Legal
Privacy Policy
This is an early-access privacy summary and should be reviewed by counsel before broad commercial use.
Information We Collect
GrantableHQ may collect account information such as name, email address, organization, role, authentication activity, and customer-provided content such as grant records, requirements, documents, financial imports, notes, and audit package data.
How Information Is Used
Information is used to provide the application, authenticate users, operate tenant workspaces, generate reports, support audit package workflows, maintain security, troubleshoot issues, and improve the product.
Uploaded Files and Grant Data
Customers control the files and grant-related information they upload. The service is designed for tenant-isolated access, but customers should avoid uploading information that their organization does not permit in a SaaS system.
Service Providers
GrantableHQ uses third-party infrastructure and service providers for hosting, database, authentication, storage, email delivery, and payment readiness. Current core providers include Vercel, Supabase, Resend, and Stripe integrations where enabled.
Security and Retention
GrantableHQ uses application roles, Supabase row-level security, private storage buckets, and server-side controls to help protect workspace data. Retention terms should be finalized in customer agreements before production rollout.