Independent grid code testing · For global utilities, IPPs and OEMs
info@gridcode.com +1 305 645 3012
EN ES
Home / Legal / Privacy Notice
Legal · Privacy

Privacy Notice

How Grid Code Engineering collects, uses and protects the personal data you provide through our website, contact form and email correspondence.

Effective date1 June 2026
Last updated1 June 2026
Version1.0
Draft noticeThis document is a starting template. Final wording should be reviewed by counsel familiar with Mexican LFPDPPP and applicable international frameworks (GDPR if EU traffic is received).

/ 01Who we are

Grid Code Engineering ("Grid Code Engineering," "we," "us," "our") is the entity responsible for the personal data described in this Notice. We are an independent technical services firm headquartered in Monterrey, México, providing grid code testing, electrical studies and dynamic model validation for power plants worldwide.

Legal entity
Grid Code Engineering [add full legal name / RFC]
Address
Monterrey, Nuevo León, México [add full street address]
Privacy contact
info@gridcode.com

/ 02What personal data we collect

We only collect data you actively provide to us. We do not buy personal data from third parties, scrape professional networks, or track you across other websites.

Through our Contact form

  • Your name
  • Your email address
  • Your phone number (optional)
  • Your company, role and country
  • Project information you choose to share (facility name, capacity, technology, target jurisdiction)
  • The message content you write

Through direct email or phone correspondence

  • Any personal or business information you include in your message or call
  • Any attachments you send

Through our website infrastructure

  • Standard server logs (IP address, browser type, pages visited, referrer) — retained briefly for security and to investigate site issues
  • Anonymous usage analytics (e.g., aggregate page-view counts) — we do not use cookies that identify individuals

/ 03Why we collect it

We use the data you provide only for the purposes below. We do not use it to build marketing profiles, sell to third parties, or for purposes unrelated to your inquiry.

  • To respond to your inquiry — review what you sent, route it to the right specialist, and reply with scope, schedule, quote or a technical answer.
  • To deliver an engagement — if our inquiry leads to a contracted project, we retain the relevant data to execute the work, communicate with you, and meet our contractual and regulatory obligations.
  • To comply with applicable law — including tax, accounting and any regulator reporting that names you as a contact.
  • To improve our website — using aggregate analytics, not personally identifiable behavior.

For users in Mexico, this Notice constitutes our Aviso de Privacidad under the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP) and its Regulations. Submitting the Contact form, sending us an email, or initiating a phone call constitutes your tacit consent to the processing described here.

For users in the European Economic Area or the United Kingdom, our legal bases under the GDPR are:

  • Consent — when you voluntarily submit your information through our form.
  • Performance of a contract — when we process your data to scope, propose or execute an engagement.
  • Legitimate interest — for routine site operation, security logging, and aggregate analytics.
  • Legal obligation — when retention is required by tax, accounting or regulatory frameworks.

/ 05Who we share your data with

We do not sell, rent, trade or otherwise commercially transfer your personal data. Period.

We share limited data only with the following categories of recipients, and only as needed:

  • Email and form-processing providers — the platforms that host our website (Netlify), our email (Microsoft 365 / Google Workspace as applicable), and our cloud storage. These vendors process data on our behalf under contractual data-protection terms.
  • Our subcontracted engineering specialists — when needed to scope or execute a specific project you've engaged us for, and only for that project.
  • Regulators, auditors and counsel — when legally compelled or when required to defend our legal interests.

We do not share your data with marketing networks, advertising platforms, or data brokers.

/ 06How long we keep your data

Contact-form submissions
Retained for 24 months from receipt, then deleted unless an active engagement keeps them in scope.
Engagement records
Retained for the duration of the engagement plus the statutory periods required by Mexican tax law (currently 5 years) and any applicable regulator-imposed retention.
Server logs & analytics
Server logs retained no longer than 90 days. Aggregate analytics retained indefinitely (no personal identifiers).
Email correspondence
Retained as long as needed for ongoing business and per our standard records-retention policy.

/ 07Your rights

Whether you're in Mexico, the EU, the UK, or elsewhere, you have the following rights regarding your personal data:

Under LFPDPPP — ARCO rights

  • Acceso (Access) — request a copy of the personal data we hold about you.
  • Rectificación (Rectification) — ask us to correct inaccurate or incomplete data.
  • Cancelación (Cancellation) — request deletion of your data when the purpose of collection has ended.
  • Oposición (Opposition) — object to specific uses of your data on legitimate grounds.

You also have the right to revoke your consent at any time, and to limit the use or disclosure of your data.

Under GDPR (additional rights)

  • Erasure ("right to be forgotten") — request deletion in defined circumstances.
  • Restriction of processing — limit how we use your data while a request is reviewed.
  • Data portability — receive your data in a structured, machine-readable format.
  • Object to processing based on legitimate interest.
  • Lodge a complaint with your local data-protection authority.

/ 08How to exercise your rights

Send your request to info@gridcode.com with the subject line "Privacy request — [the right you're exercising]".

Please include:

  • Your full name and a way to verify your identity
  • The specific right you want to exercise
  • A clear description of what data the request relates to
  • Any documents supporting your request (if applicable)
Response time We acknowledge privacy requests within 5 business days and respond substantively within 20 business days of receipt, in line with LFPDPPP Article 32. Complex requests may take longer; we'll keep you informed.

/ 09Data security

We protect your data using administrative, technical and physical safeguards appropriate to its sensitivity:

  • Encrypted transport (HTTPS) across our website and email infrastructure
  • Access controls limiting personal data to staff with a legitimate need
  • Vendor contracts that require equivalent protection from our processors
  • Periodic review of our practices, with corrections when gaps are identified

No system is impenetrable, and we cannot guarantee absolute security. If we become aware of a breach affecting your data, we will notify you as required by applicable law.

/ 10International transfers

Some of our service providers (email, hosting, cloud storage) operate servers outside Mexico — typically in the United States and the European Union. When we transfer personal data internationally, we rely on the legal mechanisms recognized by the applicable framework (e.g., standard contractual clauses for EU/UK transfers, vendor adequacy determinations).

/ 11Cookies and tracking

Our website uses minimal technical cookies necessary for the site to function (e.g., language preference). We do not use cookies for advertising, profiling, or cross-site tracking. We do not embed third-party trackers from social networks or ad platforms.

If we add any analytics or other cookie-based functionality in the future, this Notice will be updated, and where required by law we will request your consent before deployment.

/ 12Changes to this notice

We may update this Privacy Notice from time to time. The "Last updated" date at the top reflects the most recent change. For material changes (such as new categories of data processing or new sharing recipients), we will provide notice through the website and, where appropriate, by email to active contacts.

/ 13Contact us

For any question about this Notice or your data, please contact us:

By email
info@gridcode.com (subject line: "Privacy")
By phone
+1 305 645 3012
By post
Grid Code Engineering · [add full street address] · Monterrey, Nuevo León, México

If you are in Mexico and consider that your right to data protection has been violated, you may also file a complaint with the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI) at www.inai.org.mx.

Have a privacy question we haven't answered?

Write to info@gridcode.com with subject "Privacy" and we'll respond within 5 business days.

Contact us about privacy