Privacy Policy

The controller responsible for processing personal data collected through turfdex.com (hereinafter, "Turfdex" or "the Site") is Kevin Barrios, a natural person domiciled in the City of Buenos Aires, Argentine Republic.

Single contact channel for privacy and data-protection matters: contacto@turfdex.com. This channel centralizes the exercise of rights, account-deletion requests, complaints about misuse and regulatory queries.

Because Turfdex is operated from the Argentine Republic, the baseline legal framework for personal-data processing is Argentine Law 25.326 on the Protection of Personal Data and its implementing regulations, including rules issued by the Agency for Access to Public Information (AAIP), the Argentine supervisory authority for personal data.

In addition, when you reside in a jurisdiction with specific data-protection rules, Turfdex applies the equivalent rights and safeguards provided for under that legislation to the extent they relate to the service offered. The table below summarizes the most relevant jurisdictions:

If your local jurisdiction provides a stronger guarantee or right than the one set out in this policy, the local guarantee prevails as far as you are concerned. This policy is not intended to reduce or override rights that cannot be limited contractually under the law of your country of residence.

The data we process varies depending on how you use the Site. We distinguish four categories:

1) Account data (only if you sign up). If you sign in through Google we receive: your verified e-mail address, the public name of your Google account, your public profile-picture URL and a persistent internal identifier generated by our authentication provider. We do not receive your password or any other Google data beyond the scope of the consent you grant when signing in.

2) Submitted content. When you send contributions — edit suggestions, proposals for new entities, error reports, extra information, images — we store the text, uploaded files and associated metadata (date, moderation status, author account ID). Once approved and published, contributions become part of the editorial content of the Site.

3) Technical usage data. Our infrastructure providers record technical data on every HTTP request: IP address, user agent (browser/operating system), requested URL, response code, timestamp and, in case of error, technical trace. These records are kept in operational logs for limited periods (see "Retention periods").

4) Cookies and local storage. We use strictly necessary cookies for authentication and a small set of preference cookies to remember interface settings (e.g. region and language). The full list is in our Cookie Policy.

We use your personal data only for the following purposes:

• Operate the Site. Keep your session active, remember preferences and serve content in the right language and region.
• Receive and curate your contributions. Process submissions, attribute authorship for audit purposes and record the moderation cycle.
• Editorial attribution. When a contribution is approved and integrated into public content, the author may be cited in the change history. Attribution uses the public name associated with your account.
• Integrity and security. Detect abuse, spam, coordinated manipulation and security breaches; keep minimum traceability to revert malicious edits.
• Comply with legal obligations. Respond to valid requests from competent public authorities and keep minimum records required by applicable law.
• Communicate with you. Reply to requests you initiate (e.g. exercise of rights, support). We do not send newsletters or promotional communications.

We do not profile you for advertising purposes, do not sell your data, do not assign it to third parties for commercial use and do not use it to train artificial-intelligence models outside the strict scope of the Site's functionality.

Under Law 25.326 and, where applicable, the GDPR, processing of personal data requires a lawful basis. For Turfdex these bases are:

• Express consent. Granted when you sign in via an external provider and when you submit contributions. Consent can be withdrawn at any time without affecting the lawfulness of prior processing.
• Performance of a contractual relationship. Use of the Site implies acceptance of the Terms and Conditions, whose performance requires processing certain data (e.g. keeping the session active).
• Legitimate interest. For fraud, abuse and security-breach prevention. This interest is exercised with proportionate measures, minimal logging and early deletion.
• Compliance with legal obligations. For responding to valid requests from public authorities and retaining logs for legally required periods.

Turfdex does not transfer personal data to third parties for commercial purposes. To operate the Site we rely on specialized infrastructure providers acting as data processors. Each operates under its own terms and privacy policy, available on their official sites.

The list above is updated whenever a provider is added or replaced. The version in force is always the one published on this page, with the last-updated date indicated at the top.

Some of the providers listed are established outside Argentina and may store and process data in the United States or other countries. These transfers are made on the basis of (i) the contractual clauses each provider offers its customers, (ii) the consent given by the user when using the Site and (iii) Argentine rules on cross-border data transfers.

When we choose new providers, we evaluate their privacy policy, security guarantees and jurisdiction to make sure they offer protection equivalent to or higher than that required by Argentine law.

We keep each data category only for the time strictly needed for the purpose for which it was collected:

• Account data: while the account remains active. After a deletion request, we remove identifiable personal data within a reasonable period, keeping only minimal records (e.g. anonymized IDs linked to published contributions) to preserve editorial traceability.
• Published contributions: remain indefinitely as part of the editorial content of the Site. The user may request anonymization of attribution at any time without removal of the contribution.
• Rejected or pending contributions: kept for up to twelve (12) months from receipt for moderation, abuse prevention and re-appeal purposes.
• Technical logs: kept for limited periods set by each provider (typically thirty to ninety days) for security, debugging and legal-request purposes.
• Backups: rotated periodically; records deleted from the production database may persist in backups for up to ninety days, after which they are overwritten.

As the data subject, you may exercise the following rights at any time and free of charge:

• Access. Request and obtain a copy of the personal data we hold about you, together with information about its origin, purpose and recipients.
• Rectification. Correct inaccurate, incomplete or out-of-date data.
• Erasure (right to be forgotten). Request deletion of your data when it is no longer needed or when you withdraw consent. Erasure coexists with the legitimate possibility of keeping minimal records for security or compliance reasons.
• Objection. Object to processing based on legitimate interest when reasons relating to your particular situation arise.
• Restriction. Request that processing be limited to mere storage while a request or dispute is pending.
• Portability. Receive, in a structured commonly-used format, the personal data you have provided.
• Withdrawal of consent. Withdraw at any time the consents granted, without affecting the lawfulness of prior processing.

To exercise any of these rights, write to contacto@turfdex.com clearly indicating the right you wish to exercise and, if applicable, the specific data involved. We may ask you to verify your identity before processing the request to protect you from fraudulent requests in your name. We aim to respond within ten (10) business days from verification.

Turfdex is not aimed at people under sixteen (16) years of age. We do not knowingly collect personal data from minors below that age. If we become aware that a minor under 16 has provided personal data without authorization from their legal representatives, we will delete that information as soon as possible.

If you are the legal representative of a minor under 16 and believe the minor has provided us personal data, write to contacto@turfdex.com so we can proceed with the corresponding deletion.

Turfdex uses only strictly necessary cookies for authentication and a small set of preference cookies to remember interface settings (e.g. region and language). We do not use advertising cookies or third-party tracking cookies for commercial purposes.

A complete list of cookies in use — name, purpose, duration and provider — is available in our Cookie Policy.

We apply reasonable technical and organisational measures to protect personal data against unauthorized access, alteration, destruction or accidental loss. These include: encryption in transit (TLS) and at rest where the provider supports it, role-based access control, audit of changes on sensitive data, periodic encrypted backups in a private repository and continuous review of dependency security updates.

No security measure is absolute. If we become aware of a security incident that may affect your personal data, we will notify you through available channels within a reasonable time and, where applicable, give notice to relevant authorities as required by applicable law.

The Site may contain links to third-party websites (e.g. official bodies, cited sources, institutional profiles). This policy does not apply to those sites and Turfdex is not responsible for their privacy practices. We recommend reviewing each site's own privacy policy before providing personal data.

We may amend this Privacy Policy to reflect changes in Site operations, applicable law or providers in use. When an amendment involves substantial changes to the processing of personal data, we will communicate it visibly on the Site before it takes effect and, where appropriate, request renewed consent.

The last-updated date is always shown at the top of the document. Previous versions are kept internally for traceability and may be requested through the contact channel.

For any query about this Privacy Policy or the processing of your personal data, write to contacto@turfdex.com. We aim to reply within ten (10) business days. Where the request requires technical actions (e.g. data export or deletion), the execution timeframe may extend, in which case we will let you know.