I. COMMITMENT TO DATA SOVEREIGNTY

This Data Sovereignty Protocol (“Protocol“) articulates the framework governing the collection, processing, utilization, and protection of your data within the GRID APEX Ecosystem (“The Grid“). Our commitment is to uphold the sovereignty of your data, ensuring transparency and control.

This Protocol applies to all User Entities (individuals or groups engaging with The Grid) and Node Providers (partners offering services). By accessing or using The Grid, you acknowledge that you have read, understood, and agreed to the terms of this Protocol.

II. DATA STREAM INTAKE MATRIX

To operate The Grid with precision, we collect specific data streams. This collection is purposeful and limited to what is necessary.

A. Data Provided Directly by You:

• Identity & Account Credentials: When you register, we collect your name, email address, phone number, and password to create and secure your account. Node Providers may be required to submit additional business verification data.
• Profile & Node Content: Information you choose to add to your profile or, as a Node Provider, the content you upload for your Listings (text, photos, pricing).
• Communications: Records of your communications with us via the Aegis Response Uplink, as well as communications with other users through The Grid’s messaging system.
• Financial Data: When you execute a transaction, your payment information is processed by our secure third-party financial conduits. We do not store your full credit card details on our servers.

B. Data Generated via Grid Interaction (Automated):

• Logarithmic & Usage Data: We automatically log information about your interactions, including IP address, browser type, pages viewed, access times, and referring URLs.
• Grid Interaction Metadata (Cookies): We use cookies and similar tracking technologies to maintain your session, remember your preferences, and ensure the security and functionality of The Grid. You can control the use of cookies at the browser level.
• Telemetry & Locational Data: With your permission, we may collect precise or approximate location data to enhance your experience, such as showing nearby Nodes.

III. DATA UTILIZATION DIRECTIVES

Your data is utilized for the following core purposes:

1. To Operate and Optimize The Grid: To provide, maintain, and improve our services, including facilitating bookings, processing payments, and personalizing your experience.
2. To Maintain Grid Integrity and Security: To verify accounts, prevent fraud, and respond to security incidents or other malicious activity.
3. To Facilitate Communication: To enable communication between User Entities and Node Providers, and to send you administrative messages, updates, and support notifications.
4. To Comply with Sovereign Legal Mandates: To comply with applicable laws, legal processes, or governmental requests, as stipulated by the laws of the Republic of Indonesia.

IV. DATA DISPERSAL PROTOCOL

We do not sell your personal data. We only share it under the following, strictly defined circumstances:

• Between User Entities & Node Providers: To facilitate a booked Manifestation of a Node, we share necessary information (e.g., your name, contact details) between the relevant parties.
• With Third-Party Sub-Processors: We engage trusted third-party companies to perform services on our behalf (e.g., cloud hosting, payment processing, analytics). These partners are bound by strict confidentiality and data protection obligations.
• For Legal Compliance and Harm Prevention: We may disclose your information if required by law or if we believe in good faith that such action is necessary to protect the rights, property, or safety of GRID APEX, our users, or the public.
• During Corporate Structure Recalibration: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business, your data may be transferred as a business asset.

V. GRID AEGIS: DATA SECURITY FRAMEWORK

We implement a robust security framework—the Grid Aegis—to protect your data. This includes administrative, technical, and physical measures such as data encryption, access controls, and secure server infrastructure. However, no system is impenetrable. While we strive to protect your data, we cannot guarantee its absolute security.

VI. USER ENTITY SOVEREIGNTY & CONTROL

You retain sovereignty over your personal data. You have the right to:

• Access & Rectify: You can review and update your account information at any time through your dashboard.
• Erasure: You may request the deactivation and erasure of your account and personal data, subject to our legal and operational retention needs.
• Object to Processing: You have the right to object to certain data processing activities, such as direct marketing.

To exercise these rights, please adjust your account settings or contact us via the Aegis Response Uplink.

VII. DATA ARCHIVAL & PURGE CYCLE

We retain your data for as long as your account is active or as needed to provide you with services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. After this period, your data will enter a purge cycle and be securely deleted.

VIII. PROTOCOL ON JUVENILE ENTITIES

The Grid is not intended for individuals under the age of 18 (“Juvenile Entities”). We do not knowingly collect personal data from individuals under 18. If we become aware that we have inadvertently collected such data, we will take steps to delete it immediately.

IX. PROTOCOL MODIFICATION

GRID APEX reserves the right to modify this Data Sovereignty Protocol at any time. If we make material changes, we will notify you by email or by posting a notice on The Grid prior to the change becoming effective. Your continued use of The Grid after such changes constitutes your acceptance of the new Protocol.

X. JURISDICTION & GOVERNING LAW

This Protocol is governed by and construed in accordance with the laws of the Republic of Indonesia. Any disputes relating to this protocol will be subject to the exclusive jurisdiction of the courts of Yogyakarta, Indonesia.

XI. AEGIS RESPONSE UPLINK (CONTACT)

For any questions or concerns regarding this Protocol or your data, please contact us via the Aegis Response Uplink or by mail:

GRID CORP. (Attn: Data Sovereignty Office)
Green Tamanan Home Stay
Tamanan, Banguntapan, Bantul, Yogyakarta, Indonesia 55191

©2026 GRID CORP. All rights reserved.