Legal

PRIVACY POLICY

Last updated: March 2026

1. Controller

The controller responsible for data processing on this website is:

Grid Impulse UG (in Gründung)

Frankfurt am Main, Germany

contact@gridimpulse.com

2. What data we collect

We collect only the data you voluntarily provide through our contact form:

  • Your name
  • Your email address
  • Your organisation name
  • Your role and organisation type
  • Any message you choose to include

We do not use tracking pixels, advertising cookies, or analytics services. This website uses only technically necessary session cookies required for the site to function. No data is collected automatically beyond what is strictly necessary for delivering the web page to your browser.

3. Legal basis

We process your data on the basis of Article 6(1)(b) GDPR. Processing is necessary for the performance of pre-contractual measures. When you submit a demo request or inquiry, you are initiating a business conversation and we process your data to respond to that request.

4. How long we keep your data

Contact form submissions are retained for 24 months from the date of submission. After this period, your data is permanently deleted unless a contractual relationship has been established, in which case retention follows the applicable statutory requirements.

5. Service providers

We use the following third-party service provider to operate this website:

  • Vercel Inc.(website hosting). Our deployment is configured to use EU servers only. Vercel's privacy policy is available at vercel.com/legal/privacy-policy.

We do not share your data with any other third parties.

6. Your rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Erase your personal data
  • Restrict processing of your data
  • Port your data to another controller in a machine-readable format
  • Object to processing of your data

To exercise any of these rights, contact us at contact@gridimpulse.com. We will respond within 30 days.

7. Supervisory authority

If you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority. The competent authority for our company is:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit

(The Hessian Commissioner for Data Protection and Freedom of Information)

8. Automated decision-making

We do not use automated decision-making or profiling based on the personal data collected through this website.