Privacy Policy

Sprachzentrum Buenos Aires Online

Last updated: June 2025

1. Data Controller

Sprachzentrum Buenos Aires Online

• Address: Bulnes 644, C1176ABL Buenos Aires, Argentina
• Phone: +54 9 3546 53 2993
• Email: privacidad@sprachzentrum.com.ar
• CUIT: 27-28985359-1
• Legal representative: Bárbara Pereyra

Note: This policy complies with Argentina's Personal Data Protection Law 25.326 and the European Union's General Data Protection Regulation (GDPR).

2. Data Protection Officer (For EU students)

• Name: Daniel Bosse
• Email: dbosse@sprachzentrum.com.ar
• Phone: +54 9 3546 53 2993

3. Purposes of Data Processing

3.1 Educational and academic services

• Legal basis Argentina: Data subject consent (Art. 5 Law 25.326)
• Legal basis GDPR: Contract performance (Art. 6.1.b GDPR)
• Processed data:
  • Identification data (name, surname, DNI/passport, date of birth)
  • Contact data (address, phone, email)
  • Academic information (language level, progress, grades)
  • Emergency data (emergency contact)
• Specific purpose:
  • Registration and enrollment in courses (regular, intensive, workshops)
  • Academic progress tracking on digital platforms
  • Issuance of ÖSD certificates and diplomas
  • Academic communication with students and companies
  • Management of in-person ÖSD exams
• Course types:
  • Regular courses: 12 sessions of 2.5 hours (1x per week extensive, 2-4x intensive)
  • Workshops: 5-12 sessions (1x per week)
  • Corporate courses for companies
  • ÖSD exam preparation
• Retention: During academic relationship and 10 years thereafter for certification purposes

3.2 Administrative management and billing

• Legal basis Argentina: Legal obligation and consent
• Legal basis GDPR: Legal obligation (Art. 6.1.c) and contract performance (Art. 6.1.b)
• Processed data: Economic data, billing information, payment history
• Retention: According to legal accounting periods (10 years in Argentina)

3.3 Institutional communications

• Legal basis Argentina: Data subject consent
• Legal basis GDPR: Consent (Art. 6.1.a) or legitimate interest (Art. 6.1.f)
• Processed data: Contact data, communication preferences
• Purpose: Information about courses, events, cultural activities
• Retention: Until consent withdrawal

3.4 Security and video surveillance

• Legal basis Argentina: Legitimate interest and legal compliance
• Legal basis GDPR: Legitimate interest (Art. 6.1.f)
• Processed data: Security camera images
• Retention: 30 days from recording

3.5 Digital educational platforms

• Legal basis: Educational contract performance
• Platforms used:
  • Moodle: Course management, materials and assessments
  • Adobe Connect: Real-time virtual classes
  • Google Workspace for Education: Collaborative tools and documents
• Processed data: Access data, platform progress, activities performed, grades
• Security: Access via encrypted credentials and secure authentication
• Retention: During course duration and 2 additional years

3.6 Class and educational session recordings

• Legal basis Argentina: Express consent of data subject (Art. 5 Law 25.326)
• Legal basis GDPR: Explicit consent (Art. 6.1.a GDPR)
• Platform: Adobe Connect Server
• Processed data:
  • Audio and video recordings of classes
  • Voice and image of students and teachers
  • Interactions during class (chat, participation)
  • Materials shared during the session
• Specific purposes:
  • Review of educational content by students
  • Makeup classes for justified absences
  • Evaluation and improvement of educational quality
  • Training and supervision of teaching staff
• Retention: 3 months from course completion
• Access: Only students of the specific course and authorized teaching staff
• Location: Adobe Connect servers (United States) with appropriate security guarantees

3.6.1 Specific Consent for Class Recordings

Mandatory prior information
Before each recording, participants will be informed of:

• That the class will be recorded
• The educational purpose of the recording
• The retention period (3 months)
• Rights of access, rectification and deletion
• The possibility to object to recording

Consent modalities

• Active consent: Express declaration before recording begins
• Consent by participation: Remaining in class after recording notice
• Right to object: Possibility to leave the session or request not to be recorded

Minor students

• Parental consent required for recordings including minors
• Specific authorization form signed by parents/guardians
• Clear information about educational use of recordings

Specific rights regarding recordings

• Access: Request copy of recordings in which they appear
• Rectification: Not applicable due to nature of recordings
• Deletion: Early removal upon justified request
• Objection: Right not to be included in future recordings

Specific security measures

• Access via unique credentials per student
• Prohibition of download or redistribution
• Access logs for usage monitoring
• Automatic deletion after 3 months

3.7 Corporate and business services

• Legal basis Argentina: Commercial contract performance
• Legal basis GDPR: Contract performance (Art. 6.1.b GDPR)
• Processed data:
  • Contact data of participating employees
  • Information of contracting company
  • Corporate progress and evaluations
• Purpose: Language training for company personnel
• Retention: During contract validity and 5 years thereafter

3.8 Website and online store system

• Legal basis: Consent and contract performance
• Processed data:
  • Navigation data (Google Analytics)
  • Purchase and billing information
  • Contact form data
  • Tracking cookies (Facebook Pixel)
• Purpose:
  • Processing online purchases
  • Web behavior analysis
  • Targeted marketing
  • Responding to inquiries
• Retention: According to specific purpose and consent granted

4. Special Categories of Data

When processing special data (health for educational adaptations):

• Legal basis Argentina: Express consent (Art. 7 Law 25.326)
• Legal basis GDPR: Explicit consent (Art. 9.2.a GDPR)
• Purpose: Necessary pedagogical adaptations
• Special measures: Additional encryption and restricted access

5. Data Recipients

5.1 Within Argentina

• Technology service providers (educational platforms)
• Financial institutions for payment management
• Accountants and legal advisors
• Educational authorities when required

5.2 Argentine public bodies

• AFIP (Federal Administration of Public Revenue)
• Ministry of Education of Buenos Aires City
• Courts and tribunals when legally required

5.3 For EU students

• European educational organizations for certification recognition
• European consular authorities when necessary

6. International Transfers

6.1 From Argentina to EU

• Argentina has adequacy decision from European Commission
• Transfers to EU are permitted without additional safeguards

6.2 From EU to Argentina

• Transfers covered by adequacy decision
• For other countries: only with appropriate safeguards (standard contractual clauses)

6.3 International educational platforms

• Google Workspace for Education (United States) - with standard contractual clauses
• Adobe Connect Server (United States) - for class recordings
  • Safeguards: Standard Contractual Clauses approved by European Commission
  • Security measures: Encryption in transit and at rest
  • Limited access: Only authorized personnel of educational center
  • Storage duration: 3 months maximum
• External certificate servers - for digital certificate storage
  • Location: [SPECIFY SERVER LOCATION]
  • Security safeguards: AES-256 encryption, restricted access
  • Purpose: Secure storage of issued certificates
  • Duration: 5 years for ÖSD certificates, 3 years for internal certificates

7. Data Subject Rights

7.1 For Argentina residents (Law 25.326)

• Right to information: Knowledge of existence and purpose of processing
• Right of access: Obtain information about their personal data
• Right of rectification: Correct inaccurate or outdated data
• Right of deletion: Request deletion when not necessary

7.2 For EU residents (GDPR)

All above rights plus:

• Right of restriction: Limit processing under certain circumstances
• Right of portability: Receive data in structured format
• Right to object: Object to processing due to particular situation

7.3 Exercise of rights

For all students:

• Email: derechos@sprachzentrum.com.ar
• In person: Bulnes 644, C1176ABL Buenos Aires, Argentina
• Phone: +54 9 3546 53 2993
• Required documentation: DNI, passport or valid identity document
• Response time: 10 business days (Argentina) / 30 days (GDPR)

8. Security Measures

8.1 Technical measures

• Automated backup system for data protection
• Password encryption for Adobe Connect and Moodle access
• Access via secure authentication to educational platforms
• HTTPS connections on website and online store
• Regular security updates on all systems

8.2 Organizational measures

• Annual staff training on data protection
• Access policies based on need to know
• Confidentiality agreements with all staff
• Security incident response procedures
• Semi-annual internal audits

8.3 Physical security

• Access control to facilities
• Security cameras in common areas
• Locked cabinets for physical documents
• Secure document destruction

9. Data Retention

9.1 General periods

• Official ÖSD certificates: 5 years (for reissuance and validation)
• Internal course certificates: 3 years (for reissuance)
• Grades and evaluations: 3 years from course completion
• General academic data: 2 years from course completion
• Class recordings: 3 months from course completion
• Administrative and billing data: 10 years (legal accounting obligation)
• Video surveillance data: 30 days
• Commercial communications: Until consent withdrawal
• Contact data: 1 year after relationship ends

9.2 Retention criteria

• Necessity for processing purpose
• Legal retention obligations
• Statute of limitations for legal actions
• Legitimate interest of educational center

10. Tracking Technologies

10.1 Cookies and website

• Technical cookies: Necessary for online store functionality
• Google Analytics: Web behavior analysis (with prior acceptance)
• Facebook Pixel: Tracking for targeted marketing (with prior acceptance)
• Session cookies: To maintain active user sessions
• For more information: [Cookie Policy - available on website]

10.2 Educational platforms

• Academic progress tracking
• Usage statistics of educational resources
• Connection and activity data

11. Minors

11.1 In Argentina

• Under 13 years: Mandatory consent from parents/guardians
• Between 13-18 years: Can give consent with parental assistance
• Special authorization: Required for class recordings with minors

11.2 In EU

• Under 16 years (or lower age according to member state): Parental consent required
• Recordings: Express authorization from both parents/guardians

11.3 Special measures for minors

• Specific forms: Authorization signed by parents/guardians for:
  • Course enrollment
  • Class recordings
  • Use of digital platforms (Moodle, Adobe Connect)
• Age verification: Mandatory process during enrollment
• Enhanced protection: Limited access to minor data
• Parental communication: Progress reports to parents/guardians

12. Security Incidents

12.1 Authority notification

• Argentina: AAIP within 72 hours if there is risk
• EU: Data protection authority within 72 hours

12.2 Communication to data subjects

• Direct notification if high risk to rights and freedoms exists
• Clear information about incident nature
• Measures adopted and recommendations

13. Policy Modifications

• Modifications will be notified 30 days in advance
• Publication on website and direct communication to active students
• For substantial changes: request for new consent when required

14. Supervisory Authorities

14.1 In Argentina

Agency for Access to Public Information (AAIP)

• Web: www.argentina.gob.ar/aaip
• Email: datospersonales@aaip.gob.ar
• Phone: 0800-222-AAIP (2247)
• Address: Av. Pte. Gral. Julio A. Roca 710, 2nd Floor, CABA

14.2 In European Union

EU resident students can contact:

• The data protection authority of their country of residence
• Or the Spanish Data Protection Agency (AEPD) as lead authority:
  • Web: www.aepd.es
  • Phone: +34 912 663 517

15. Contact Information

15.1 General inquiries

• Email: privacidad@sprachzentrum.com.ar
• Phone: +54 9 3546 53 2993
• Address: Bulnes 644, C1176ABL Buenos Aires, Argentina

15.2 Exercise of rights

• Specific email: derechos@sprachzentrum.com.ar
• Service hours: Monday to Friday, 9:00 to 18:00 hrs (GMT-3)

15.3 Security emergencies

• Email: seguridad@sprachzentrum.com.ar
• Emergency phone: +54 9 3546 53 2993

Compliance Statement

This Privacy Policy has been designed to comply simultaneously with:

• Personal Data Protection Law 25.326 (Argentina)
• Regulatory Decree 1558/2001 (Argentina)
• General Data Protection Regulation - GDPR (European Union)
• AAIP Provisions (Argentina)

Last legal review: June 2025

Acceptance: By enrolling in our courses or using our services, you accept the terms of this Privacy Policy. Your consent may be withdrawn at any time by contacting us through the indicated means.