Privacy Policy

Privacy Policy

Effective Date: June 13, 2026

This Privacy Policy explains how Cogrant, MB ("MB Cogrant", "we", "us", or "Cogrant") collects, uses, stores, and protects your personal data when you use our services and purchase our products via www.cogrant.eu (the "Platform"). It is written in accordance with the General Data Protection Regulation (GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania, and the EU Artificial Intelligence Act (AI Act).

By using our services, you agree to the terms of this Privacy Policy.

1. Data Controller Information

Cogrant, MB Registration code: 307112528 VAT code: LT100019014915 Registered address: Vingrių g. 1-101, LT-01118 Vilnius, Lithuania Email: info@cogrant.eu

2. What Data We Collect

We may collect and process the following categories of data:

a. Account Information

  • Name, surname

  • Email address

  • Organisation name (where applicable)

  • Country or location

  • Job title (optional)

b. Company & Eligibility Data Information you input to receive relevant funding matches or a Funding Report, such as sector, size, legal status, and operational focus.

c. Platform Usage Data

  • Log-in history

  • Feature usage patterns

  • Subscription and purchase status

  • IP address and browser metadata

d. Content Data

  • Information submitted or uploaded to the Platform, including grant text inputs, preferences, and project data used to generate your Funding Report or proposals.

e. Payment & Transaction Data

  • Payments are processed by our payment provider, Stripe. We do not collect or store your full card details.

  • We receive limited transaction data from Stripe (for example, name, billing country, amount, VAT applied, and payment status) needed to fulfil your order, issue invoices, and meet accounting and tax obligations.

  • Stripe Tax processes location data to determine the correct VAT rate for your purchase.

3. How We Use Your Data

We process your personal data to:

  • provide access to the Cogrant Search platform and personalised grant suggestions;

  • generate and deliver your Funding Report and other purchased products;

  • assist in AI-supported proposal generation;

  • process payments, calculate and collect VAT, and issue invoices;

  • deliver newsletters, updates, and grant alerts (with your consent);

  • manage subscriptions and purchases;

  • comply with applicable legal, accounting, and tax obligations;

  • improve our services through anonymised analytics.

4. Legal Basis for Processing

We process personal data based on:

  • Performance of a contract (e.g., providing the Platform, generating the Funding Report, and consulting services);

  • Consent (e.g., email communications);

  • Legitimate interest (e.g., platform analytics and security);

  • Legal obligations (e.g., accounting, tax, and VAT compliance).

5. Use of Artificial Intelligence & EU AI Act

Cogrant uses general-purpose AI systems (such as large language models) to generate text content (e.g., Funding Reports, grant proposals, call matching explanations).

In accordance with the EU Artificial Intelligence Act:

  • We do not use AI for high-risk applications, such as biometric identification, legal judgments, or social scoring.

  • Users are informed when content is AI-generated.

  • We require users to review and validate all AI-generated outputs before use or submission.

  • We provide transparency about the purpose, logic, and limitations of AI tools integrated into the Platform.

  • All outputs are subject to human oversight and intervention, and you are responsible for final review.

6. Data Retention

We retain your personal data only for as long as necessary to:

  • deliver products and services;

  • comply with legal obligations (including accounting and tax records, which may require retention for a statutory period);

  • resolve disputes;

  • enforce agreements.

Inactive user accounts may be deleted after 24 months of inactivity.

7. Data Sharing and Subprocessors

We do not sell or rent personal data.

We may share data with:

  • cloud service providers (e.g., infrastructure, storage);

  • payment processors (e.g., Stripe, including Stripe Tax);

  • analytics and email platforms (e.g., user behaviour tools);

  • AI service providers (for report and proposal generation, under data processing agreements).

All third-party providers are subject to confidentiality and data protection agreements and are located within the EU or in jurisdictions recognised as adequate by the European Commission, or are covered by appropriate safeguards.

8. International Data Transfers

If data is transferred outside the European Economic Area (EEA), it is done under:

  • Standard Contractual Clauses (SCCs);

  • adequacy decisions by the European Commission;

  • other lawful safeguards.

9. Your Data Protection Rights

You have the following rights under the GDPR:

  • Access – Request a copy of your personal data.

  • Rectification – Request correction of inaccurate data.

  • Erasure – Request deletion ("right to be forgotten").

  • Restriction – Request limited processing of your data.

  • Data Portability – Receive your data in a portable format.

  • Objection – Object to processing based on legitimate interest.

  • Withdraw Consent – Where applicable, at any time.

To exercise any of these rights, please contact info@cogrant.eu. We will respond within 30 calendar days.

10. Cookies and Tracking

We use cookies to:

  • maintain secure user sessions;

  • analyse site usage (e.g., via Google Analytics or Matomo);

  • personalise user experience.

You may opt out of non-essential cookies through our cookie banner or browser settings.

11. Data Security

We implement technical and organisational measures to protect your data from unauthorised access, alteration, disclosure, or destruction, including:

  • access controls;

  • regular backups and audits.

12. Complaints

If you believe your data protection rights have been violated, you may lodge a complaint with:

State Data Protection Inspectorate L. Sapiegos g. 17, LT-10312 Vilnius, Lithuania Website: https://vdai.lrv.lt

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updated versions will be posted on www.cogrant.eu with a revised effective date. Continued use of the Platform after updates indicates your acceptance.

14. Contact Information

For privacy-related questions, requests, or complaints:

Cogrant, MB Email: info@cogrant.eu Website: www.cogrant.eu

Copyright © 2026

Cogrant

All rights reserved.

Resources

Search

Proposals

About us

Blog

Legal

Privacy Policy

Refund Policy

Terms and Conditions

Connect

LinkedIn

For more information contact us at info@cogrant.eu

Copyright © 2026

Cogrant

All rights reserved.

Resources

Search

Proposals

About us

Blog

Legal

Privacy Policy

Refund Policy

Terms and Conditions

Connect

LinkedIn

For more information contact us at info@cogrant.eu