Privacy Policy

Introduction

GritFlow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our context engineering platform and related services.

By using GritFlow, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Account Information

When you create an account, we collect:

• Email address
• Name (optional)
• Organization name (optional)
• Payment information (processed by Stripe)

Usage Data

We automatically collect certain information when you use GritFlow:

• Feature usage patterns (anonymized)
• Error logs and crash reports
• Performance metrics
• Device and browser information

Content You Create

When using GritFlow, you may create:

• Context buckets and documents
• Prompts and prompt history
• Grit Monitors and goals
• Session memory and patterns

How We Use Your Information

• To provide and maintain the GritFlow service
• To process your transactions and subscriptions
• To send you service-related communications
• To improve our products and develop new features
• To detect and prevent fraud or abuse
• To comply with legal obligations

Data Storage and Security

Local-First Architecture: GritFlow is designed with privacy in mind. Your context buckets, prompts, and session data are stored locally on your machine by default. We do not have access to the content of your documents unless you explicitly choose to sync them.

Cloud Sync (Optional): If you enable cloud sync for team features, your data is encrypted in transit and at rest using AES-256 encryption.

Security Measures: We implement industry-standard security measures including HTTPS, secure authentication, and regular security audits.

Data Sharing

We do not sell your personal information. We may share data with:

• Service Providers: Third parties that help us operate (e.g., Stripe for payments, Anthropic for AI processing)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your account and associated data
• Export your data in a portable format
• Opt out of marketing communications
• Withdraw consent at any time

Cookies

We use essential cookies for authentication and session management. We use analytics cookies (with your consent) to understand how GritFlow is used. You can disable non-essential cookies in your browser settings.

Children's Privacy

GritFlow is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. Continued use of GritFlow after changes constitutes acceptance of the updated policy.