Privacy Policy

GrantLock is the data controller, reachable via /contact or directly at hello@grantlock.ai.

• Marketing-site signup: the email, name, company, role, and country you submit on /download or /waitlist, plus your IP address and the country reported by Cloudflare at submission time.
• Cloud product accounts: when you sign in at app.grantlock.ai, our identity provider (Clerk) issues a session and stores the email address, display name, and (where you provide it) profile photo associated with your account, plus the organizations you belong to.
• Cloud product activity: a per-organization audit log records who took what action and when (account changes, member invitations, settings updates).
• Downloads: a row per download (signup ID, platform, version, IP, timestamp). Used for abuse detection and version-rollout analytics.
• Telemetry from the Free Binary: see /telemetry — anonymized counts only, never configuration content.

• The contents of your MCP server configurations.
• Your scan results.
• The names, paths, or contents of any agents or tools you scan.
• Any third-party advertising identifiers.
• Marketing or tracking cookies on the marketing site.

• To deliver the signed binary you requested.
• To run the Cloud product (authenticate your sessions, scope your data to your organization).
• To send critical security advisories about a binary you've installed or a Cloud finding that affects you.
• To detect and block abuse of the download endpoint and the contact / waitlist forms.
• To learn which platforms and versions are in active use, so we can prioritize maintenance.
• If you ticked the marketing opt-in: to send periodic product updates. You can opt out at any time via the unsubscribe link in every marketing message.

• Marketing-site signup rows: until you ask us to delete them.
• Download rows: 12 months, then aggregated and the per-row IP is removed.
• Cloud product accounts: for as long as the account is active. After deletion we purge within 30 days, except where retention is required by law (e.g. financial records).
• Cloud audit log: 24 months, then archived for an additional 12 months.
• Telemetry events: 90 days raw, indefinitely as nightly aggregates.

Data is stored in Neon (Postgres) in AWS us-east-2. Authentication is managed by Clerk in the United States. Email is delivered by Resend. Application logs flow through Axiom. Cloudflare Workers serve the request path globally. The full subprocessors list is at /subprocessors.

We do not currently offer EU data residency. If you require it, please email and we'll scope the work.

Send a note via /contact from the same email you signed up with, including the word “DELETE” in the message. Cloud product users can also delete their account from Settings → Account. We will confirm and purge within 30 days, except where retention is required by law.

Marketing opt-in is a separate, unchecked-by-default consent on the signup form. We record the timestamp at which you opted in. Every marketing message includes a one-click unsubscribe link.

If you are in the EU/EEA, the UK, or California, you have the right to request access to, correction of, or deletion of your personal data; to object to processing; and (where applicable) to data portability. Send the request to hello@grantlock.ai from the email associated with the data. We respond within 30 days. We do not sell personal data.

GrantLock is not directed at children under 13 (under 16 in the EU/EEA). If we learn we have collected data from a child under that age, we will delete it.

We will update this page when material changes happen and email anyone with an active marketing opt-in or active Cloud account. The current version is always the one served at grantlock.ai/privacy.