Legal

Privacy Policy

Last updated: March 2025 · Effective immediately

Grid52 ("we", "us", "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights. We keep it plain and straightforward.

1. What we collect

Data you provide

Email address - when you sign in via magic link. Used only for authentication.
Grid data - the tool stacks, notes, costs, and stage configurations you create.
Company profile - industry, company size, and stage (optional, used for benchmarks).
Feedback - messages you send via the feedback form.

Data collected automatically

Cookies - we use a single first-party cookie to save your theme preference and active grid. No advertising cookies.
Local storage - your grids are stored locally in your browser and synced to our database when you sign in.
Basic analytics - page views and feature usage (anonymized, no personal identifiers).

2. How we use your data

To provide and improve the Grid52 product
To sync your grids across devices when you are signed in
To generate anonymized benchmark data ("companies like yours use...")
To respond to feedback you send us
To send transactional emails (magic link authentication only - no marketing emails unless you opt in)

3. What we do not do

We do not sell your data to anyone
We do not show advertising
We do not share your individual grid data publicly without your explicit action (sharing a grid)
We do not use your data to train AI models
We do not track you across other websites

4. Data storage and security

Your data is stored using Supabase (hosted on AWS). We use row-level security so only you can access your grids. Connections are encrypted in transit (HTTPS/TLS). Anonymous sessions are used before sign-in so no account is needed to start.

If you share a grid (opt-in), a read-only link is created. Only the grid structure and tool names are accessible via that link - never your notes, costs, or personal information.

5. Data retention

Signed-in grids - retained until you delete them or close your account
Anonymous grids - stored in your browser's local storage; cleared when you clear browser data
Email addresses - retained for as long as your account is active
Feedback messages - retained for up to 12 months

6. Third-party services

Service providers we use

Supabase - database and authentication (GDPR compliant)
Cloudflare - CDN, DNS, and DDoS protection
Google Fonts - typography (Geist font served from Google)

No advertising networks, data brokers, or social tracking pixels are used.

7. Your rights

Access - request a copy of the data we hold about you
Delete - request deletion of your account and all associated data
Correct - update or correct your information
Export - download your grid data at any time from the dashboard
Opt out - decline non-essential cookies via the banner on first visit

To exercise any of these rights, email us at the address below.

8. Children's privacy

Grid52 is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us immediately.

9. Changes to this policy

We may update this policy from time to time. We will update the "last updated" date at the top and, for material changes, notify signed-in users via email. Continued use of Grid52 after changes constitutes acceptance.

Questions or data requests?

Email us at privacy@grid52.com. We respond within 5 business days.