Skip to content
Octo Inc. — Data Protection Unit
Octoberus DATA

SERVICE 005 — ARTICLE 49

The insurance the law itself offers you

Law 21,719 expressly recognizes that having a certified infringement prevention model mitigates your liability. It's the difference between an exemplary fine and a moderate sanction — and almost nobody in the technology market is offering it.

What it is

A system, not a binder.

The infringement prevention model is the data protection equivalent of the crime prevention model under Law 20,393: a formal program that proves your company organized itself seriously to not break the law.

If the Agency audits or sanctions you, having the model operating and with evidence works directly in your favor. Having it printed in a binder nobody opens does not.

That's why we build it on the same tooling as your day-to-day compliance: the model feeds itself on the evidence your operation already generates.

PRACTICAL EFFECT

MITIGATING FACTOR

A circumstance the Agency must consider when grading the sanction — alongside cooperation and self-reporting. In a regime with fines of up to 20,000 UTM, grading is real money.

Components

What the rule requires it to contain.

01

Appointment of the prevention officer

With autonomy, resources and direct access to management, as the rule requires.

02

Identification of risk activities

An infringement risk matrix specific to your operation: which processing activities could lead to minor, serious or very serious infringements.

03

Protocols and procedures

Concrete rules to prevent each identified risk, integrated into the workflows we already implemented.

04

Oversight and internal audit

A review calendar, indicators and reports to management that prove the model actually operates.

05

Internal sanctions and whistleblowing channel

Defined consequences for internal non-compliance and a channel to report deviations.

Available as a module
of any plan.

See pricing →