Privacy Policy

The data controller for granelod.info is Granelod, operating from 34 Baker Street, NW1 5NE, London, United Kingdom. Correspondence regarding data protection matters may be directed to [email protected] or to the postal address above.

Granelod is committed to handling personal data responsibly, transparently, and in compliance with applicable United Kingdom data protection legislation.

Granelod may collect the following categories of personal data when you interact with this website:

• — Contact data: Name, email address, and message content submitted via the contact form.
• — Technical data: IP address, browser type, operating system, referring URL, and pages visited — collected automatically via server logs and analytics tools.
• — Cookie data: Identifiers stored in browser cookies as described in the Cookie Policy.

Granelod does not collect sensitive personal data as defined under UK GDPR Article 9, and does not request information relating to health, ethnicity, political opinion, or religious belief.

Personal data collected via this website is used for the following purposes:

• — Responding to enquiries: Contact form submissions are used solely to respond to the sender. Contact data is not retained beyond the resolution of the enquiry unless the individual requests otherwise.
• — Site analytics: Technical data is used in aggregated, anonymised form to understand how content is accessed and to improve site structure. Individual-level profiling is not conducted.
• — Legal compliance: Data may be retained or disclosed where required by applicable United Kingdom law or by order of a competent authority.

Granelod does not use personal data for automated decision-making, profiling for commercial purposes, or marketing communications without explicit consent.

Processing of personal data by Granelod is based on the following lawful grounds under UK GDPR Article 6:

• — Legitimate interests (Article 6(1)(f)): Processing of technical data for site security, analytics, and operational maintenance, where those interests are not overridden by the data subject's rights.
• — Consent (Article 6(1)(a)): Processing of non-essential cookies, where the visitor has provided consent through the cookie consent mechanism.
• — Contract performance (Article 6(1)(b)): Processing of contact data to respond to an enquiry constitutes a pre-contractual or contractual communication.

Contact form data is retained for a maximum of twelve months from the date of receipt, after which it is securely deleted unless an ongoing correspondence requires continued retention. Technical log data is retained for a maximum of six months in accordance with standard server log rotation schedules.

Under UK GDPR, you have the following rights in relation to personal data held by Granelod:

• — Right of access (Article 15) — to request a copy of data held about you
• — Right to rectification (Article 16) — to correct inaccurate data
• — Right to erasure (Article 17) — to request deletion of data where no lawful basis for retention exists
• — Right to restrict processing (Article 18)
• — Right to data portability (Article 20), where applicable
• — Right to object (Article 21) to processing based on legitimate interests

To exercise any of these rights, contact [email protected]. We will respond within the statutory period of one calendar month.

If you believe your data has been handled unlawfully, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Granelod does not sell, rent, or trade personal data to third parties. Data may be shared with the following categories of third-party service provider where necessary for site operation:

• — Web hosting and server infrastructure providers
• — Analytics service providers operating under data processing agreements
• — Email routing providers used to handle contact form submissions

Where any service provider processes data outside the United Kingdom, Granelod ensures that appropriate safeguards are in place in accordance with UK GDPR Chapter V, including the use of standard contractual clauses or adequacy decisions where applicable.