Golito logo
HelpContactPrivacyTermsStatus
Español
Access
Logo de Golito

Privacy Policy

Important Notice: This Privacy Policy is provided in English solely for convenience and informational purposes. It is a translation of the original Spanish version of Golito's Privacy Policy. In the event of any inconsistency, discrepancy, conflict, interpretation issue, legal proceeding, or dispute, the Spanish version shall prevail and be considered the legally binding version.

We respect your privacy and are committed to protecting it through compliance with this Personal Data Processing Policy. This policy describes the types of information we may collect from you or that you may provide through the golito.co website, the Golito web application, the Golito mobile application, and any related products or services, as well as our practices regarding the collection, use, storage, protection, and disclosure of such personal information. It also describes the choices available to you regarding our use of your personal information and how you may access, update, correct, or request deletion of your personal data.

This policy constitutes a legally binding agreement between you and the operator of this website and the developer of the applications. By accessing and using our services, you acknowledge that you have read, understood, and agreed to the terms set forth herein. This policy does not apply to the practices of companies that we do not own or control, nor to individuals whom we do not employ or manage.

Data Controller

Golito and its creator, Cristiam Mercado, with principal domicile in Bogotá D.C., Colombia, are responsible for the processing of personal data and determine independently the purposes and means of such processing.

For inquiries, complaints, requests for access, correction, update, deletion, or any matter related to personal data processing, data subjects may contact:

This policy applies to Golito users and, in general, to any individual whose personal data is processed or may be processed by Golito, including registered users, visitors, suppliers, and other third parties.

Definitions

For purposes of this policy, the definitions established under applicable Colombian data protection laws shall apply, including but not limited to authorization, privacy notice, database, cookies, personal data, private data, public data, sensitive data, data processor, data controller, data subject, transfer, transmission, and processing.

These definitions are intended to ensure the proper interpretation and application of this policy and the protection of fundamental rights related to personal data protection.

Legal Framework

This policy is governed by the Political Constitution of Colombia, Law 1581 of 2012, Decree 1074 of 2015, the regulations and circulars issued by the Colombian Superintendence of Industry and Commerce (SIC), and any regulations that amend, supplement, or replace them.

Principles of Personal Data Processing

Personal data processing carried out by Golito shall be governed by the principles of legality, purpose limitation, freedom, accuracy and quality, transparency, restricted access and circulation, security, confidentiality, necessity, proportionality, and temporality, in accordance with Colombian law.

Sources of Information

Personal data processed by Golito may originate from various sources, including:

  • The golito.co website.
  • The Golito web application.
  • The Golito mobile application.
  • Physical or digital forms.
  • Emails sent to [email protected]
  • Customer support requests.
  • User registrations.
  • Publicly available lawful sources.
  • Authorized service providers or partners.
  • Commercial, contractual, or administrative processes related to platform operations.

Golito may process information such as names, surnames, email addresses, usernames, profile pictures, contact information, event-related information, and any other information required to provide its services.

Cookies

Golito may use first-party and third-party cookies to improve browsing experience, personalize content, remember preferences, analyze platform usage, and optimize service performance.

Cookies may include essential, functional, analytical, statistical, or performance-related cookies.

Users may configure their browsers to reject or delete cookies; however, some platform functionalities may be affected.

Purposes of Processing

Personal data collected by Golito may be used for the following purposes:

  • Creating, validating, and managing user accounts.
  • Authenticating and identifying users.
  • Managing events, groups, activities, and platform features.
  • Facilitating interactions among event participants.
  • Managing payments, contributions, registrations, or confirmations associated with events organized through the platform.
  • Sending notifications, reminders, alerts, and service-related communications.
  • Responding to requests, inquiries, complaints, and support tickets.
  • Providing technical and operational support.
  • Improving user experience and developing new features.
  • Performing statistical, historical, and usage analysis.
  • Ensuring platform security and preventing fraud or abuse.
  • Complying with legal, regulatory, contractual, and tax obligations.
  • Conducting marketing and promotional activities related to Golito products or services while respecting users' rights.
  • Communicating platform updates, service changes, and policy modifications.

Sensitive Data

Golito does not request or process sensitive personal data except in circumstances expressly permitted by law.

Whenever sensitive data processing becomes necessary, Golito shall obtain prior, explicit, and informed consent from the data subject and clearly explain the purpose of such processing and the optional nature of providing the information.

Children's Data

Golito is not intended for use by children.

If the processing of personal data belonging to children or adolescents becomes necessary, such processing shall only occur when permitted by applicable law and in accordance with the best interests and rights of the child.

National and International Data Transfers

To provide its services, Golito may rely on third-party technology providers, hosting platforms, infrastructure services, analytics providers, messaging systems, email services, authentication providers, and other technology partners located inside or outside Colombia.

Accordingly, personal data may be transferred or transmitted to data processors located in Colombia or abroad, provided that such transfers comply with applicable laws and appropriate safeguards are implemented to ensure adequate protection of personal information.

Security Measures

Golito implements reasonable administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, alteration, destruction, misuse, or disclosure.

However, no method of electronic transmission or storage can guarantee absolute security, and therefore Golito cannot guarantee complete immunity from security incidents.

Data Subject Rights

Data subjects have the right to:

  • Access, update, and correct their personal information.
  • Request evidence of the authorization granted.
  • Receive information regarding the use of their personal data.
  • Submit inquiries and complaints regarding data processing.
  • Request deletion of their personal data where legally applicable.
  • Revoke consent where legally permitted.
  • Access their personal information free of charge.
  • File complaints with the Colombian Superintendence of Industry and Commerce (SIC).
  • Decline to provide sensitive data or information relating to minors.

Golito Responsibilities as Data Controller

Golito undertakes to:

  • Guarantee the effective exercise of data subject rights.
  • Retain evidence of obtained authorizations.
  • Clearly inform data subjects about processing purposes.
  • Maintain adequate security measures for personal information.
  • Update, correct, or delete information when appropriate.
  • Process inquiries and complaints in a timely manner.
  • Comply with instructions issued by the Colombian Superintendence of Industry and Commerce.
  • Require processors and service providers to comply with applicable legal obligations.

Authorization for Processing

Golito shall obtain prior, express, and informed authorization from data subjects before processing personal data.

Authorization may be obtained through physical or electronic means, digital platforms, online forms, mobile applications, messages, or any other mechanism capable of demonstrating the clear and unequivocal intent of the data subject.

Golito shall retain evidence of all authorizations obtained.

Inquiry Procedure

Data subjects may submit inquiries regarding their personal information by emailing [email protected] or through the website contact form.

Inquiries shall be processed within the timeframes established by applicable Colombian law.

If a response cannot be provided within the legal period, the requester shall be informed of the reason for the delay and the estimated response date.

Complaint Procedure

Complaints must include at least:

  • Name and identification of the data subject.
  • Clear description of the facts giving rise to the complaint.
  • Physical or electronic address for correspondence.
  • Supporting documents, where applicable.

If the complaint is incomplete, the requester may be asked to provide additional information in accordance with applicable legal requirements.

Privacy Contact

All privacy-related inquiries, requests, complaints, and claims may be submitted through the following channels:

  • Email: [email protected]
  • Web Form: Available at https://golito.co/en/help
  • Location: Bogotá D.C., Colombia

Golito shall process such requests in accordance with Colombian data protection laws.

Policy Changes

Golito reserves the right to modify this Privacy Policy at any time to adapt it to legal, technological, operational, or business changes.

Any material modification shall be communicated through the website, applications, or any other reasonable communication channel before becoming effective.

Data Retention

Personal data shall be retained for as long as there is a legitimate purpose for processing or as required to comply with legal, contractual, or regulatory obligations.

Once the processing purpose no longer exists and there is no legal obligation to retain the information, personal data may be securely deleted or anonymized.

Databases managed by Golito shall remain active for periods consistent with the purposes described in this policy and the operational needs of the service.

Policy Effective Date

  • Effective Date: May 30, 2026
  • Last Updated: May 30, 2026

Governing Language

This English version is provided solely as a courtesy translation.

For all legal purposes, including interpretation, enforcement, regulatory proceedings, contractual disputes, judicial actions, arbitration, or any controversy arising from or related to this Privacy Policy, the Spanish version shall prevail and be the sole legally binding version. Any discrepancy between the English and Spanish versions shall be resolved in favor of the Spanish version.