Tabla de Contenidos
Effective Date: 1 June 2025
Last Updated: 26 May 2025
This policy complies with GDPR (EU 2016/679) and Spanish LSSI‑CE.
Questions? support@es2cn.com.
1. Data Controller
|
Field |
Information |
|
Entity |
TEAM ES2CN (“the Team”) – a private
academic collective without separate legal personality or for-profit intent. |
|
Tax ID |
Not incorporated as a legal entity. |
|
Contact Email |
support@es2cn.com |
|
Data Protection Contact (DPO) |
support@es2cn.com |
The Team operates the self-hosted website es2cn.com via the Ghost CMS platform (“the Platform”).
This site is managed by TEAM ES2CN, a nonprofit academic collaboration group without legal personality. For data protection purposes, the Team acts as the data controller and may be contacted at support@es2cn.com.
2 Data We Collect
|
Category |
Specific data |
Source |
Ghost field |
|
Sign‑up data |
Name, email, password hash |
Portal form |
members |
|
User content |
Paid Q&A text (≤ 300 words) & attachments (≤ 20 MB) |
Q&A form |
S3/Uploadcare URL |
|
Analytics |
Truncated IP, user agent, page views |
Plausible |
— |
|
Cookies |
See § 9 |
Browsing |
— |
No special categories of data collected (GDPR Art. 9).
3 Purposes & Legal Bases (GDPR Art. 6)
|
Purpose |
Legal basis |
|
Provide free & member content |
Contract 6 (1)(b) |
|
Answer Quick Text Q&A |
Contract |
|
Send newsletters & promos |
Consent 6 (1)(a) +
LSSI Art. 21 |
|
Security & statistics |
Legitimate interest 6 (1)(f) |
4 Recipients & International Transfers
|
Vendor |
Service |
Country |
Safeguard |
|
Cloudflare Inc. |
CDN / WAF |
USA |
SCC 2021/914 + encryption |
|
Uploadcare LLC |
File storage |
USA |
SCC |
|
Twilio SendGrid |
Transactional email |
USA |
SCC |
|
Plausible OÜ |
Anonymous analytics |
Estonia |
— |
We do not sell or share data for commercial purposes. Transfers outside the EEA occur only under:
- SCCs, or
- EU‑US DPF, or
- Equivalent mechanisms recognised by Latin American authorities (e.g. LGPD, AAIP).
Transfers to Latin America
For residents of Argentina, Uruguay, Brazil, Mexico, Colombia, Chile, Peru or any other Latin‑American country, cross‑border transfers rely on:
• SCCs approved by the EU or local DPA; or
• Adequacy decisions; or
• Your explicit informed consent.
The above list is illustrative; we apply equal protection to all LATAM countries adopting equivalent safeguards.
5 Retention Periods
|
Data |
Period |
|
Account |
Active + 5 years |
|
Q&A files |
2 years after ticket closure |
|
Logs |
12 months |
6 Your Rights
Access, rectification, erasure, restriction, portability, objection – via Account → Download/Delete or support@es2cn.com.
We will respond within 15 days; ID verification may be required.
You may complain to the AEPD (Spain) or your local DPA.
7 Security Measures
TLS 1.3 • Argon2id hashed passwords • Daily AES‑256 backups • Semi‑annual OWASP audit.
8 Minors
Service aimed at users 18+. Accounts of minors will be removed.
9 Cookies
We use a cookie consent banner (Cookie Consent.js). Types include:
- Essential (session, CSRF) – always active.
- Preferences (language) – optional.
- Analytics (Plausible) – anonymised.
- Marketing (Stripe JS) – used only when processing payments.
You may update your choices in the “Cookie Preferences” section.
10 Commercial Communications
We send newsletters only with your explicit consent (opt-in checkbox not preselected).
Each email includes an “Unsubscribe” link. Transactional emails (e.g. payments, security) are sent even if marketing preferences are disabled.
11 Policy Changes
We will post updates on this page and notify members by email 15 days in advance of any material changes. Continued use of the Platform after the effective date constitutes acceptance of the revised policy.
12 Latin‑American Users
Residents of Mexico, Brazil, Argentina, Uruguay, Colombia, Chile, Peru or any other Latin-American country enjoy the same rights to access, rectification, erasure, restriction, portability, and objection, as recognized by their local regulations (INAI, ANPD, AAIP, URCDP, SIC, SERNAC).
You may exercise these rights by emailing support@es2cn.com; we will respond within 15 days.
Transfers to Latin America
For users in Argentina, Uruguay, Brazil, Mexico, Colombia, Chile, Peru or other Latin-American jurisdictions, any international data transfer will be based on:
• EU- or locally-approved Standard Contractual Clauses (SCCs); or
• Adequacy decisions by competent authorities; or
• Your explicit informed consent.
Note: the above list is illustrative; we apply equal protection to all Latin-American countries that adopt or recognize equivalent transfer mechanisms.
Relevant supervisory authorities:
• INAI (Mexico) – www.inai.org.mx
• ANPD (Brazil) – www.gov.br/anpd
• AAIP (Argentina) – www.argentina.gob.ar/aaip
• URCDP (Uruguay) – www.gub.uy/urcdp
• SIC (Colombia) – www.sic.gov.co
• SERNAC (Chile) – www.sernac.cl
13 Contact
For any privacy-related inquiries:
support@es2cn.com
TEAM ES2CN
The Chinese and Spanish versions of these Terms of Service are available upon request. In case of discrepancy, the Spanish version shall prevail.