Privacy Policy

GrantFounders collects information necessary to provide and improve the Service. This includes:

Account and Organization Information: When you register, we collect your name, email address, organization name, and billing information. Organization administrators may add additional users, and we collect profile information for each user within an organization account.

Project and Proposal Content: We store project descriptions, organizational profiles, proposal drafts, version history, and related content that you create or upload within the platform. This content is associated with your organization account.

API Usage Metadata: We collect records of API requests, including request timestamps, endpoint paths, response codes, token consumption, and access key identifiers. We do not log the full content of API request bodies in standard operation.

Billing and Payment Data: Subscription and payment transactions are processed by Stripe. We receive and store confirmation of payment status, subscription tier, and billing cycle. We do not store full card numbers, CVV codes, or other raw payment credentials.

Analytics and Usage Data: We collect information about how you interact with the platform, including pages visited, features used, session duration, and error events. This data is used to improve the Service and is not sold to third parties.

Technical Data: We collect IP addresses, browser type, operating system, and device identifiers for security, fraud prevention, and service delivery purposes.

We use the information we collect to:

    • Provide, maintain, and improve the Service
    • Authenticate users and authorize access to organizational workspaces
    • Process billing and manage subscription status
    • Generate, store, and deliver proposal content and analytical outputs
    • Monitor API usage and enforce subscription limits
    • Detect and prevent fraud, abuse, and security incidents
    • Send transactional communications, including account confirmations, billing notices, and service updates
    • Respond to support requests and inquiries
    • Analyze usage patterns to improve platform features and performance

We do not use your project content or proposal data to train AI models for use by other customers without your explicit consent.

GrantFounders uses session cookies to maintain authenticated sessions. These cookies are essential to the operation of the Service and cannot be disabled without affecting your ability to use the platform.

We may use analytics tools to collect aggregated, non-personally identifiable usage data. These tools may use cookies or similar tracking technologies. You can configure your browser to refuse cookies, though this may affect certain platform features.

We do not use advertising cookies or share behavioral data with advertising networks.

We share information with third-party service providers who assist us in operating the Service, subject to confidentiality obligations. These providers include:

    • Cloud infrastructure and database hosting providers
    • Payment processing (Stripe)
    • AI and language model infrastructure providers, which process proposal generation requests
    • Analytics and monitoring services
    • Email delivery services for transactional communications

We do not sell your personal information or Customer Content to third parties for marketing or advertising purposes. We may disclose information if required by law, court order, or governmental authority, or to protect the rights, property, or safety of GrantFounders, its users, or the public.

We retain account and organizational data for as long as your account is active or as needed to provide the Service. Project content, proposal drafts, and workspace data are retained for the duration of your subscription and for a reasonable period following account closure to allow for data export requests.

API usage logs and audit records are retained for a minimum of 90 days and may be retained longer for security and compliance purposes. Billing records are retained as required by applicable law.

Upon account termination, you may request an export of your Customer Content within 30 days. After that period, GrantFounders may delete your data in accordance with its standard data lifecycle practices.

GrantFounders implements technical and organizational measures to protect your information against unauthorized access, disclosure, alteration, and destruction. These measures include:

    • Encrypted data transmission using TLS for all platform communications
    • Access key-based authentication for API access
    • Organization-scoped data boundaries within the platform
    • Audit logging of significant account and workspace actions
    • Role-based access controls within organizational accounts
    • Controlled access to production systems by authorized personnel

No system is completely secure. We cannot guarantee that unauthorized parties will never gain access to your information. If you believe your account has been compromised, please contact us immediately at [email protected].

GrantFounders is operated from the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using the Service, you consent to the transfer of your information to countries that may have different data protection laws than your jurisdiction.

Depending on your location, you may have rights regarding your personal information, including the right to access, correct, or delete your data, and the right to object to or restrict certain processing. To exercise these rights, contact us at [email protected].

Organization administrators may access, update, or delete user information within their organization account through the account settings interface. Individual users may update their profile information directly.

We will respond to verified requests within a reasonable timeframe, consistent with applicable law.

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify users of material changes by posting the updated policy on our website and, where appropriate, by email. The "Last updated" date at the top of this policy reflects the most recent revision. Continued use of the Service after changes are posted constitutes acceptance of the revised policy.

For questions about this Privacy Policy or our data practices, please contact:

GrantFounders
Privacy Team
[email protected]

For security-related concerns: [email protected]