Privacy Policy

How we handle your data

Last updated: · Version 1.0

1. Data controller

This policy describes how [LEGAL ENTITY NAME] (hereinafter “E-Growth Management”, “we”, “our”) collects, uses, shares, and protects your personal information when you visit e-growth-management.com or contact us through any of the channels described below.

Legal entity
[LEGAL ENTITY NAME / SOLE PROPRIETORSHIP OF: FULL NAME]
Tax ID (CUIT/CUIL)
[CUIT / CUIL]
Registered address
[FULL LEGAL ADDRESS, City, Province, Argentina]
Privacy officer
[FULL NAME OF RESPONSIBLE PERSON]
Contact email
business@e-growth-management.com

2. Executive summary

  • What we collect: contact information you provide (name, email, phone) when scheduling a meeting or reaching out, plus aggregated anonymous site analytics.
  • Why: to answer commercial inquiries, coordinate meetings, and improve the site.
  • Who we share with: infrastructure providers (Vercel, Calendly, Meta for WhatsApp) — each under their own data processing agreement.
  • How long: 24 months for unconverted leads, 10 years for contractual relationships due to Argentine tax retention obligations (Ley 11.683).
  • Your rights: access, rectify, delete, object. Email us at business@e-growth-management.com .

3. What we collect and how

The site has no own forms. Data is collected only when you initiate contact through one of these channels:

3.1 Calendly (discovery call scheduling)

When you book a meeting through the “Book the discovery call” button, Calendly LLC collects:

  • Full name
  • Email
  • Detected timezone
  • Phone (optional)
  • Answers to booking form questions
  • Any notes you add

Calendly operates in the United States as an independent processor. Their Privacy Notice governs their processing. We access this information via email notifications and Google Calendar integration.

3.2 WhatsApp Business

If you message us through the “WhatsApp direct” button, Meta Platforms Inc. (WhatsApp operator) processes:

  • Your phone number
  • Public profile name and photo
  • Message content
  • Timestamps and delivery/read status

WhatsApp processing is governed by their Privacy Policy. We access those conversations from our account and retain the history according to our retention periods.

3.3 Direct email

If you email business@e-growth-management.com , the message is forwarded via ImprovMX (a forwarding service) to our operational inbox. ImprovMX processes email headers and content in transit; it does not store them after forwarding. We retain the email thread in our inbox according to the retention periods.

3.4 Vercel Web Analytics

We use Vercel Web Analytics to count visits in aggregate. It is cookieless: no cookies are installed, no localStorage is used, no persistent identifier is generated. It processes:

  • Hashed IP discarded within 24 hours (the original IP is never stored)
  • Browser User-Agent
  • Referrer (the site you came from)
  • Country (derived from IP, without fine geolocation)
  • URL visited on the site

There is no cross-site tracking, no behavioral advertising, no data broker integration. Vercel cannot identify individual users from this data.

3.5 LinkedIn

If you click the LinkedIn link in the footer, you go to LinkedIn Corporation under their own privacy policy. We do not track that click on our site.

4. Purposes and legal basis

We process your data only for the purposes listed below. Each purpose has a documented legal basis (GDPR Art. 6 / Argentine Ley 25.326 Art. 5):

PurposeLegal basis
Answering commercial inquiries you initiateImplied consent and legitimate interest (GDPR Art. 6(1)(a)(f))
Coordinating and conducting the discovery meetingPre-contractual measures (GDPR Art. 6(1)(b))
Cookieless aggregate analytics to improve the siteLegitimate interest with documented LIA (GDPR Art. 6(1)(f))
Compliance with accounting and tax obligationsLegal obligation (GDPR Art. 6(1)(c) / Argentine Ley 11.683)

We do not use your data for automated profiling, automated decisions with legal effects, or behavioral advertising.

5. Cookies and similar technologies

This site uses no first-party cookies and no persistent local storage. Vercel Analytics is cookieless: it hashes the visitor's IP and discards it within 24 hours, without creating a client-side session identifier. There is no Meta Pixel, no Google Analytics, no Hotjar, no heatmapping tools.

This declaration satisfies ePrivacy Directive 2002/58/EC (EU Cookie Law) without a consent banner, because there are no non-essential trackers. If we later add any technology requiring prior consent (e.g., Meta Pixel), we will update this policy and implement an opt-in consent banner before activating it.

6. Who we share your data with

We share data only with processors necessary to operate the site and respond to your contact. We do not sell or transfer personal data to third parties for advertising or marketing.

ProcessorServiceLocationData processed
Vercel Inc.Hosting + cookieless AnalyticsUnited States + Ireland (EU)Request logs, aggregated metrics
Calendly LLCMeeting schedulingUnited States (Data Privacy Framework)Name, email, timezone, phone, notes
Meta Platforms Inc. / WhatsApp LLCMessagingIreland (for EU users) / United StatesPhone number, messages, public profile
ImprovMXEmail forwardingUnited States / FranceEmail headers and content in transit
Google LLC (Workspace / Gmail)Received email storageUnited States (Data Privacy Framework)Email content and metadata

All processors above operate under data processing agreements (DPAs) ensuring standards equivalent to GDPR and Argentine Ley 25.326.

7. International transfers

Some processors store data outside the European Economic Area (EEA) and Argentina. The applicable legal bases are:

  • Argentina ↔ EU: Argentina has an adequacy decision from the European Commission (Decision 2003/490/EC), so no additional safeguards are required to transfer data between these jurisdictions.
  • To the United States: we apply the EU Standard Contractual Clauses (SCCs) 2021/914 with each processor that requires them, together with post-Schrems II supplementary measures (encryption in transit and at rest, key segregation, data minimization).
  • Other LATAM jurisdictions: we evaluate case by case whether additional transfer agreements apply.

8. Retention

  • Unconverted leads (contacts who did not engage): 24 months since the last contact
  • Contractual clients: duration of the relationship + 10 years for tax retention (Argentine Ley 11.683)
  • Aggregate analytics: Vercel-defined retention, without link to personal identities
  • Inquiry emails without follow-up: 24 months

Once the retention period expires, data is deleted or anonymized. You can request earlier deletion per section 9.

9. Your rights

Depending on your jurisdiction, one or more of the following rights apply:

9.1 Argentina (Ley 25.326)

ARCO rights: Access, Rectification, Cancellation, Objection. Response deadline: 10 business days.

9.2 European Union (GDPR)

Right of access (Art. 15), rectification (Art. 16), erasure “right to be forgotten” (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), objection (Art. 21), not to be subject to automated decisions (Art. 22), and to withdraw consent at any time. Response deadline: 30 days.

9.3 California (CCPA/CPRA)

Right to Know, Right to Delete, Right to Correct, Right to Opt-Out of Sale or Sharing, Right to Limit Use of Sensitive Personal Information, Right to Non-Discrimination. Express disclaimer: we do not sell or share your personal information for cross-context behavioral advertising.

9.4 Other LATAM jurisdictions

We recognize equivalent rights under LGPD (Brazil), LFPDPPP (Mexico), Ley 21.719 (Chile, effective December 1, 2026), and Ley 1581/2012 (Colombia).

How to exercise your rights

Email business@e-growth-management.com with:

  • Full name
  • Description of the right you wish to exercise
  • Documentation proving your identity (ID/Passport — required to avoid disclosing data to a third party)
  • Jurisdiction where you reside (to apply the correct deadline)

We respond within the shortest applicable deadline (10 business days for Argentine data subjects; 30 calendar days for the rest). If an extension is needed, we notify you within the original deadline explaining why.

10. Security

We apply reasonable technical and organizational measures to protect your data:

  • Encryption in transit (HTTPS/TLS 1.3 across the entire site)
  • Encryption at rest in the processors' systems mentioned above
  • Access restricted under least-privilege principle
  • Two-factor authentication on administrative accounts
  • Periodic review of sub-processors

In case of a data breach that may affect your rights, we will notify the competent authority within 72 hours (GDPR Art. 33) and affected data subjects without undue delay when the risk is high (GDPR Art. 34).

11. Minors

This site is not directed at children under 16 and we do not knowingly collect data from minors. If we detect that we have collected data from a minor without parental consent, we delete it upon identification. If you are a parent or guardian and believe your minor sent us data, email business@e-growth-management.com .

12. Artificial intelligence

We do not use your data or our clients' data to train our own or third-party AI models. For tools we use during consulting engagements (Anthropic Claude, OpenAI, Google Gemini, etc.) we subscribe to enterprise/API plans where training opt-out is a contractual and technical default. This declaration is a binding and auditable commitment, subject to regulatory enforcement (including FTC Section 5 if you are considered a US data subject).

13. Consulting clients: Data Processing Agreement (DPA)

This policy covers only the use of the e-growth-management.com website. When we sign a Master Services Agreement (MSA) with a client, we attach a separate Data Processing Agreement (DPA) governing roles (client = controller, E-Growth = processor), security measures, sub-processors, breach notification, audit rights, and return/deletion of data at the end of the engagement. The DPA is governed by GDPR Art. 28 and Argentine Ley 25.326 where applicable.

14. Supervisory authorities

You have the right to lodge a complaint with the data protection authority of your jurisdiction:

15. Changes to this policy

We may update this policy to reflect legal, operational, or processor changes. The last-updated date at the top always reflects the current version. For material changes, we notify you through the channels you already use (email if you previously contacted us; a visible banner on the site for 30 days for everyone else).

16. Contact

Any questions about this policy, rights requests, or general feedback: business@e-growth-management.com .

This document is commercial drafting, not legal advice. For specific cases, consult a lawyer.