Last Updated: January 23, 2026
This Privacy Policy (the "Policy") constitutes a legally binding document between you ("User", "you") and Santiago Alen Rodriguez Canovari, Tax ID (CUIT) 20-43043009-3, legally domiciled at Alsina 832, San Isidro, Buenos Aires, Argentina (hereinafter, "Piloo", "we", "our").
This Policy governs the collection, use, storage, processing, protection, and potential sharing of personal data linked to the access and use of: (i) the web platform joinpiloo.com and piloo.com.ar; (ii) the mobile application "Piloo"; and (iii) all associated functionalities, content, and services (collectively, the "Service").
By registering, downloading, installing, accessing, or using the Service, or by clicking "I accept" when such option is available, you represent that you have read, understood, and agreed to be bound by this Policy and by our Terms and Conditions of Use (the "Terms"), available in the application, which is incorporated by reference.
If you do not agree with this Policy, you must not use the Service nor provide personal data through it.
Piloo respects User privacy and processes personal data in accordance with Law No. 25.326 on Personal Data Protection, its complementary regulations, and the provisions of the Agency for Access to Public Information (AAIP), as well as any other applicable regulation regarding personal data protection.
Piloo is operated by Santiago Alen Rodriguez Canovari, Tax ID (CUIT) 20-43043009-3, legally domiciled at Alsina 832, San Isidro, Buenos Aires, Argentina, who acts as Data Controller for personal data collected through the Service.
For any inquiry, request, or claim related to privacy or personal data protection, the User may contact via email at santiago@joinpiloo.com.
Piloo may update this Privacy Policy at any time. Substantial changes will be informed by updating the "Last Updated" date and, when required by applicable law, by direct notification to the User via reasonable electronic means. Continued use of the Service following the publication of an updated version of the Policy shall imply acceptance of said version.
Piloo collects and processes only personal data that is reasonably necessary for the operation of the Service, Account management, and provision of offered functionalities. The information collected may vary depending on whether the User acts as an End User or Merchant.
When creating an Account, Piloo may collect the following data provided directly by the User:
The User declares that the data provided is true, accurate, current, and complete, and agrees to keep it updated.
During access and use of the Service, Piloo may automatically collect certain technical and operational information necessary to ensure proper operation, security, and continuous improvement of the App, including:
These data are used for technical, statistical, and security purposes, and do not allow identifying the User on their own without being associated with the Account.
Piloo may request certain permissions from the User's device, always transparently, in accordance with the operating system configuration and only to the extent necessary to enable certain Service functionalities. In particular, such permissions may include, among others:
Granting these permissions is voluntary, and the User may revoke them at any time from their device settings. Revocation of permissions may limit or prevent the use of certain Service functionalities, without generating any liability for Piloo.
Piloo does not collect or process:
In the event the User voluntarily enters information of this type in open fields or via direct communications, such information shall not be required or processed by Piloo as a regular part of the Service nor used for purposes other than addressing the specific communication, if applicable.
Piloo processes User personal data exclusively for the legitimate, explicit, and determined purposes detailed below, to the extent they are necessary for providing the Service and in accordance with applicable regulations:
Personal data will not be used for purposes distinct from or incompatible with those informed herein, unless the User grants express consent or a legal obligation so requires.
4.1 Operational and Administrative Communications. Piloo may send Users communications of an operational, administrative, or technical nature linked to the use of the Service, such as registration confirmations, security notices, system notifications, relevant Service updates, or information necessary for the proper provision of offered functionalities. These communications are considered an essential part of the Service and are not subject to opt-out mechanisms, to the extent they are necessary for its operation or security.
4.2 Promotional Communications. Piloo does not send massive third-party advertising communications nor market User databases for advertising purposes. In the event Piloo implements its own promotional, informational, or commercial communications related to the Service in the future, the User may opt out of receiving them through mechanisms enabled for such purpose (e.g., unsubscribe links, settings within the App, or contact through official channels), without affecting the receipt of operational or security communications.
5.1 Absence of Database Acquisition. Piloo does not buy, rent, exchange, or acquire third-party databases with personal information of Users, nor uses data obtained from external sources for profiling, mass marketing, or commercialization purposes.
5.2 Technological Services and Integrations. For Service provision, Piloo may use services, tools, or infrastructures provided by independent third parties, such as hosting services, databases, authentication, notifications, technical analysis, or other operational integrations. Such providers may process certain personal data solely on behalf of and under instructions from Piloo, for strictly technical and operational purposes, and subject to contractual obligations of confidentiality, security, and personal data protection.
5.3 Limitation of Liability. Piloo does not control nor is responsible for data processing performed by such third parties outside the scope of the Service or outside Piloo's instructions, nor for the privacy policies of such providers, which are governed by their independent terms and conditions.
Piloo only shares User personal data in cases expressly provided for in this Policy and to the extent necessary for Service provision.
6.1 Participating Merchants. When an End User voluntarily joins a Participating Merchant's loyalty program through the Service, the User expressly and informedly authorizes Piloo to share their name and email address with said Merchant, exclusively for purposes linked to customer management, loyalty program administration, and the direct commercial relationship between the End User and the Merchant. Once such data is shared, the Merchant acts as an independent data controller, autonomously determining the purposes and means of any subsequent processing performed outside the Service. Consequently, the Merchant is solely responsible for the use, storage, communication, and protection of such data, as well as for compliance with applicable regulations regarding personal data protection and privacy. Piloo does not control, supervise, nor answer for personal data processing performed by Merchants outside the Service, nor for policies, practices, or communications they direct directly to End Users.
6.2 Service Providers. Piloo may share personal data with technological and service providers that provide services necessary for Service operation (such as hosting, infrastructure, databases, authentication, notifications, technical analysis, or other similar services). Such providers will process data exclusively on behalf of and under instructions from Piloo, and will be subject to contractual obligations of confidentiality, security, and personal data protection, to the extent required by applicable law.
6.3 Legal Obligations and Rights Protection. Piloo may disclose personal data when reasonably necessary to: comply with a legal obligation, competent authority requirement, judicial or administrative order; investigate, prevent, or respond to potential fraud, misuse, security incidents, or violations of Terms and Conditions; or protect the rights, security, or integrity of the Service, Piloo, Users, or third parties.
6.4 No Data Commercialization. Piloo does not sell, rent, assign, or commercialize User personal data, nor shares it with third parties for third-party advertising or marketing purposes.
7.1 Security Measures. Piloo implements reasonable technical and organizational measures intended to protect personal data against unauthorized access, undue disclosure, loss, alteration, destruction, or misuse, taking into account the nature of processed data, involved risks, and the state of the art.
7.2 Technological Infrastructure. The Service relies on technological infrastructures and services provided by trusted third parties, including, among others, hosting services, databases, and cloud processing (e.g., Google Cloud / Firebase), which apply security standards in accordance with customary industry practices.
7.3 Inherent Limitations. The User acknowledges that no system, network, or security measure is completely infallible, and that transmitting information over the Internet or using digital services implies inherent risks. Consequently, Piloo does not guarantee absolute data security, and use of the Service is at the User's own risk, notwithstanding applicable legal obligations.
To the extent Piloo uses technological infrastructures or services provided by third parties, some personal data may be stored or processed on servers located outside the Argentine Republic. In such cases, Piloo adopts reasonable and appropriate measures to ensure that such transfers are made with adequate levels of protection and security, in accordance with Law No. 25.326, its complementary regulations, and provisions of the controlling authority, including selecting providers that apply security standards in accordance with customary industry practices. The User acknowledges and accepts that providing digital services may involve this type of international transfer, which is necessary for Service operation.
9.1 Data Retention. Piloo retains User personal data only for the time reasonably necessary to fulfill the purposes described in this Policy, while an active Account or a valid relationship with the User exists, and/or while necessary to: comply with legal, regulatory obligations or competent authority requirements; prevent, investigate, or respond to misuse, fraud, security incidents, or disputes; and exercise or defend Piloo's rights. Once such purposes are fulfilled, data will be deleted, anonymized, or blocked, as appropriate and to the extent permitted by applicable law.
9.2 Request for Account Deletion. The User may request the complete and permanent deletion of their Account and associated personal data at any time, via the following procedure:
9.3 Scope of Deletion. Account deletion may imply definitive loss of access to Cards, Stamps, progress information, or other data linked to Service use. Notwithstanding the foregoing, Piloo may retain limited information when strictly necessary to comply with legal, audit, security, fraud prevention, or dispute resolution obligations, in accordance with applicable regulations.
Piloo may use cookies, local identifiers, device local storage, or other similar technologies solely for the purpose of keeping the session active, remembering basic User settings, and ensuring proper operation, stability, and security of the App. These technologies are used for strictly technical and functional purposes, and are not used for third-party behavioral advertising, cross-site tracking, or personal data commercialization. The User can manage, limit, or delete these technologies through their browser or device settings. However, disabling certain cookies or local storage mechanisms may affect the availability or proper functioning of some Service functionalities.
11.1 Recognized Rights. The User, as the owner of personal data, has the right to exercise, under the terms of Law No. 25.326, the following rights:
11.2 Exercise of Rights. To exercise any of these rights, the User must send a request to the email santiago@joinpiloo.com, clearly indicating the right they wish to exercise. Piloo may require verification of the applicant's identity to prevent unauthorized or fraudulent access to personal data.
11.3 Response Times. In accordance with Law No. 25.326: The right of access shall be addressed within ten (10) calendar days from accreditation of the applicant's identity. Requests for rectification, update, or suppression shall be addressed within five (5) business days from identity accreditation, when applicable. The exercise of these rights shall be free of charge, under the terms and limitations provided by applicable regulations.
The AGENCY FOR ACCESS TO PUBLIC INFORMATION (AGENCIA DE ACCESO A LA INFORMACIÓN PÚBLICA), as the Controlling Body of Law No. 25.326 on Personal Data Protection, has the authority to address complaints and claims filed by those whose rights are affected by non-compliance with current regulations regarding personal data protection.
The Service is not directed or primarily designed for minors. However, according to the Terms and Conditions of Use, the Service may be used by End Users from thirteen (13) years of age, with the authorization of their mother, father, or legal guardian, as appropriate and in accordance with applicable regulations. Piloo does not intentionally collect personal data from minors outside the indicated assumptions. In the event Piloo becomes aware that an Account belongs to a minor who does not meet applicable age or authorization requirements, it may suspend or delete said Account and associated data, without liability and in accordance with current regulations. Parents or legal guardians who believe a minor has provided personal data without corresponding authorization may contact Piloo through official channels to request review or deletion of such information. Piloo relies on the declaration made by the User at registration regarding compliance with age and authorization requirements, without being obligated to actively verify identity or legal representation, to the extent permitted by applicable law.
The Service may contain links, integrations, functionalities, or access to websites, applications, platforms, tools, or services provided by independent third parties ("Third-Party Services"). Such Third-Party Services are governed by their own terms and conditions and privacy policies, which are independent of Piloo's. Piloo does not control, manage, nor assume any responsibility for privacy practices, security, data processing, content, availability, or operation of such third parties. Access, use, or interaction with Third-Party Services is performed at the User's sole responsibility, who should review and accept applicable policies of such third parties before using them.
This Privacy Policy shall be governed and interpreted in accordance with the laws of the Argentine Republic, without application of conflict of law rules.
In case of conflict, contradiction, or inconsistency between this Privacy Policy and any other document, policy, condition, or communication from Piloo, this Privacy Policy shall prevail in everything related to the processing, use, and protection of personal data, without prejudice to the validity of the rest of the applicable provisions.
This Privacy Policy shall remain valid while published on the Service and shall be applicable throughout the period Piloo processes User personal data, whatever the cause of such processing. Notwithstanding Account cancellation, elimination of access to the Service, or termination of the relationship between User and Piloo, those provisions of this Policy that, by their nature or purpose, must survive shall remain fully in force, including, without limitation, those relating to: Retention, blocking, and deletion of personal data; Information security and protection measures; International data transfers; Sharing and disclosure of personal data, to the extent necessary for legal compliance or rights protection; Rights of data subjects and exercise of actions; Intervention of supervisory authority; and Applicable law and order of precedence. The survival of said provisions is strictly limited to purposes of legal compliance, security, audit, fraud prevention, and dispute resolution, without implying personal data processing distinct from or incompatible with what is established in this Policy.