, order count (non-sensitive fields) | Segmentation, reporting |
| Shipping | Zones, carrier profiles, delivery rates | Route optimization, cost analysis |
| Inventory | Stock levels, locations, movements | Inventory rebalancing, alerts |
| Financial data | Revenue, costs, margins (aggregated) | Reporting, analytics |
| Discounts | Discount codes, price rules, conditions | Promotion automation |
| Analytics | Store performance metrics, custom events | Operational dashboards |
2.3 Shopify-Specific Data Access
For Merchants using the Puente OS Shopify App, we additionally access:
| Data Category | Access Type |
|---|---|
| Products, Orders, Draft Orders, Fulfillments, Shipping, Discounts | Read & Write |
| Content & Pages, Publications, Marketing Events, Metaobjects | Read & Write |
| Analytics | Read & Write |
| Customers, Store Info, Locations | Read only |
2.4 What We Do NOT Collect
- Payment card numbers, CVVs, or bank account details
- Customer passwords or authentication credentials
- Shopify admin account credentials or merchant passwords
- Protected customer PII fields (email, phone, address) directly — only when included within order records as necessary for automation
- Biometric data
- Health or medical information
3. Why We Process This Data
We access and process data exclusively to provide the services described in your service agreement:
| Purpose | Description |
|---|---|
| Automation execution | Run merchant-configured workflows that modify products, orders, inventory, discounts, shipping, and other operational data |
| AI agent operations | Execute AI-powered decisions (dynamic pricing, order routing, inventory rebalancing) with human-in-the-loop guardrails |
| Operations dashboard | Display unified operational data from multiple connected systems |
| Content synchronization | Sync product and page content changes between Puente OS and connected platforms |
| Analytics and reporting | Generate operational insights and performance reports |
| Service improvement | Monitor system performance, debug issues, and improve Platform reliability |
We do not use Client or Customer data for advertising, profiling, or any purpose beyond delivering the contracted services.
4. AI and Machine Learning
4.1 How We Use AI
Puente OS deploys AI agents that make operational decisions (pricing, routing, inventory) based on your data. These agents:
- Operate only on your data, for your benefit
- Include human-in-the-loop controls for high-impact decisions
- Have guardrails, audit trails, and rollback capabilities
- Execute only within the parameters you configure
4.2 Training and Model Development
- Your data is NOT used to train, develop, or improve general-purpose AI or machine learning models
- Your data is NOT shared with third-party AI providers for model training
- Any AI features that analyze your data do so using merchant-authorized models and only with your explicit consent
- This complies with Shopify's Partner Program Agreement (updated February 27, 2026) for Shopify-connected data
4.3 Third-Party AI Providers
When AI features require third-party inference services (e.g., OpenAI, Anthropic), we ensure:
- Only the minimum necessary data is sent for processing
- Data is transmitted over encrypted connections
- Third-party providers are contractually prohibited from retaining or training on your data
- Enterprise and Custom plan clients may use their own API tokens ("Bring Your Own Tokens") for full control
5. How We Store and Protect Data
5.1 Infrastructure
- Data is hosted on Google Cloud Platform (GCP), South America region
- All production systems run in isolated, access-controlled environments
5.2 Security Measures
| Measure | Detail |
|---|---|
| Encryption in transit | TLS 1.2+ for all data transmission |
| Encryption at rest | AES-256 for stored data, API tokens, and credentials |
| Access control | Role-based access restricted to authorized Puente OS personnel |
| Authentication | Multi-factor authentication (MFA) for all internal systems |
| Monitoring | Continuous monitoring, logging, and alerting on production systems |
| Backups | Regular automated backups with encrypted storage |
| Security reviews | Periodic security reviews and infrastructure audits |
5.3 Data Retention
| Data Type | Retention Period |
|---|---|
| Operational logs | Maximum 90 days, then automatically deleted |
| Client account data | Duration of the service agreement + 5 years (legal requirement) |
| Configuration data | While the service is active; deleted upon termination |
| Shopify App data | While the App is installed; deleted within 30 days of uninstallation |
| Aggregated analytics | May be retained indefinitely in anonymized form |
5.4 Data Breach Notification
In the event of a data breach affecting your data, we will:
- Notify you within 72 hours of becoming aware of the breach
- Provide details of the nature and scope of the breach
- Describe the measures taken to mitigate the breach
- Cooperate with you in fulfilling any regulatory notification obligations
6. Data Sharing
We do not sell, rent, or share Client or Customer data with third parties, except in the following limited circumstances:
| Recipient | Purpose | Safeguards |
|---|---|---|
| Cloud infrastructure providers (Google Cloud Platform) | Hosting and data processing | Data Processing Agreements (DPAs) in place |
| Connected platforms (Shopify, ERPs, couriers, etc.) | API communication required to operate integrations | Each platform's own privacy policy applies; data sent only as needed for configured automations |
| AI inference providers (when applicable) | Processing AI agent requests | Contractual restrictions on data retention/training; encrypted transmission |
| Legal authorities | If required by Chilean law or court order | Only to the extent legally required |
We do not share data with advertising networks, data brokers, or analytics platforms.
7. Client Rights
7.1 Under Chilean Law (Ley 19.628)
As a Client, you have the following rights regarding your personal data:
- Information: Request information about the personal data we hold about you or your company
- Modification: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your data when it is no longer necessary for the purposes collected
- Blocking: Request temporary suspension of data processing while a dispute is resolved
7.2 Additional Platform Rights
- Access: Request a copy of all data we hold about your account and operations
- Portability: Request an export of your configuration data, workflows, and automation rules
- Deletion upon termination: Upon contract termination or App uninstallation, all associated data is deleted within 30 days
- Audit: Enterprise clients may request information about our security practices and data handling procedures
To exercise any of these rights, contact us at privacy@puente.xyz.
8. End Customer Data
8.1 Roles and Responsibilities
The Platform may process personal data of your end customers (buyers, recipients) as part of order management, fulfillment, and operational workflows.
- You (the Client) are the data controller for your customers' personal data
- Puente OS acts as a data processor on your behalf, in accordance with Article 4 of Chilean Law 19.628
8.2 Our Obligations as Data Processor
- We process end customer data only according to your instructions (automation rules and configurations)
- We do not use end customer data for any independent purpose
- We do not contact your end customers directly
- We will notify you without undue delay if we become aware of a data breach affecting customer data
- Upon termination, all end customer data is deleted according to the retention schedules in Section 5.3
8.3 Data Processing Agreement (DPA)
Clients with active service agreements have a Data Processing Agreement (Annex C of the SaaS contract) that governs the specifics of data processing, including:
- Categories of data processed
- Processing instructions and scope
- Sub-processor management
- Breach notification procedures
- Data return and deletion upon termination
9. International Data Transfers
9.1 Primary Processing Location
Data is primarily processed in Google Cloud Platform's South America region.
9.2 Cross-Border Transfers
When data needs to be transferred outside of Chile or Latin America (e.g., for AI inference processing or certain cloud services), we ensure:
- Adequate safeguards are in place (contractual clauses, DPAs)
- Transfer is necessary for the performance of the contracted services
- Recipient jurisdictions provide adequate levels of data protection, or supplementary measures are implemented
10. GDPR Compliance (European Users)
For Clients operating in the European Economic Area (EEA):
- Legal basis for processing: Legitimate interest and contractual necessity (delivering the services you subscribed to)
- Data transfers: If data is transferred outside the EEA, we ensure adequate safeguards are in place (Standard Contractual Clauses or equivalent)
- Rights: You have the right to access, rectification, erasure, restriction of processing, data portability, and objection
- Data Protection inquiries: Contact privacy@puente.xyz
11. CCPA Compliance (California Users)
For Clients located in California:
- We do not sell personal information
- California residents have the right to know, delete, and opt out of the sale of personal information (sale does not apply to us)
- To submit a CCPA request, contact privacy@puente.xyz
12. Cookies and Tracking
12.1 Puente OS Platform
The Puente OS Platform uses only essential cookies necessary for session management and authentication. We do not use advertising or third-party tracking cookies.
12.2 Shopify App
The Shopify App is embedded in the Shopify Admin and does not use cookies or tracking technologies beyond what Shopify provides natively for session management within the Admin interface. The App does not inject tracking scripts into merchant storefronts.
13. Confidentiality
All data exchanged between you and Puente OS is treated as confidential information, subject to:
- A confidentiality obligation that survives for 3 years after termination of the service agreement
- Restrictions on disclosure to any third party except as described in this Privacy Policy
- Access limited to Puente OS personnel who need it to deliver the contracted services
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we do:
- We will update the "Last updated" date at the top of this document
- We will notify Clients via the Puente OS dashboard or email if changes are material
- Material changes will be communicated at least 15 days before taking effect
Continued use of the Platform after changes take effect constitutes acceptance of the updated policy.
15. Governing Law and Jurisdiction
This Privacy Policy is governed by the laws of the Republic of Chile. Any dispute arising from this policy shall be resolved through arbitration before the Centro de Arbitraje y Mediacion de Santiago (CAM Santiago), in accordance with the terms of your service agreement.
16. Contact
For any questions, concerns, or requests related to this Privacy Policy:
This Privacy Policy is effective as of March 9, 2026.