PRIVACY POLICY – LIBSUD ARGENTINA S.A.
Last updated: 29 May 2025
1. Who We Are
Libsud Argentina S.A. (CUIT 30-71238218-6) is registered in Buenos Aires, Argentina. We decide why and how personal data on this website and in our projects are processed, so we’re the data controller.
Email: privacy@libsud.com.ar
2. The Laws That Matter
-
Argentina: Ley 25.326 — Personal Data Protection Act (PDPA) and its rules enforced by the Agencia de Acceso a la Información Pública (AAIP).
(bitraser.com) -
European Union: General Data Protection Regulation (EU) 2016/679 (GDPR).
The EU formally recognises Argentina as offering “adequate” protection, so EU-to-AR data flows are lawful without SCCs (Decision 2003/490/EC).
(EUR-Lex)
3. What We Collect
| Category | Examples | Source |
|---|---|---|
| Identity | first/last name, company, job title | contact forms, emails |
| Contact | email, phone, postal address | you |
| Project data | briefs, media assets, contracts | you/your partners |
| Technical | IP, browser, pages visited, timestamps | cookies, server logs |
| Marketing | newsletter opens, click-throughs | our email platform |
We don’t seek sensitive data (health, race, etc.). If you send it unasked, we’ll delete it.
4. Why We Process & Legal Bases
| Purpose | PDPA Legal Ground | GDPR Legal Ground |
|---|---|---|
| Respond to enquiries, sign contracts, deliver projects | art. 5(a) (“consent or contractual relationship”) | Art 6 (1)(b) – contract |
| Issue invoices, maintain tax files | legal obligation | Art 6 (1)(c) – legal obligation |
| Send newsletters with your opt-in | consent | Art 6 (1)(a) – consent |
| Basic analytics, site security | legitimate interest | Art 6 (1)(f) – legitimate interest |
5. Cookies & Tracking
We run first-party cookies plus Google Analytics 4 with IP-anonymisation.
No Facebook/LinkedIn pixels, no ad-tech.
The cookie banner appears on first visit; tweak settings any time via the footer link.
6. Who Sees Your Data
| Recipient | Role | Location |
|---|---|---|
| DigitalOcean | Website hosting | EU datacentre |
| Microsoft 365 | Email + file storage | EU tenant |
| Google Analytics 4 | Site stats | EU/US (aggregated, IP-masked) |
| Brevo (Sendinblue) | Newsletters | EU |
All vendors are bound by written DPAs. No data broking, no selling.
7. International Transfers
-
EU → Argentina: Covered by the EU adequacy decision, so transfers are lawful.
-
Argentina → outside EEA: If we ever move data elsewhere, we’ll use Standard Contractual Clauses plus any extra safeguards that the GDPR or PDPA demand.
8. Retention
| Data Set | How Long |
|---|---|
| Contact emails & forms | 24 months after final reply |
| Project files & invoices | 10 years (Argentine tax rules) |
| Newsletter list | until you unsubscribe |
| Server & analytics logs | 14 months, then aggregated |
Encrypted back-ups roll off after 30 days.
9. Your Rights
Under PDPA and GDPR you can:
-
Access – know what we hold
-
Rectify – correct errors
-
Delete – “right to be forgotten” / “supresión”
-
Object / restrict – stop or pause certain uses
-
Portability – get data in CSV/JSON (EU only)
-
Withdraw consent – newsletters, cookies
Email privacy@libsud.com.ar. We answer within 30 days.
If we blow it, complain to:
-
AAIP (Argentina): datos@aaip.gob.ar
-
EU: Any data-protection authority you choose
10. Security in Plain English
TLS 1.3 everywhere, hardened firewalls, MFA on admin accounts, encrypted drives, quarterly vulnerability scans.
Breach affecting you? We’ll notify you and the AAIP/EU DPAs within 72 hours.
11. Changes
Big change = splash banner or email.
Small wording tweak = silent update.
Check the “Last updated” date up top.
12. Talk to Us
Libsud Argentina S.A.
Ciudad Autónoma de Buenos Aires, Argentina
privacy@libsud.com.ar