Privacy Policy

Last updated: January 2025

Grolyx ("we", "us") is committed to protecting your privacy. This policy explains how we collect, use, and protect your data.

What data we collect

We collect your email address, hashed password, business name and type, and the sales data (revenue and orders) you manually enter. We do not collect payment information.

How we use your data

Your data is used exclusively to generate insights for your business. We do not sell your data, share it with third parties for marketing, or use it for advertising.

Data storage and security

Data is stored in a secure PostgreSQL database with encryption at rest. All API communication is over HTTPS. Passwords are hashed with bcrypt and never stored in plaintext.

AI processing

Anonymised, aggregated data about your business performance (e.g. "revenue changed by -12%") may be sent to OpenAI to generate insight text. No personally identifiable information (email, name) is included in these prompts.

Your rights

You may request deletion of your account and all associated data at any time by emailing info.grolyx@gmail.com. We will process requests within 30 days.

Cookies

We use a single authentication cookie (JWT token) that is strictly necessary for you to use the application. We do not use tracking or advertising cookies.

Contact

For any privacy questions, email info.grolyx@gmail.com.