[LEGAL_FRAMEWORK]

SYSTEM DOCUMENTATION

Privacy Policy

Effective Date: January 1, 2026

Controller: NovalithCoreSystems, Calle Avecilla 2, Piso 1 B, Madrid, Spain.

1. Data Controller Identity

The data controller responsible for the processing of personal data collected through this website is NovalithCoreSystems, located at Calle Avecilla 2, Piso 1 B, Madrid, Spain. You may contact us regarding data protection matters at [email protected].

2. Categories of Personal Data Processed

We may collect and process the following categories of personal data:

  • Identification data: Name, email address, telephone number provided through contact forms.
  • Technical data: IP address, browser type and version, operating system, referring URLs, and access timestamps collected automatically through server logs.
  • Usage data: Pages visited, time spent on pages, navigation patterns collected through essential cookies only.
  • Communication data: Content of messages submitted through contact forms or email correspondence.

3. Legal Basis for Processing

We process personal data under the following legal bases as defined in Article 6 of the EU General Data Protection Regulation (GDPR):

  • Consent (Article 6(1)(a)): Where you have given explicit consent for specific processing purposes, such as subscribing to communications.
  • Contract performance (Article 6(1)(b)): Where processing is necessary for the performance of a contract or pre-contractual measures taken at your request.
  • Legitimate interest (Article 6(1)(f)): Where processing is necessary for our legitimate interests, such as improving our services, ensuring network security, and preventing fraud, provided these interests are not overridden by your fundamental rights.
  • Legal obligation (Article 6(1)(c)): Where processing is necessary for compliance with a legal obligation to which we are subject.

4. Purpose of Processing

Personal data is processed for the following purposes:

  • Responding to inquiries and providing requested information about our web architecture services.
  • Performing contractual obligations related to service delivery.
  • Maintaining and improving the security, functionality, and performance of our website.
  • Complying with applicable legal and regulatory obligations.
  • Analyzing aggregated, anonymized usage data to optimize user experience.

5. Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected:

  • Contact form submissions: Retained for a maximum of 24 months from the date of submission, unless an ongoing business relationship requires extended retention.
  • Server log data: Automatically purged after 90 days.
  • Contract-related data: Retained for the duration of the contract plus 6 years in accordance with Spanish commercial record-keeping obligations.

6. Data Recipients and Transfers

Your personal data may be shared with the following categories of recipients:

  • Technical service providers (hosting, email) who act as data processors under written agreements ensuring GDPR compliance.
  • Public authorities where disclosure is required by law.

We do not transfer personal data outside the European Economic Area (EEA) unless adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

7. Data Subject Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Article 15): Request confirmation of whether we process your personal data and obtain a copy of such data.
  • Right to rectification (Article 16): Request correction of inaccurate personal data or completion of incomplete data.
  • Right to erasure (Article 17): Request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to restriction (Article 18): Request restriction of processing in specific circumstances.
  • Right to data portability (Article 20): Receive your personal data in a structured, commonly used, machine-readable format.
  • Right to object (Article 21): Object to processing based on legitimate interests, including profiling.
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.

To exercise any of these rights, contact NovalithCoreSystems at [email protected]. We will respond to your request within 30 days.

8. Right to Lodge a Complaint

If you believe that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos — AEPD) at www.aepd.es.

9. Security Measures

NovalithCoreSystems implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, access controls, regular security assessments, and incident response procedures.

Cookies Policy

Effective Date: January 1, 2026

Controller: NovalithCoreSystems, Calle Avecilla 2, Piso 1 B, Madrid, Spain.

1. What Are Cookies

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites function correctly, improve user experience, and provide analytical information to website operators.

2. Cookies We Use

NovalithCoreSystems uses only strictly necessary cookies essential for the functioning of this website:

  • Cookie consent preference: Stores your cookie acceptance status to prevent the consent banner from reappearing. This cookie is strictly necessary and does not require consent under the ePrivacy Directive. Retained for 12 months.

We do not use analytics cookies, advertising cookies, tracking cookies, or any third-party cookies on this website.

3. Legal Basis for Cookies

Strictly necessary cookies are exempt from consent requirements under Article 5(3) of the ePrivacy Directive (2002/58/EC) as implemented in Spanish law. These cookies are essential for the provision of the service explicitly requested by the user.

4. Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, disabling strictly necessary cookies may impair the functionality of this website, including the ability to remember your cookie consent preference.

5. Changes to This Policy

NovalithCoreSystems reserves the right to update this Cookies Policy. Any changes will be posted on this page with an updated effective date. Continued use of this website after changes constitutes acceptance of the revised policy.

Refund Policy

Effective Date: January 1, 2026

Controller: NovalithCoreSystems, Calle Avecilla 2, Piso 1 B, Madrid, Spain.

1. Scope

This Refund Policy applies to all services provided by NovalithCoreSystems through our website and direct engagements. It governs the conditions under which refunds may be requested for services rendered.

2. Milestone-Based Refund Structure

Services provided by NovalithCoreSystems are structured around defined project milestones. Refunds are calculated based on the completion status of project phases:

  • Pre-commencement: If a project has not yet commenced, a full refund of any advance payment will be issued within 14 business days of the written request.
  • In-progress projects: Refunds for partially completed work are calculated proportionally based on completed milestones. Work delivered and accepted by the client is non-refundable.
  • Completed projects: Once a project has been delivered and accepted, no refund will be issued except in cases of demonstrated non-conformity with the agreed specifications.

3. Non-Refundable Items

The following are not eligible for refund:

  • Third-party costs incurred on behalf of the client (domain registrations, hosting fees, software licenses, API subscriptions).
  • Work performed under a separate written agreement or change order.
  • Services rendered in good faith according to the agreed specifications, even if the client's business expectations are not met.

4. Refund Request Process

To request a refund, contact NovalithCoreSystems at [email protected] with the following information:

  • Project reference or invoice number.
  • Description of the grounds for the refund request.
  • Supporting documentation where applicable.

All refund requests will be reviewed within 10 business days. Approved refunds will be processed within 14 business days using the original payment method.

5. Dispute Resolution

In the event of a dispute regarding refunds, NovalithCoreSystems and the client agree to attempt resolution through good-faith negotiation before pursuing any other remedy. This policy is governed by Spanish law and subject to the jurisdiction of the courts of Madrid, Spain.

Terms of Service

Effective Date: January 1, 2026

Controller: NovalithCoreSystems, Calle Avecilla 2, Piso 1 B, Madrid, Spain.

1. Acceptance of Terms

By accessing or using the website and services of NovalithCoreSystems, you agree to be bound by these Terms of Service. If you do not agree to these terms, you must not use this website or engage our services.

2. Service Description

NovalithCoreSystems provides custom full-stack web architecture design, deployment, and maintenance services. Specific service deliverables, timelines, and pricing are defined in individual project agreements or statements of work issued to each client.

3. Client Obligations

The client agrees to:

  • Provide accurate and complete information necessary for project execution.
  • Respond to requests for feedback or approvals within agreed-upon timeframes.
  • Ensure they have the legal right to provide any materials, content, or data required for the project.
  • Make payments in accordance with the agreed payment schedule.

4. Intellectual Property

Unless otherwise specified in a project agreement:

  • All custom code, designs, and deliverables created specifically for the client become the client's property upon full payment.
  • NovalithCoreSystems retains ownership of general tools, methodologies, frameworks, and pre-existing intellectual property used in the creation of deliverables.
  • NovalithCoreSystems reserves the right to display anonymized case studies of completed work in its portfolio, unless the client objects in writing.

5. Limitation of Liability

To the maximum extent permitted by applicable law:

  • NovalithCoreSystems shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from the use of its services.
  • Total liability for any claim arising from or related to our services shall not exceed the total amount paid by the client for the specific service giving rise to the claim.
  • NovalithCoreSystems is not liable for downtime, data loss, or service interruptions caused by third-party infrastructure providers, force majeure events, or client-initiated changes.

6. Confidentiality

Both parties agree to maintain the confidentiality of proprietary information shared during the course of a project. This obligation survives the termination of the engagement for a period of 24 months.

7. Termination

Either party may terminate a project agreement with 14 days' written notice. Upon termination:

  • The client shall pay for all work completed up to the date of termination.
  • NovalithCoreSystems shall deliver all completed work product to the client.
  • Provisions regarding confidentiality, intellectual property, and limitation of liability survive termination.

8. Governing Law and Jurisdiction

These Terms of Service are governed by Spanish law. Any dispute arising from or related to these terms shall be subject to the exclusive jurisdiction of the courts of Madrid, Spain.

9. Modifications

NovalithCoreSystems reserves the right to modify these Terms of Service at any time. Changes will be effective upon posting to this website. Continued use of the website or services after modifications constitutes acceptance of the revised terms.