REGULATORY PROTOCOLS

Legal compliance frameworks for GraniteVectorForge

PRIVACY MATRIX

1. Data Controller Identification

The data controller responsible for processing personal data under this Privacy Policy is GraniteVectorForge, registered at 413 01, Linnegatan 22, Goteborg, Sweden. For all inquiries regarding data processing activities, please contact our Data Protection Officer at [email protected].

2. Categories of Personal Data Processed

We process the following categories of personal data in accordance with the EU General Data Protection Regulation (GDPR):

  • Identity Data: Full name, professional designation, organizational affiliation
  • Contact Data: Email address, telephone number, physical address
  • Technical Data: IP address, browser type and version, operating system, device identifiers
  • Usage Data: Pages visited, interaction patterns, session duration, navigation pathways
  • Communication Data: Correspondence content, inquiry details, support ticket information

3. Legal Basis for Processing

We process personal data based on the following legal foundations as established in Article 6 of the GDPR:

  • Consent (Article 6(1)(a)): Where you have given explicit consent for specific processing purposes
  • Contract Performance (Article 6(1)(b)): Where processing is necessary for the performance of a contract to which you are a party
  • Legitimate Interest (Article 6(1)(f)): Where processing is necessary for our legitimate business interests, balanced against your fundamental rights
  • Legal Obligation (Article 6(1)(c)): Where processing is necessary for compliance with legal requirements

4. Data Retention Periods

Personal data is retained only for the duration necessary to fulfill the purposes for which it was collected:

  • Contact form submissions: 24 months from last interaction
  • Contract-related data: Duration of contract plus 7 years (statutory requirement)
  • Technical logs: 12 months from collection date
  • Marketing consent records: Until withdrawal of consent

5. Data Subject Rights

Under the GDPR, you possess the following rights regarding your personal data:

  • Right of Access (Article 15): Request confirmation of processing and obtain a copy of your data
  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your data under specific circumstances
  • Right to Restriction (Article 18): Request limitation of processing in certain situations
  • Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format
  • Right to Object (Article 21): Object to processing based on legitimate interests or direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time without affecting prior lawful processing

6. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or verification that the recipient country ensures an adequate level of data protection.

7. Data Security Measures

GraniteVectorForge implements comprehensive technical and organizational measures to protect personal data, including:

  • End-to-end encryption for data in transit and at rest
  • Regular security audits and penetration testing
  • Access controls based on the principle of least privilege
  • Employee training on data protection obligations
  • Incident response procedures for data breaches

8. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.

COOKIE PROTOCOL

1. Cookie Categories

This website utilizes the following categories of cookies:

  • Strictly Necessary Cookies: Essential for website functionality. These cannot be disabled as they enable core features such as security, session management, and accessibility. (Session duration)
  • Functional Cookies: Enhance user experience by remembering preferences and settings. (Duration: 12 months)
  • Analytics Cookies: Collect anonymous usage data to help us understand how visitors interact with our website. (Duration: 24 months)
  • Marketing Cookies: Used to deliver relevant advertisements and track campaign performance. (Duration: 12 months)

2. Consent Management

Upon your first visit, you will be presented with a cookie consent banner allowing you to accept or decline non-essential cookies. Your preferences are stored locally and can be modified at any time by accessing the cookie settings accessible via the footer link on every page.

3. Third-Party Cookies

Some cookies are placed by third-party services that appear on our pages. We do not control these third-party cookies. Please refer to the respective third party's privacy policy for more information:

  • Google Analytics (Analytics) - Google LLC
  • Google Maps (Functional) - Google LLC
  • Stripe (Functional) - Stripe Inc.

4. Managing Cookies

You can control and manage cookies through your browser settings. Please note that disabling certain cookies may impact the functionality of this website. Browser-specific instructions are available in the help section of your web browser.

5. Cookie Audit

GraniteVectorForge conducts regular audits of all cookies deployed on this website to ensure compliance with the ePrivacy Directive and GDPR requirements. Last audit: January 2026.

REFUND TERMS

1. Eligibility Criteria

Refund requests are evaluated based on the following criteria:

  • Services not yet commenced: Full refund minus administrative fees (5%)
  • Services in progress: Partial refund calculated based on completed milestones vs. remaining work
  • Services completed: Refund only applicable if deliverables substantially fail to meet documented specifications

2. Refund Request Process

To initiate a refund request, submit a written request to [email protected] including:

  • Contract or project reference number
  • Description of the issue or grounds for refund
  • Supporting documentation ( correspondence, deliverables received)
  • Preferred resolution (full refund, partial refund, or service credit)

3. Processing Timeline

All refund requests are acknowledged within 48 hours and processed within 30 business days of approval. Approved refunds are issued via the original payment method unless alternative arrangements are agreed upon.

4. Dispute Resolution

In the event of a refund dispute, both parties agree to engage in good-faith mediation before pursuing alternative dispute resolution. This agreement is governed by Swedish consumer protection laws and EU regulations.

SERVICE AGREEMENT

1. Service Scope

GraniteVectorForge provides digital engineering, web development, and technology consulting services as detailed in individual project proposals and statements of work. Each engagement is governed by a separate agreement specifying deliverables, timelines, and compensation.

2. Client Obligations

Clients are responsible for:

  • Providing timely access to required systems, data, and personnel
  • Designating authorized representatives for project decisions
  • Timely review and approval of deliverables within agreed review periods
  • Ensuring all provided materials do not infringe third-party intellectual property rights

3. Payment Terms

Unless otherwise specified in the project agreement:

  • Invoices are payable within 30 days of issuance
  • Late payments incur interest at the statutory rate plus 2% administrative fee
  • Work may be suspended for payments overdue by more than 45 days
  • All prices are exclusive of applicable VAT unless explicitly stated

4. Intellectual Property

Upon full payment, clients receive a perpetual, non-exclusive license to use all deliverables created specifically for their engagement. GraniteVectorForge retains rights to general methodologies, frameworks, and pre-existing intellectual property used in service delivery.

5. Limitation of Liability

GraniteVectorForge's total liability for any engagement shall not exceed the total fees paid by the client for the specific service giving rise to the claim. Neither party shall be liable for indirect, consequential, or incidental damages.

6. Confidentiality

Both parties agree to maintain the confidentiality of proprietary information exchanged during the engagement. This obligation survives termination of the service relationship for a period of 5 years.

7. Governing Law

This agreement is governed by the laws of Sweden. Any disputes shall be resolved in the courts of Goteborg, Sweden, unless the parties agree to alternative dispute resolution.

8. Contract Termination

Either party may terminate the agreement with 30 days written notice. Upon termination, the client is liable for all work completed up to the termination date. Work product delivered prior to termination remains subject to the intellectual property provisions above.