REGULATORY PROTOCOLS
Legal compliance frameworks for GraniteVectorForge
PRIVACY MATRIX
1. Data Controller Identification
The data controller responsible for processing personal data under this Privacy Policy is GraniteVectorForge, registered at 413 01, Linnegatan 22, Goteborg, Sweden. For all inquiries regarding data processing activities, please contact our Data Protection Officer at [email protected].
2. Categories of Personal Data Processed
We process the following categories of personal data in accordance with the EU General Data Protection Regulation (GDPR):
- Identity Data: Full name, professional designation, organizational affiliation
- Contact Data: Email address, telephone number, physical address
- Technical Data: IP address, browser type and version, operating system, device identifiers
- Usage Data: Pages visited, interaction patterns, session duration, navigation pathways
- Communication Data: Correspondence content, inquiry details, support ticket information
3. Legal Basis for Processing
We process personal data based on the following legal foundations as established in Article 6 of the GDPR:
- Consent (Article 6(1)(a)): Where you have given explicit consent for specific processing purposes
- Contract Performance (Article 6(1)(b)): Where processing is necessary for the performance of a contract to which you are a party
- Legitimate Interest (Article 6(1)(f)): Where processing is necessary for our legitimate business interests, balanced against your fundamental rights
- Legal Obligation (Article 6(1)(c)): Where processing is necessary for compliance with legal requirements
4. Data Retention Periods
Personal data is retained only for the duration necessary to fulfill the purposes for which it was collected:
- Contact form submissions: 24 months from last interaction
- Contract-related data: Duration of contract plus 7 years (statutory requirement)
- Technical logs: 12 months from collection date
- Marketing consent records: Until withdrawal of consent
5. Data Subject Rights
Under the GDPR, you possess the following rights regarding your personal data:
- Right of Access (Article 15): Request confirmation of processing and obtain a copy of your data
- Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
- Right to Erasure (Article 17): Request deletion of your data under specific circumstances
- Right to Restriction (Article 18): Request limitation of processing in certain situations
- Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format
- Right to Object (Article 21): Object to processing based on legitimate interests or direct marketing
- Right to Withdraw Consent: Withdraw consent at any time without affecting prior lawful processing
6. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or verification that the recipient country ensures an adequate level of data protection.
7. Data Security Measures
GraniteVectorForge implements comprehensive technical and organizational measures to protect personal data, including:
- End-to-end encryption for data in transit and at rest
- Regular security audits and penetration testing
- Access controls based on the principle of least privilege
- Employee training on data protection obligations
- Incident response procedures for data breaches
8. Supervisory Authority
You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.
REFUND TERMS
1. Eligibility Criteria
Refund requests are evaluated based on the following criteria:
- Services not yet commenced: Full refund minus administrative fees (5%)
- Services in progress: Partial refund calculated based on completed milestones vs. remaining work
- Services completed: Refund only applicable if deliverables substantially fail to meet documented specifications
2. Refund Request Process
To initiate a refund request, submit a written request to [email protected] including:
- Contract or project reference number
- Description of the issue or grounds for refund
- Supporting documentation ( correspondence, deliverables received)
- Preferred resolution (full refund, partial refund, or service credit)
3. Processing Timeline
All refund requests are acknowledged within 48 hours and processed within 30 business days of approval. Approved refunds are issued via the original payment method unless alternative arrangements are agreed upon.
4. Dispute Resolution
In the event of a refund dispute, both parties agree to engage in good-faith mediation before pursuing alternative dispute resolution. This agreement is governed by Swedish consumer protection laws and EU regulations.
SERVICE AGREEMENT
1. Service Scope
GraniteVectorForge provides digital engineering, web development, and technology consulting services as detailed in individual project proposals and statements of work. Each engagement is governed by a separate agreement specifying deliverables, timelines, and compensation.
2. Client Obligations
Clients are responsible for:
- Providing timely access to required systems, data, and personnel
- Designating authorized representatives for project decisions
- Timely review and approval of deliverables within agreed review periods
- Ensuring all provided materials do not infringe third-party intellectual property rights
3. Payment Terms
Unless otherwise specified in the project agreement:
- Invoices are payable within 30 days of issuance
- Late payments incur interest at the statutory rate plus 2% administrative fee
- Work may be suspended for payments overdue by more than 45 days
- All prices are exclusive of applicable VAT unless explicitly stated
4. Intellectual Property
Upon full payment, clients receive a perpetual, non-exclusive license to use all deliverables created specifically for their engagement. GraniteVectorForge retains rights to general methodologies, frameworks, and pre-existing intellectual property used in service delivery.
5. Limitation of Liability
GraniteVectorForge's total liability for any engagement shall not exceed the total fees paid by the client for the specific service giving rise to the claim. Neither party shall be liable for indirect, consequential, or incidental damages.
6. Confidentiality
Both parties agree to maintain the confidentiality of proprietary information exchanged during the engagement. This obligation survives termination of the service relationship for a period of 5 years.
7. Governing Law
This agreement is governed by the laws of Sweden. Any disputes shall be resolved in the courts of Goteborg, Sweden, unless the parties agree to alternative dispute resolution.
8. Contract Termination
Either party may terminate the agreement with 30 days written notice. Upon termination, the client is liable for all work completed up to the termination date. Work product delivered prior to termination remains subject to the intellectual property provisions above.