Privacy Policy
Last updated 4 July 2026
This policy explains what personal data we collect, why we collect it, how we use and protect it, and the rights you have over it. Our approach is simple: we collect only what we need to deliver your order, and nothing more.
Who is responsible
Grimoire ("we", "us", "our") is the controller of the personal data described here. Grimoire operates from within the DACH region. For any privacy question or request, contact us at hello@grimoireco.com.
What we collect
We collect only what we need to deliver your order and communicate with you:
- Contact details — your name and email address.
- Order and brief information — the details you provide about your practice, target client, existing website or LinkedIn, and any domain, photo, or logo assets you share.
- Payment information — processed directly by our payment provider. We receive confirmation of payment and limited billing details, but we never store your full card number.
- Correspondence — the emails and messages you send us.
- Basic technical data — such as the data our hosting and email providers process to deliver our site and communications reliably and securely.
How we use your data
We use your data to:
- Produce and deliver the deliverables you ordered.
- Communicate with you about your order, including the brief and any revisions.
- Process payments and keep the records required for accounting and tax.
- Respond to your enquiries and provide support.
- Improve our work and, where you don't object, display non-confidential examples as portfolio material.
Our legal bases
Where data-protection law such as the GDPR applies, we rely on performance of a contract to deliver your order, legal obligation for tax and accounting records, legitimate interests to run and improve our business and secure our systems, and consent where we specifically request it. You may withdraw consent at any time.
Who we share it with
We do not sell your personal data. We share it only with the service providers who help us operate, and only as far as needed:
| Provider | Purpose |
|---|---|
| Stripe | Payment processing |
| Tally | Collecting your brief responses |
| Cloudflare | Hosting, domain, and email routing |
These providers process data on our behalf under their own terms and security measures. We may also disclose data where we are required to by law.
International transfers
Some of our providers may process data outside your country, including outside the European Economic Area. Where that happens, we rely on appropriate safeguards — such as standard contractual clauses or an adequacy decision — as required by applicable law.
How long we keep it
We keep personal data only as long as necessary for the purposes above: for the duration of your engagement, and afterwards as needed to maintain records, meet legal and tax obligations, and resolve disputes. When data is no longer needed, we delete or anonymise it.
Your rights
Depending on where you live, you may have the right to access, correct, delete, or restrict the processing of your personal data; to object to certain processing; to data portability; and to withdraw consent. To exercise any of these, email hello@grimoireco.com. You also have the right to lodge a complaint with your local data-protection authority.
How we protect it
We take reasonable technical and organisational measures to protect your data against loss, misuse, and unauthorised access. No method of transmission or storage is ever completely secure, but we work to safeguard your information and to use reputable providers who do the same.
Cookies
Our website is intentionally lightweight and does not use non-essential tracking cookies. Third-party tools we link to — such as our payment and brief providers — may set their own cookies, subject to their own policies, when you use them.
Children
Our deliverables are intended for professionals and are not directed at children. We do not knowingly collect personal data from anyone under 16.
Changes to this policy
We may update this policy from time to time. The current version is always available on this page, with the date of the latest revision shown at the top.
Contact us
Questions or requests about your privacy? Email hello@grimoireco.com and we'll respond as promptly as we can.