GestorLocal

Privacy policy

Last updated: July 2026

1. Data controller

The controller is a Uruguayan company established outside the European Economic Area (EEA). GestorLocal is the trading name under which this service operates.

2. What we process and why

3. Legal basis

For B2B outreach our legal basis is legitimate interest (GDPR Art. 6(1)(f)), supported by a documented Legitimate Interest Assessment with mitigations (minimal data, 1-click opt-out, permanent suppression). For demo bookings, the legal basis is taking pre-contractual steps at your request (Art. 6(1)(b)). Where GDPR applies to recipients in the EU, it does so under Art. 3(2); the controller currently relies on the Art. 27(2) exemption from appointing an EU representative (occasional, low-risk processing).

4. Processors and international transfers

We use the following processors under data processing agreements: Outscraper (public listings sourcing, US), Million Verifier (email deliverability checks, Hungary/EEA), Maildoso (sending infrastructure, US) and Smartlead (sequence sending, opt-out and suppression management, Australia). Transfers to processors outside the EEA are covered by Standard Contractual Clauses (SCC). Transfers from the EU to the controller in Uruguay are covered by the European Commission's adequacy decision for Uruguay (2012, confirmed in the 2024 review). We do not sell or share data with third parties for their own purposes.

5. Retention

6. Your rights

You can exercise your rights of access, rectification, erasure, objection, restriction and portability at any time by emailing contacto@gestorlocal.com. We reply within 30 days. You can opt out of outreach by replying "UNSUBSCRIBE" or using the 1-click link in any email — processed within 7 days. If you are in the EU, you also have the right to lodge a complaint with your supervisory authority (in Spain, the AEPD — aepd.es). UK recipients may complain to the ICO (ico.org.uk).

7. Cookies

This is a static site and uses no cookies or tracking technologies. We use GoatCounter for aggregate visit statistics, without cookies and without identifying individuals (anonymised IP). If cookie-based analytics or any tracker are ever added, a compliant consent banner and cookie policy will be added first. Demo bookings happen on Calendly, which processes the data you enter there under its own privacy policy.

8. Security

The site is served over HTTPS only. Outreach data is limited to the minimum described above and handled in the listed processors' systems with restricted access.

← Back to home