LEGAL

Privacy and data security

Transparency is our default setting. Here's exactly how we collect, use, and protect your information.

1. Introduction

GRIVITY (“we”, “us”, “our”) is committed to protecting your privacy. We are an Australian-based digital growth firm bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This policy outlines how we handle personal data collected via our website, custom applications, and automation services.

2. Information we collect

We collect data to design more effective growth systems for your business. This includes:

Identity data: Name, job title, company name.
Contact data: Email address, phone number, and billing address.
Technical data: IP address, browser type, time zone setting, and operating system.
Usage data: How you interact with our website (scroll depth, clicks) is tracked via server-side events.
Integration data: Performance metrics, campaign data, and account information retrieved from connected third-party platforms at the user's request.

3. How we use your data

We use your data to:

Deliver contracted services (e.g., building your web app).
Configure automation workflows and CRM pipelines.
Improve our website performance using anonymous analytics.
Provide relevant technical updates or marketing communications (you can opt out at any time).

4. AI and automation data handling

We utilise Artificial Intelligence (AI) and automation middleware to deliver our services.

Data processing: Data may be processed by Large Language Models (LLMs) to generate responses, summaries, or perform actions (such as automated voice calls or lead qualification).
No training on client data: We configure our AI integrations via enterprise API to ensure your proprietary business data is isolated and not used to train public models.
Security: All API credentials and data in transit are encrypted using enterprise-grade standards (AES-256).

5. Dashboard application and third-party integrations

GRIVITY operates a client dashboard application ("the App") available at app.grivity.co. Users may connect third-party platform integrations to enable reporting, automation, and performance management features within the App.

Authentication:

Users may sign in to the App using Google Sign-In. We collect your name and email address for authentication purposes only.
Signing in with Google does not automatically connect any advertising or analytics platforms.

Optional platform integrations:

Users may optionally connect the following platforms to unlock additional App features. Each integration is authorised separately and only activated at the user's explicit request:

Google Ads: Used to retrieve campaign performance data for reporting within the App.
Google Analytics: Used to retrieve website traffic and conversion data for reporting within the App.
Google Search Console: Used to retrieve organic search performance data for reporting within the App.
Google Business: Used to retrieve local listing data and review information for reporting within the App.
Meta (Facebook/Instagram): Used to retrieve ad account performance, page insights, and lead data for reporting within the App.

For all integrations:

We only request the minimum permissions necessary to deliver the features described above.
We do not sell, share, or use platform data for advertising or to train AI models.
Our use of Google API data complies with the Google API Services User Data Policy, including the Limited Use requirements.
Users may disconnect any integration at any time via the App's settings page, which will revoke our access to that platform's data.

6. Third-party infrastructure

We do not sell your data. To deliver our services, we utilise a suite of enterprise-grade sub-processors. Specific vendors may vary by project, but typically include:

Cloud infrastructure: Hosting and serverless compute providers (e.g., Google Cloud, AWS).
Automation middleware: Tools used to orchestrate data workflows and integrations.
CRM and marketing: Platforms for managing client relationships and communications.
AI providers: Enterprise APIs for intelligence, automation, and voice synthesis (e.g., OpenAI, Google).

7. Cookies and server-side tracking

We use cookies and server-side APIs (such as Meta CAPI) to track conversion events. This ensures accurate ROI reporting. You can control cookie preferences via your browser settings, though this may limit site functionality.

8. Contact us

If you have questions about this policy or wish to exercise your data rights, please contact our Privacy Officer at hello@grivity.co.