Gridz

Privacy Policy

Last updated: 2026

What we collect

  • Account data — email address, name, and profile image (via Google or magic-link sign-in).
  • Page content — the links, images, and text you add to your Gridz page.
  • Analytics — page views and link clicks on your public page. We record the device type, referrer URL, and a hashed representation of the visitor's IP. Raw IPs are never stored.
  • Billing data — handled entirely by Stripe. We store only your Stripe customer ID and subscription status.

IP hashing — how it works

When someone visits your public page, we take their IP address, combine it with a secret salt that rotates every 24 hours, and hash the result with SHA-256. We store only the hash — it cannot be reversed to identify the visitor, and the next day's salt produces a completely different hash. This gives you meaningful deduplication (one view per visitor per 30-minute window) without storing any personally identifiable information.

Third-party services

  • Neon — Postgres database. Your data is stored in a Neon-managed database in AWS us-east-1.
  • Vercel — hosting and edge network.
  • Resend — transactional email (magic-link sign-in). Only your email address is shared.
  • Stripe — payment processing for paid plans.
  • Google — optional OAuth sign-in.

We use no third-party analytics or advertising scripts on your public page. Your visitors are not tracked by anyone other than you, through Gridz's own privacy-preserving system.

Your rights

You can export or delete your data at any time by contacting us. Deleting your account removes all your data within 30 days.

Cookies

We use one session cookie to keep you signed in. No advertising cookies, no third-party tracking cookies.

Contact

Questions about privacy? Email us at privacy@gridz.me.