Skip to content
Groove Protocol

Privacy Policy

1. Who we are

This Privacy Policy explains how Groove Protocol (“we”, “us”, “our”) collects, uses, stores, and protects personal data when you use https://grooveprotocol.com and any related services, forms, newsletter signups, or communications.

Data controller:
Groove Protocol
Zagreb, Croatia
Email: info@grooveprotocol.com
Website: https://grooveprotocol.com

If you have any questions about this Privacy Policy or how we handle your personal data, contact us at info@grooveprotocol.com.

2. What personal data we collect

We may collect and process the following categories of personal data:

a) Information you provide directly

  • Name
  • Email address
  • Company, artist, label, or project name, if you provide it
  • Message content submitted through contact forms or email
  • Newsletter signup details
  • Any other information you choose to send us

b) Information collected automatically

When you visit our website, we may automatically collect:

  • IP address
  • Browser type and version
  • Device type
  • Operating system
  • Referring website
  • Pages visited
  • Date and time of visit
  • Basic usage and interaction data

c) Cookies and similar technologies

We may use cookies and similar technologies to operate the website, understand usage, and improve performance. Where required by law, we ask for your consent before using non-essential cookies. Consent must be withdrawable.

3. How we use your personal data

We may use your personal data for the following purposes:

  • To operate and maintain the website
  • To respond to enquiries, messages, or requests
  • To send newsletters or updates where you have subscribed or where otherwise permitted by law
  • To analyse website traffic and improve content, performance, and user experience
  • To protect the website against abuse, fraud, or security threats
  • To comply with legal obligations
  • To establish, exercise, or defend legal claims where necessary

4. Legal bases for processing

Depending on the situation, we rely on one or more of the following legal bases:

Consent

We rely on consent for:

  • Newsletter or promotional email subscriptions where consent is required
  • Non-essential cookies where consent is required

You can withdraw your consent at any time.

Legitimate interests

We may process personal data where necessary for our legitimate interests, including:

  • Operating and improving our website
  • Responding to enquiries
  • Ensuring site security
  • Understanding how our content and services are used
  • Maintaining records of communications and opt-out preferences

Legal obligation

We may process personal data where necessary to comply with applicable legal or regulatory obligations.

5. Email marketing

If you subscribe to our newsletter or marketing communications, we may send you emails about updates, content, releases, features, news, or related materials from Groove Protocol.

You can unsubscribe at any time by:

If you unsubscribe, we may keep limited information necessary to record and respect your opt-out request.

6. Sharing your personal data

We do not sell your personal data.

We may share your personal data with trusted third parties where necessary to operate our website and services, such as:

  • Website hosting providers
  • Email delivery or newsletter providers
  • Analytics providers
  • Security, anti-spam, or infrastructure providers
  • Professional advisers, where necessary
  • Public authorities, regulators, courts, or law enforcement where required by law

These third parties only receive the data necessary for the relevant service and are expected to process it in accordance with applicable data protection law.

7. International data transfers

Some of our service providers may process personal data outside Croatia or outside the European Economic Area.

Where personal data is transferred internationally, we take steps to ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other lawful transfer mechanisms. GDPR requires notice of transfers and safeguards where applicable.

8. Data retention

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, including legal, accounting, security, and reporting requirements.

Typical retention periods may include:

  • Contact form or enquiry data: up to 12 months after the last communication
  • Newsletter subscription data: until you unsubscribe, plus a limited suppression record to maintain your opt-out
  • Analytics data: up to 14 months
  • Technical logs and security records: up to 90 days, unless longer retention is needed for security or legal reasons

9. Your rights

Subject to applicable law, you may have the right to:

  • access the personal data we hold about you
  • request correction of inaccurate or incomplete data
  • request deletion of your personal data
  • request restriction of processing
  • object to processing based on legitimate interests
  • request data portability
  • withdraw consent at any time where processing is based on consent
  • lodge a complaint with a supervisory authority

EU guidance for individuals confirms these core rights and the right to complain to a data protection authority.

To exercise any of these rights, contact us at info@grooveprotocol.com.

10. Cookies

Our website may use:

  • Strictly necessary cookies required for the site to function
  • Analytics cookies to understand website usage
  • Preference cookies to remember settings
  • Marketing cookies only where applicable and permitted

Where required by law, we will ask for your consent before placing non-essential cookies on your device.

You can manage cookie preferences through:

  • our cookie banner or settings tool, if available
  • your browser settings

11. Third-party links

Our website may contain links to third-party websites, platforms, or services. We are not responsible for the privacy practices of those third parties. We recommend reviewing their privacy policies separately.

12. Children

Our website and services are not intended for children under the age of 16, and we do not knowingly collect personal data from children.

If you believe a child has provided us with personal data, contact us and we will take appropriate steps.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. The updated version will be posted on this page with a revised “Last updated” date.

14. Contact

If you have questions, requests, or concerns about this Privacy Policy or your personal data, contact:

Groove Protocol
Zagreb, Croatia
info@grooveprotocol.com