Regulatory
Architecture
All operational protocols, data handling procedures, and service terms for TimberSignalLabs are documented below in compliance with EU General Data Protection Regulation (GDPR) and applicable Danish data protection legislation.
Privacy Protocol
1. Data Controller Identification
The data controller responsible for the processing of personal data collected through this website is TimberSignalLabs, registered at Østerbrogade 54A, 2100 København Ø, Denmark. For all data protection inquiries, you may contact our designated data protection officer at [email protected] or via telephone at +45 30 52 74 19.
2. Categories of Personal Data Processed
We collect and process the following categories of personal data through this website:
- Identity Data: Full name, professional title, and organisational affiliation provided through contact form submissions.
- Contact Data: Email address, telephone number, and physical address submitted via inquiry forms or payment initiation processes.
- Technical Data: Internet Protocol (IP) address, browser type and version, operating system, device identifiers, and referring URL addresses collected automatically upon website access.
- Usage Data: Pages visited, time spent on each page, navigation patterns, and interaction events collected through analytics instrumentation.
- Financial Data: Payment card details processed exclusively through our PCI DSS-compliant payment processor (Stripe). We do not store, transmit, or have access to raw card numbers, CVV codes, or PIN data on our servers.
3. Legal Basis for Processing
We process personal data under the following legal bases as defined in Article 6 of the EU General Data Protection Regulation (GDPR):
- Consent (Article 6(1)(a)): Where you have given explicit, informed, and freely given consent for specific processing purposes — such as subscribing to communications or accepting non-essential cookies.
- Contractual Necessity (Article 6(1)(b)): Where processing is necessary for the performance of a contract to which you are a party, or to take pre-contractual steps at your request — such as responding to service inquiries or processing payments for engaged services.
- Legitimate Interest (Article 6(1)(f)): Where processing is necessary for our legitimate interests in operating, securing, and improving this website and our services, provided such interests are not overridden by your fundamental rights and freedoms.
- Legal Obligation (Article 6(1)(c)): Where processing is necessary for compliance with a legal obligation to which we are subject — such as tax record retention requirements under Danish law.
4. Data Retention Periods
Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law:
- Contact form submissions are retained for a maximum of 24 months from the date of submission, after which they are securely deleted from active systems and backups.
- Payment transaction records are retained for 7 years in compliance with Danish bookkeeping legislation (Bogføringsloven).
- Technical and usage data collected through analytics is retained for a maximum of 13 months in an anonymised or pseudonymised form.
- Cookie consent preferences are stored for 12 months from the date of your selection.
5. Data Recipients and International Transfers
Your personal data may be shared with the following categories of recipients:
- Infrastructure Providers: Our website is hosted on servers within the European Economic Area (EEA). All data at rest is encrypted using AES-256, and all data in transit is protected via TLS 1.3.
- Payment Processor: Stripe, Inc. processes payment card data under a Data Processing Agreement that includes EU Standard Contractual Clauses (SCCs) for any transfers outside the EEA.
- Analytics Provider: Where analytics cookies are accepted, usage data may be transmitted to analytics services that operate under EU-approved data transfer mechanisms.
- Legal Authorities: We may disclose personal data where required by law, court order, or regulatory authority.
We do not sell, rent, or trade personal data to third parties for their own marketing purposes under any circumstances.
6. Your Data Protection Rights
Under the GDPR and applicable Danish data protection law, you possess the following rights:
- Right of Access (Article 15): You may request confirmation of whether we process your personal data and obtain a copy of such data in a structured, commonly used, and machine-readable format.
- Right to Rectification (Article 16): You may request the correction of inaccurate personal data or the completion of incomplete data without undue delay.
- Right to Erasure (Article 17): You may request the deletion of your personal data where there is no compelling legal or operational reason for continued processing.
- Right to Restriction (Article 18): You may request the restriction of processing where you contest the accuracy of data, object to processing, or where processing is unlawful.
- Right to Data Portability (Article 20): You may receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.
- Right to Object (Article 21): You may object to processing based on legitimate interests at any time, and we will cease processing unless we demonstrate compelling legitimate grounds.
- Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
To exercise any of these rights, please contact us at [email protected]. We will respond to all verified requests within 30 days.
7. Right to Lodge a Complaint
If you believe that our processing of your personal data violates applicable data protection law, you have the right to lodge a complaint with the Danish Data Protection Authority (Datatilsynet):
Datatilsynet
Borgergade 28, 1300 København K
Telephone: +45 33 19 32 00
Email: [email protected]
Website: www.datatilsynet.dk
8. Data Security Measures
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include but are not limited to: encryption of data at rest and in transit, regular security assessments and penetration testing, access controls with role-based permissions, automated intrusion detection systems, and regular backup procedures with encrypted off-site storage.
9. Updates to This Privacy Protocol
This Privacy Protocol may be updated periodically to reflect changes in our data processing practices or applicable legal requirements. The date of the most recent revision is indicated at the top of this document. We encourage you to review this page regularly. Material changes will be communicated through a prominent notice on our website or via direct notification to registered contacts.
Refund Terms
1. General Refund Policy
TimberSignalLabs delivers professional digital engineering services on a project-by-project basis. Due to the bespoke and labour-intensive nature of our work, refunds are evaluated according to the following terms. All service engagements are governed by a signed Statement of Work (SOW) or equivalent binding agreement that specifies deliverables, milestones, and payment schedules.
2. Pre-Commencement Cancellation
If a project is cancelled by the client before work has commenced (i.e., before any engineering resources have been allocated), a full refund of any advance payment will be issued within 14 business days. Cancellation requests must be submitted in writing to [email protected].
3. Mid-Project Cancellation
If a project is cancelled after work has commenced, the client is liable for payment of all work completed up to the date of cancellation, calculated on a pro-rata basis against the total project fee. Completed milestone deliverables that have been accepted by the client are non-refundable. Any undelivered work will cease immediately upon cancellation, and all completed work product will be transferred to the client within 10 business days.
4. Service Defects and Quality Assurance
All delivered services are covered by a quality assurance period as specified in the project SOW — typically 30 calendar days from final delivery. If a delivered service materially fails to meet the specifications defined in the SOW, TimberSignalLabs will, at its discretion, either remediate the defect at no additional cost or issue a partial refund proportional to the scope of the deficiency. Defect claims must be submitted in writing with specific documentation of the deviation from specification.
5. Non-Refundable Items
The following are non-refundable: (a) completed and accepted milestone deliverables, (b) third-party licence fees, hosting costs, or infrastructure charges incurred on behalf of the client, (c) consulting hours consumed during discovery, audit, or strategy sessions, and (d) work product delivered in full conformance with the agreed SOW specifications.
6. Refund Processing
All approved refunds will be processed within 14 business days of written approval and returned via the original payment method. TimberSignalLabs reserves the right to deduct applicable transaction fees or currency conversion costs from the refund amount where incurred.
7. Dispute Resolution
Any disputes arising from refund requests will be resolved in accordance with the dispute resolution procedures outlined in the Service Accord below. TimberSignalLabs is committed to resolving all financial disputes fairly and in compliance with EU consumer protection directives.
Service Accord
1. Acceptance of Terms
By accessing, browsing, or using this website and the services offered by TimberSignalLabs, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service. If you do not agree to these terms, you must discontinue use of this website and our services immediately. These terms constitute a legally binding agreement between you (or the entity you represent) and TimberSignalLabs, registered at Østerbrogade 54A, 2100 København Ø, Denmark.
2. Service Scope and Engagement
All services provided by TimberSignalLabs are delivered on the basis of a signed Statement of Work (SOW), proposal, or equivalent written agreement that specifies the scope, deliverables, timelines, and fees for each engagement. These Terms of Service apply to the general use of this website and the initiation of inquiries; specific project terms are governed by the applicable SOW. TimberSignalLabs reserves the right to decline any engagement at its sole discretion.
3. Payment Terms
All fees are quoted in Euros (€) unless otherwise specified in the applicable SOW. Payment is due according to the milestone schedule defined in the project agreement. Invoices are issued digitally and payable within 14 calendar days of issuance. Late payments may incur a statutory interest charge of 8 percentage points above the European Central Bank base rate, in accordance with the EU Late Payment Directive (2011/7/EU). TimberSignalLabs reserves the right to suspend work on any project where payments are overdue by more than 14 calendar days.
4. Intellectual Property
Upon receipt of full payment for a completed project, all intellectual property rights in the final deliverables defined in the SOW are transferred to the client. TimberSignalLabs retains the right to use anonymised, non-confidential aspects of completed work for portfolio, case study, and marketing purposes unless explicitly restricted in the SOW. Pre-existing intellectual property, frameworks, tools, and methodologies used by TimberSignalLabs in the course of delivering services remain the exclusive property of TimberSignalLabs and are licensed to the client for use within the scope of the delivered project only.
5. Confidentiality
Both parties agree to maintain the confidentiality of all proprietary information, trade secrets, business strategies, technical architectures, and customer data disclosed during the course of an engagement. This confidentiality obligation survives the termination of any engagement for a period of 36 months. Neither party shall disclose confidential information to third parties without prior written consent, except as required by law.
6. Limitation of Liability
To the maximum extent permitted by applicable law, TimberSignalLabs shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from the use of this website or the engagement of our services. Our total aggregate liability for any claim arising from a specific project engagement shall not exceed the total fees paid by the client for that specific project during the 12 months preceding the claim. This limitation does not apply to liability arising from gross negligence, wilful misconduct, or breach of confidentiality obligations.
7. Force Majeure
Neither party shall be liable for failure or delay in performing its obligations where such failure or delay results from circumstances beyond the reasonable control of the affected party — including but not limited to acts of God, natural disasters, pandemic conditions, government actions, armed conflict, cyberattacks on critical infrastructure, or prolonged power or telecommunications failures. The affected party shall notify the other party within 48 hours of the force majeure event and shall use reasonable endeavours to mitigate its effects.
8. Termination
Either party may terminate an engagement by providing 30 calendar days' written notice. In the event of termination, the client shall pay for all work completed up to the termination date as specified in the Refund Terms above. TimberSignalLabs may terminate an engagement immediately upon written notice if the client materially breaches these terms, fails to make payments within 30 calendar days of the due date, or becomes insolvent or enters liquidation proceedings.
9. Governing Law and Jurisdiction
These Terms of Service are governed by and construed in accordance with the laws of Denmark and, where applicable, the European Union. Any disputes arising from these terms or the services provided by TimberSignalLabs shall first be subject to mediation. If mediation does not resolve the dispute within 60 calendar days, either party may submit the dispute to the exclusive jurisdiction of the courts of Copenhagen, Denmark.
10. Amendments
TimberSignalLabs reserves the right to amend these Terms of Service at any time. Material changes will be communicated through a prominent notice on this website at least 14 calendar days before they take effect. Your continued use of this website and our services after the effective date of any amendment constitutes your acceptance of the modified terms.
11. Severability
If any provision of these Terms of Service is found to be invalid, illegal, or unenforceable by a court of competent jurisdiction, the remaining provisions shall continue in full force and effect. The invalid provision shall be modified to the minimum extent necessary to make it valid, legal, and enforceable while preserving its original intent.
Last updated: July 2026 · TimberSignalLabs · Østerbrogade 54A, 2100 København Ø, Denmark
For data protection inquiries: [email protected]