At GrantGunner, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.
1. Information We Collect
1.1 Information You Provide
We collect information you voluntarily provide when you:
- Create an account
- Update your profile
- Use our Services
- Contact customer support
- Subscribe to our newsletter
- Participate in surveys or promotions
This may include:
- Name and contact information (email, phone)
- Organization details
- Payment information (processed by Stripe)
- Grant application content
- Communications with us
1.2 Automatically Collected Information
When you use our Services, we automatically collect:
- Log Data: IP address, browser type, operating system, pages visited, time spent
- Device Information: Device type, unique device identifiers
- Usage Data: Features used, actions taken, interactions with the Services
- Cookies and Tracking: We use cookies and similar technologies (see Cookie Policy below)
1.3 Information from Third Parties
We may receive information from:
- Authentication providers (Google, Microsoft, etc.)
- Payment processors (Stripe)
- Analytics services (Google Analytics)
- Marketing platforms
2. How We Use Your Information
We use your information to:
2.1 Provide and Improve Services
- Create and manage your account
- Process payments and subscriptions
- Deliver the Services you requested
- Provide customer support
- Improve and optimize our Services
- Develop new features and functionality
2.2 Communications
- Send service-related notifications
- Respond to your inquiries
- Send marketing communications (with your consent)
- Provide updates about your account or subscriptions
2.3 Analytics and Research
- Analyze usage patterns and trends
- Conduct research and data analysis
- Measure effectiveness of our Services
- Create aggregated, anonymized data
2.4 Legal and Security
- Comply with legal obligations
- Enforce our Terms of Service
- Protect against fraud and abuse
- Maintain security and integrity of our Services
- Resolve disputes
3. AI and Machine Learning
3.1 AI Processing
Our Services use artificial intelligence and machine learning to:
- Generate grant application content
- Match grants to your profile
- Provide recommendations
- Analyze grant opportunities
3.2 Data Used for AI
When using AI features:
- Your inputs and organization data may be processed by AI models
- We use both our own models and third-party AI services (OpenAI, Anthropic, Google)
- Content you generate is associated with your account
- We may use anonymized data to improve our AI models
3.3 AI Data Privacy
- Third-party AI providers process data according to their privacy policies
- We do not share personally identifiable information unnecessarily
- You retain ownership of content you create
- AI-generated content is not stored longer than necessary
4. How We Share Your Information
We do not sell your personal information. We may share your information with:
4.1 Service Providers
We share data with trusted third parties who help us operate our Services:
- Cloud Hosting: AWS, Google Cloud
- Payment Processing: Stripe
- Email Services: Transactional email providers
- Analytics: Google Analytics
- AI Services: OpenAI, Anthropic, Google Gemini
- Customer Support: Support ticket systems
4.2 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
4.3 Legal Requirements
We may disclose your information if required to:
- Comply with legal obligations
- Respond to lawful requests from authorities
- Protect our rights and property
- Investigate fraud or security issues
- Protect the safety of users or the public
4.4 With Your Consent
We may share your information for other purposes with your explicit consent.
5. Data Storage and Security
5.1 Data Storage
- Data is stored on secure servers in the United Kingdom
- We use industry-standard encryption for data at rest and in transit
- Database backups are encrypted and securely stored
5.2 Security Measures
We implement appropriate technical and organizational measures:
- Encryption (TLS/SSL for data in transit)
- Access controls and authentication
- Regular security audits
- Employee training on data protection
- Incident response procedures
5.3 Data Retention
We retain your information:
- As long as your account is active
- As necessary to provide Services
- To comply with legal obligations
- To resolve disputes
- As specified in our data retention policy
You may request deletion of your data at any time (see Your Rights section).
6. Cookies and Tracking
6.1 What Are Cookies
Cookies are small text files stored on your device that help us provide and improve our Services.
6.2 Types of Cookies We Use
- Essential Cookies: Required for the Services to function
- Analytics Cookies: Help us understand how you use our Services (Google Analytics)
- Preference Cookies: Remember your settings and preferences
6.3 Cookie Management
You can control cookies through:
- Our cookie consent banner
- Browser settings
- Opt-out tools provided by third parties
Note: Disabling essential cookies may affect functionality of our Services.
6.4 Do Not Track
Our Services do not currently respond to Do Not Track (DNT) signals.
7. Your Rights and Choices
Depending on your location, you may have the following rights:
7.1 Access and Portability
- Request a copy of your personal information
- Export your data in a portable format
7.2 Correction
- Update or correct your personal information
- Access account settings to modify your profile
7.3 Deletion
- Request deletion of your personal information
- Delete your account through account settings
7.4 Restriction and Objection
- Restrict or object to certain processing of your data
- Opt out of marketing communications
7.5 Withdrawal of Consent
- Withdraw consent for data processing where consent is the legal basis
7.6 Complaint
- File a complaint with a supervisory authority if you believe we've violated your privacy rights
To exercise these rights, contact us at [email protected].
8. International Data Transfers
If you access our Services from outside the United Kingdom:
- Your information may be transferred to and stored in different countries
- We ensure appropriate safeguards are in place (Standard Contractual Clauses, adequacy decisions)
- By using our Services, you consent to such transfers
9. Children's Privacy
Our Services are not intended for children under 13 (or applicable age in your jurisdiction). We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.
10. Third-Party Links
Our Services may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.
11. California Privacy Rights
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt out of sale of personal information
- Right to deletion
- Right to non-discrimination
We do not sell personal information as defined by CCPA.
12. GDPR Compliance (EEA/UK Users)
If you are in the European Economic Area or United Kingdom:
12.1 Legal Basis for Processing
We process your data based on:
- Contract: Performance of our agreement with you
- Legitimate Interest: Improving our Services, analytics, security
- Consent: Marketing communications, non-essential cookies
- Legal Obligation: Compliance with applicable laws
12.2 Your GDPR Rights
You have the right to:
- Access your personal data
- Rectify inaccurate data
- Erase your data ("right to be forgotten")
- Restrict processing
- Data portability
- Object to processing
- Withdraw consent
- Lodge a complaint with a supervisory authority
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy on our website
- Sending an email to your registered address
- Displaying a notice on our Services
Your continued use of the Services after changes become effective constitutes acceptance of the updated policy.
14. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us:
Email: [email protected]
Address: 23 Orangefield Parade, Belfast, Northern Ireland, BT5 6DE
Summary of Key Points
- We collect information you provide and information automatically collected
- We use your information to provide Services, improve functionality, and communicate with you
- We use AI services that process your data in accordance with their privacy policies
- We do not sell your personal information
- You have rights to access, correct, and delete your information
- We use cookies for essential functionality and analytics
- We implement security measures to protect your data
- Contact us at [email protected] for privacy-related questions
By using GrantGunner, you acknowledge that you have read and understood this Privacy Policy.