- Our Partners
- Media Kit
- Work with us
- Contact
- Contact
Last updated: March 2026
View previous version
Thank you for visiting the commercial website of Webdox CLM. Here we present how we collect, use and process your information when you use our websites, software and services. By accessing or using in any way the website, software or services, you will be understood to expressly accept and consent to this Privacy Policy, which is incorporated and forms an integral part of our Terms and Conditions.
WEBDOX CLM ensures maximum confidentiality and protection of personal data provided by users or potential users through our website (https://www.webdoxclm.com/), for the purpose of using the services we offer, filing claims, scheduling demonstrations, downloading legal guides, applying to work with us and other documents or forms. As well as the personal data that current users provide on the Webdox Portal (https://app.webdoxclm.com/) to use our SaaS service as Contract Lifecycle Management for all their employees, clients and/or suppliers.
WEBDOX CLM is aware of the high importance of the privacy of our users and all those interested in the services offered. Consistent with this consideration, we are committed to respecting your privacy and protecting the confidentiality of your private information and personal data. For this reason, through this Privacy Policy, we inform our users of the manner in which personal data provided to WEBDOX CLM is collected, processed and protected.
Private personal information does not include information available through publicly accessible sources. These are understood to be electronic, optical and other technology media designed to provide information to the public and open to general consultation, telephone directories, newspapers and magazines, social media, professional lists, anonymized jurisprudence repositories, Public Registries administered by Superintendencies, Ministries and/or any public body, as well as any other register or database classified as public by law.
In accordance with the "General Data Protection Regulation" or GDPR (hereinafter, the "Law") applied to each country, personal data means any information about a natural person that identifies or makes them identifiable through means that can reasonably be used.
Personal data processing means any operation or technical procedure, automated or not, that allows the collection, registration, organization, storage, preservation, elaboration, modification, extraction, consultation, use, blocking, deletion, communication by transfer or dissemination or any other form of processing that facilitates access, correlation or interconnection of personal data.
WEBDOX CLM develops its personal data processing policy in accordance with the guiding principles established by the Law mentioned below:
WEBDOX CLM and, where applicable, the data processors, have appropriate security measures consistent with the processing to be carried out, as well as the technical, organizational and legal measures necessary to guarantee the confidentiality of personal data.
The user is informed and freely and voluntarily authorizes WEBDOX CLM to collect, store, preserve, access, use, delete or update their Personal Data for its activities. In this regard, the personal data to which WEBDOX CLM has access as a result of the services it provides or through the completion of different forms will be incorporated into the corresponding Personal Data Bank called "Clients," forming the organized set of users' personal data created by WEBDOX CLM.
The personal data provided by users will be treated with full confidentiality and may only be known and handled by WEBDOX CLM personnel, or the data processors, who need to know such information to provide the services offered. WEBDOX CLM undertakes to maintain professional secrecy with respect to them and guarantees the duty to keep them by adopting all necessary security measures. Authorization will not be required when personal data is necessary for the execution of a contractual relationship in which the Personal Data Subject is a party.
If the registered data is inaccurate, in whole or in part, or incomplete, WEBDOX CLM may update and/or replace them with the corresponding rectified or completed data.
Personal data requested from users through different forms on the website are contact data, first and last name, identity number, the hash associated with biometric information, claims, requests, or where applicable, the name of their company, the industry, email address and position, among others, which are adequate, relevant and not excessive in relation to the purpose for which they are collected.
The personal data provided by users will be stored with full confidentiality in the Webdox Private Cloud provided by Google Cloud Platform for the entire Webdox product, inheriting its privacy policy and necessary security controls for regulatory compliance of personal data protection. Likewise, the personal data provided could be stored in various Cloud solutions and technological resources, which allow WEBDOX CLM to fulfill its obligations to its clients and with the following point 7, regarding the use of personal data. The cross-border flow is also legitimized by the contractual necessity for the provision of the Webdox SaaS service.
At the international level, WEBDOX CLM may store information with other companies in its business group such as Webdox Legal SpA, located in Chile, Webdox Legal Informatics SpA, located in Chile, Webdox de Perú S.A.C., located in Peru, Webdox Colombia S.A.S., located in Colombia, Webdox do Brasil Ltda located in Brazil and Webdox de México S.A. de CV, located in Mexico. In addition, WEBDOX CLM uses third-party technology services, so cross-border flow will occur with the following electronic signature providers: E-sign located in Santiago de Chile - Chile, LegalSign located in Santiago de Chile - Chile, TOC Peru located in Seattle, United States, ProtecData located in Bogotá, Colombia, Encode located in Córdoba, Argentina, as well as Google Cloud Platform, cloud storage service provider located in South Carolina - United States of America; and Hubspot, customer service software provider, located in Massachusetts - United States of America.
The foregoing does not preclude the use of a storage repository provided by the Client; in these cases, the connectivity and data transfer must be subject to technical evaluation.
The user expressly authorizes WEBDOX CLM to use their data to provide the contracted services, such as processing indications, processing payments, maintaining and updating files and signatures, biometric information hash for the specific and explicit purpose of validating identity during the use of specific services, updating their accounts with us; as well as making available content such as emails containing content related to the Contract Lifecycle Management (CLM) discipline, invitations to webinars, updates to our products, relevant WEBDOX CLM partnerships; and in general, processing their data to improve user experience on the site, better adapting its features and performance, to improve our services, features and platform, prevent or detect fraud or abuse, enable third parties to provide all types of services on our behalf, adapt our communications, provide information about our projects, improve our service platforms, personalize their experience in use, deliver information about new initiatives, manage their queries and information requests; and in general, process the information for statistical purposes, to be used to comply with legal or contractual obligations contracted with you. These actions may be carried out by email or other equivalent means of communication. The collected data will be stored in the "Clients" data bank owned by WEBDOX CLM.
In addition to the above, personal data may be processed in the following internal WEBDOX CLM processes:
Each of WEBDOX CLM's internal processes may be supported and managed by SUPPLIERS and technological resources, after previously signing a confidentiality agreement and privacy policy to guarantee full protection of personal data.
WEBDOX CLM will not print advertising infographics, whether physically or digitally, containing information that may include personal data of platform users. Similarly, the only document printout with personally identifiable information (PII) will be the service contract between the Client and Webdox for the use of the WEBDOX CLM platform.
Finally, in compliance with Brazil's Lei Geral de Proteção de Dados ("LGPD") and Mexico's Ley Federal de Protección de Datos Personales en Posesión de los Particulares ("LFPDPPP"), Webdox applies the Accountability principle (Proactive Responsibility) by conducting Privacy Impact Assessments (DPIA) for high-risk services in accordance with ISO 27701 certification.
WEBDOX CLM SERVICES
When you use our software and services, we store, process and transmit, confidentially and internally, your documents and information related to them (such as the characteristics or attributes assigned to documents, their alerts, related documents, comments, among others). If you grant us access to your contacts, we will store those contacts on our servers so you can use them. All the information described is encrypted on our servers.
DATA FROM WEBDOX CLM USAGE
We collect information from the devices you use to access our various software products. This includes IP addresses, browser type, operating system version, the device and features you used in WEBDOX CLM.
Personal data will be deleted when it is no longer necessary for the purposes for which it was collected. However, it will be retained for the time during which some form of liability may be required of WEBDOX CLM arising from this relationship with users. Processing for historical, statistical or scientific purposes will not be considered incompatible.
Without prejudice to the above paragraph, the user acknowledges knowing that if they delete their account, we will also delete that information. However, please note that: (1) there may be latency in deleting this information from our servers and backup storage, and (2) we may retain this information if necessary to comply with our legal obligations, resolve disputes or enforce our agreements.
AI Optimization
Data may be processed by Generative AI tools exclusively for service functions (summaries, searches, identity validation or fraud detection). Webdox CLM guarantees, under the supervision of the DPO, that this data is not used to train external or proprietary LLM models, maintaining logical segregation of client information, and implementing Zero Data Retention with AI providers.
The user authorizes the transfer of their data to companies at national or international level (cross-border flow) related to and/or associated with WEBDOX CLM in order to properly manage the services requested by users and subsequent management arising from them, in relation to the purpose indicated in the previous sections, extending to them the express authorization for their use. WEBDOX CLM guarantees an adequate level of protection of users' personal data for the transfer of personal data, in accordance with protection comparable to that provided by this Law or by international standards on the matter.
At the international level, WEBDOX CLM may share information with other companies in its business group such as Webdox Legal SpA, located in Chile, Webdox Legal Informatics SpA, located in Chile, Webdox de Perú S.A.C., located in Peru, Webdox Colombia S.A.S., located in Colombia and Webdox de México S.A. de CV, located in Mexico. In addition, WEBDOX CLM uses third-party technology services, so cross-border flow will occur with the following electronic signature providers: Adobe Sign located in San José, United States; Certinet located in Santiago, Chile; ClickSign located in São Paulo, Brazil; D4Sign located in São Paulo, Brazil; DaviSign (TOC) located in Lima, Peru; Doc2Sign located in Mexico City, Mexico; DocuSign located in San Francisco, United States; E-cert located in Santiago, Chile; ESign Cloud Signer located in Santiago, Chile; ESignDox located in Santiago, Chile; Keynua located in Lima, Peru; Legalario located in Mexico City, Mexico; MiFiel located in Mexico City, Mexico; Thomas Signe located in Bogotá, Colombia; Onespan located in Chicago, United States; Protect Data located in Bogotá, Colombia; Signio located in Bogotá, Colombia; Uanataca Ecuador located in Quito, Ecuador; and Via Firma located in Seville, Spain.
This personal data may also be communicated to administrative entities, judicial and/or police authorities, whenever established by Law.
Likewise, the user expressly authorizes WEBDOX CLM so that, when a claim is made through the email: privacidad@webdoxclm.com, their data will be processed for the purpose of attending to the specific needs of the claim handling process submitted by users, as well as, once the claim handling process has concluded, attending to the needs arising from any judicial, administrative or arbitral process or procedure that may arise in relation to the claim filed by the user, and attending to any inspection by the competent authority on personal data processing.
The data collected through the Claims Book will be stored in the "Claims" data bank owned by WEBDOX CLM.
As a consequence of the described purposes, the storage period for the data will be indefinite. For all purposes, this maximum storage and processing period for personal data shall be understood as a right of WEBDOX CLM and not an obligation, so WEBDOX CLM may choose to store and/or process them for shorter periods. This does not in any way prejudice the rights of users to revoke their consent to their personal data at any time, as permitted by law and as detailed by WEBDOX CLM in this Privacy Policy.
WEBDOX CLM has adopted the appropriate technical and organizational security and confidentiality measures appropriate to the category of personal data, necessary to maintain the required security level, with the objective of avoiding, to the extent possible, the alteration, loss or unauthorized processing or access that may affect or affect the integrity, confidentiality and availability of the information.
However, the transmission of information through communication networks and the Internet is not completely secure; therefore, despite WEBDOX CLM making its best efforts to protect personal data, it cannot guarantee the security of such data during transit to the website. All information that Internet users provide through this means will be sent at their own risk.
Without prejudice to the foregoing, WEBDOX CLM has a team that will preserve the security of your information and carry out vulnerability tests. WEBDOX CLM provides security to its users and currently subdivides it in two ways:
In the event of unauthorized access or any incident that compromises the integrity, availability or confidentiality of personally identifiable information (PII) stored in WEBDOX CLM, the Information Security Incident Management Procedure will be activated.
Under the supervision of the DPO, Webdox will notify the Platform Administrator of the potentially affected Client by email within a maximum period of 12 hours after detection of the incident. This communication will include a preliminary report with the details of the event and the initial remediation measures. Regular updates will also be provided through official channels as new developments in the resolution of the incident become available, as stipulated in the corresponding service contracts.
WEBDOX CLM users — the administrator or administrators of a company — may control the actions that your account has performed, as well as block, delete your account, define document views and control your profiles. Please consult your company's internal policies if you have any questions about this rule.
In the event of communicating personal data of third parties, all users declare and guarantee to WEBDOX CLM having the free, prior, informed, express and written consent to carry out such processing and to apply this privacy policy to them.
WEBDOX CLM does not intend to collect information related to minors under any circumstances, with the exclusive and entire responsibility of parents, guardians or representatives for the authorization that minors in their care may provide.
WEBDOX CLM may disclose information to third parties when this is necessary to comply with a legal or judicial mandate imposed on WEBDOX CLM, including the protection and defense of its rights or those of third parties.
Without prejudice to the foregoing, Users who have provided personal data to WEBDOX CLM may exercise their rights of Access, Rectification, Cancellation, Opposition and Portability (ARCO+P). To do so, they may contact the company to exercise their rights to information, updating, inclusion and deletion, in the terms set out in the applicable legislation and the international standards adopted by the organization.
In this way, the User may exercise the following rights:
These rights may only be exercised by the personal data owner or their representative, in accordance with the law. To exercise these rights, users must contact the following email address privacidad@webdoxclm.com with the reference "Personal Data Protection," specifying their details, proving their identity and the reasons for their request or through http://arco.webdoxclm.com/. The person signing the request must attach a simple copy of the documents proving the identity of the data subject (National Identity Document or equivalent) or, where applicable, that of the representative, as well as a simple copy of the notarized power of attorney when applicable.
Similarly, opposition to the processing of personal data that leads to the termination of the service contract will be worked together with the Customer Success area, to proceed with the cancellation of the service and the delivery of all information uploaded to the system; user data banks, documents, forms, Workflows, among other data, which will be agreed upon and returned in a readable format to the Client.
The foregoing will be supported by the ARCO Request Handling Procedure.
As it is a virtual tool, WEBDOX CLM will collect and process personal data based on the presumption of good faith that the person providing them is of legal age, is proficient in the Spanish language, is in full use of their mental faculties, holds full civil capacity and is the owner of the personal data or acts as a representative of the owner of the data provided, in the event that they belong to third parties.
For any queries regarding this Policy, you may contact the following email address: privacidad@webdoxclm.com.
WEBDOX CLM works with temporary files within the creation of documents and signing of some of these, which through automated cleaning processes are deleted when they are no longer used, or after 10 minutes, whichever occurs first.
Cookies and/or analytical tools are files that are transferred from a website to your computer's hard drive, so that when you visit our platforms again, they recognize you and enhance your browsing experience.
We apply certain technologies, such as cookies (defined in the above paragraph), to provide, improve, protect and promote our software products. For example, cookies help us remember your ID or user email for your next visit, understand how you interact with our platforms, and improve our service based on that information.
You can configure your browser to not accept cookies, but this may limit the ability to use our software modules, in relation to certain specific functionalities.
WEBDOX CLM undertakes to maintain strict confidentiality of the information stored by a legal entity or company, through the following means: Confidentiality Agreement signed by Webdox CLM with each client, Confidentiality Agreement signed by Webdox CLM employees and Perimeter security.
We adopt all technical means within our reach to prevent the loss, theft, robbery, alteration, unauthorized access and/or misappropriation of your data. Although we make our best efforts to guarantee information security, since the technical security measures that can be taken do not occur are not infallible, we cannot be held responsible if these security measures were to fail.
WEBDOX CLM is not responsible for any consequence arising from improper access by third parties to the database and/or any technical failure in the operation and/or preservation of data in the website system or its other electronic channels. Regarding any other information that is not personal data, it will be considered non-confidential, and we may use, publish, reproduce, disclose, publicly communicate and transmit non-confidential information or use such information to communicate directly with users.
WEBDOX CLM will inform through established channels if there is any type of issue with the stored information that could compromise the confidentiality of the information.
WEBDOX CLM will inform the Client (Data Controller) about any change of subcontractor and/or service provider before processing personal data. The DPO will be responsible for communicating this change by email to obtain written agreement with the data processing officer. The DPO will maintain an updated list of subprocessors available to the client.
WEBDOX CLM will also inform the Client (Data Controller), through the DPO and by email, about any legal request regarding the disclosure of personally identifiable information (or PII).
Likewise, any disclosure request for PII that is not legally binding will be rejected or consulted with the Client in advance. Also, before accepting any contractually agreed request, it will be authorized by the Client.
The Personal Data Protection Policy of WEBDOX CLM is constantly updated, so WEBDOX CLM reserves the right to modify its Policy in the event of a change in current legislation, doctrine, jurisprudence or for its own corporate criteria. If any change is introduced to this Policy, the new text will be published on the same Webdox CLM Portal.
All users who access this Privacy Policy are recommended to do so periodically, found at the website https://www.webdoxclm.com/en/privacidad.