Legal

Privacy Policy

Learn how we collect, use, and protect your data.

Last updated: February 18, 2026

1. Introduction

Grigio ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise process your information in connection with our website, mobile applications, and services (collectively, the "Services").

2. Information We Collect

We collect information in various ways, including:

  • Account Information: When you create an account, we collect your name, email address, password, organization details, and profile information.
  • Service Data: Information about your AI systems, usage patterns, and service configurations that you provide or that we collect in connection with our insurance services.
  • Billing Information: Payment methods, billing address, invoice history, and subscription details (processed securely through third-party payment processors).
  • Usage Data: Information about how you interact with our Services, including features used, pages visited, and frequency of use.
  • Device Information: IP address, browser type, operating system, and device identifiers.
  • Communications: Any messages, feedback, or support inquiries you send us.

3. How We Use Your Information

We use the information we collect for purposes including:

  • Providing, maintaining, and improving our Services
  • Processing transactions and sending transaction-related communications
  • Sending transactional emails and account notifications
  • Responding to inquiries and providing customer support
  • Analyzing usage patterns to improve our Services
  • Detecting, preventing, and addressing fraud and security issues
  • Complying with legal obligations
  • Personalizing your experience and providing relevant features

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

  • Service Providers: We share data with third-party service providers (payment processors, email providers, analytics services, insurance underwriters) who process data on our behalf under strict confidentiality agreements.
  • Insurance Partners: To provide our insurance services, we may share relevant information with our insurance underwriting partners and reinsurers. This data is handled in accordance with industry standards and regulatory requirements.
  • Legal Requirements: We may disclose information when required by law or when necessary to protect our rights and safety.
  • Organization Members: Within your organization, authorized members can access service and billing data based on permissions set by administrators.

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit using SSL/TLS protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and penetration testing
  • Restricted access to personal information on a need-to-know basis
  • Two-factor authentication options for account security
  • Detailed audit logs of all significant data access and modifications

While we strive to protect your information, no security system is impenetrable. We cannot guarantee absolute security of your data.

6. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy. You may request deletion of your account and associated data at any time through your account settings or by contacting our support team. Some information may be retained for legal compliance or legitimate business purposes.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Correct: Request correction of inaccurate or incomplete information.
  • Right to Delete: Request deletion of your personal data.
  • Right to Restrict Processing: Request that we limit how we use your information.
  • Right to Data Portability: Request your data in a portable format.
  • Right to Withdraw Consent: Withdraw consent for processing at any time.

To exercise any of these rights, please contact us using the contact information provided below.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, remember preferences, and understand how you use our Services. You can control cookie settings through your browser, though disabling cookies may affect functionality.

9. Third-Party Links

Our Services may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any information.

10. Organization Data

If you are using Grigio as part of an organization, your organization administrator may have access to your data. The organization owns the data created within the organization's account, including policy information and service configurations. We recommend reviewing your organization's data policies and practices.

11. Children's Privacy

Grigio is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information and terminate the child's account.

12. International Data Transfers

Your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws that differ from your home country. By using Grigio, you consent to the transfer of your information to countries outside your country of residence.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by updating the "Last updated" date and, for significant changes, by sending notification to your registered email address. Your continued use of Grigio following any changes constitutes your acceptance of the updated Privacy Policy.

14. Data Protection Officer and Compliance

Grigio is committed to complying with applicable data protection regulations including GDPR, CCPA, and other privacy laws. We maintain detailed records of our data processing activities and conduct regular privacy impact assessments.

15. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about our privacy practices, please contact us:

We will respond to privacy inquiries within 30 days.