Groovvey Logo

Privacy Policy

Last updated: 12/16/2025

1. Introduction

Grovvey.io ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud-based CRM platform and related services.

This policy applies to all users of our CRM, sales automation, marketing, and customer support tools. By using our Service, you consent to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We collect personal information that you provide directly, including:

  • Name, email address, phone number
  • Company name and job title
  • Billing and payment information
  • Account credentials and security information
  • Profile photos and other account details

2.2 Customer and Business Data

Through your use of our CRM platform, we process:

  • Contact information of your customers and leads
  • Sales data, deal information, and transaction records
  • Marketing campaign data and customer interactions
  • Support tickets and customer service communications
  • Custom fields and notes you create in the system
  • Email and communication logs within the platform

2.3 Technical Information

We automatically collect technical data including:

  • IP address, browser type, and device information
  • Usage patterns, feature interactions, and session data
  • Log files, error reports, and performance metrics
  • Location data (if location services are enabled)

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Provision

  • Providing and maintaining our CRM platform
  • Processing transactions and managing your account
  • Enabling communication and collaboration features
  • Generating reports and analytics for your business

3.2 Communication

  • Sending service updates and important notifications
  • Providing customer support and technical assistance
  • Responding to your inquiries and requests
  • Sending marketing communications (with your consent)

3.3 Improvement and Security

  • Improving our services and developing new features
  • Monitoring for security threats and fraud prevention
  • Conducting analytics to understand usage patterns
  • Ensuring compliance with legal obligations

4. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and login status
  • Analyze website traffic and user behavior
  • Provide personalized content and recommendations
  • Enable essential platform functionality

Cookie Types

  • Essential Cookies: Required for basic platform functionality
  • Analytical Cookies: Help us understand how users interact with our service
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used for targeted advertising (with your consent)

You can control cookie preferences through your browser settings or our cookie consent manager.

5. Data Sharing and Disclosure

We may share your information in the following circumstances:

5.1 Service Providers

We work with trusted third-party providers for:

  • Cloud hosting and data storage
  • Payment processing and billing
  • Email delivery and communication services
  • Analytics and monitoring tools
  • Customer support platforms

5.2 Business Transfers

Information may be transferred in connection with mergers, acquisitions, or asset sales.

5.3 Legal Requirements

We may disclose information when required by law, legal process, or to protect our rights and safety.

5.4 Integrations

When you connect third-party applications, data may be shared according to your integration settings.

6. Data Storage and Retention

Your data is stored on secure cloud servers in [Data Center Locations]. We retain information for as long as necessary to provide our services and comply with legal obligations.

Retention Periods

  • Account Data: Retained while your account is active
  • Customer Data: Retained according to your data management settings
  • Billing Records: Retained for 7 years for tax and legal compliance
  • Marketing Data: Retained until you withdraw consent
  • Technical Logs: Retained for 90 days for security and performance monitoring

7. Your Rights and Choices

Depending on your location, you may have the following rights:

7.1 Access and Portability

  • Request a copy of your personal data
  • Export your data in a machine-readable format
  • Access information about how your data is processed

7.2 Correction and Deletion

  • Correct inaccurate or incomplete personal data
  • Request deletion of your personal data
  • Object to processing for direct marketing

7.3 Control and Restriction

  • Restrict processing of your personal data
  • Withdraw consent for data processing
  • Opt-out of marketing communications

To exercise these rights, contact us at privacy@grovvey.io or through your account settings.

8. Data Security

We implement comprehensive security measures to protect your information:

Technical Safeguards

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Multi-factor authentication and access controls
  • Regular security audits and penetration testing
  • Automated backup and disaster recovery systems

Organizational Measures

  • Employee security training and background checks
  • Principle of least privilege access
  • Incident response and breach notification procedures
  • Regular security policy reviews and updates

Compliance Certifications

  • SOC 2 Type II compliance
  • ISO 27001 certification
  • GDPR compliance framework
  • Industry-specific security standards

9. International Data Transfers

We may transfer your data to countries outside your home jurisdiction. When we do, we ensure adequate protection through:

  • Standard Contractual Clauses approved by regulatory authorities
  • Adequacy decisions by data protection authorities
  • Certification schemes and codes of conduct
  • Additional safeguards for sensitive data transfers

10. Children's Privacy

Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child, we will take steps to delete such information promptly.

11. Regional Privacy Rights

11.1 European Union (GDPR)

Under GDPR, you have additional rights including:

  • Right to be informed about data processing
  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision making

11.2 California (CCPA/CPRA)

California residents have the right to:

  • Know what personal information is collected and how it's used
  • Delete personal information held by businesses
  • Opt-out of the sale of personal information
  • Non-discrimination for exercising privacy rights
  • Correct inaccurate personal information
  • Limit use of sensitive personal information

12. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable laws. We will notify you of material changes by:

  • Email notification to your registered email address
  • Prominent notice in our application
  • Updates to our website and documentation

Your continued use of the Service after notice of changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Team

Email: privacy@grovvey.io

Data Protection Officer: dpo@grovvey.io

Address: Graphix 2, Block A, Industrial Area, Sector 62, Noida, 201301, Uttar Pradesh, India

Phone: +91 9205664188

14. Supervisory Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection authority. For EU residents, you can find your local authority at: EDPB Members