logo

Privacy Policy

Last Updated: January 2, 2025

This Privacy Policy explains how Grella collects, uses, and protects your information when you use our secure AI workspace platform.

Business Name: Grella
Entity Details: Available upon request at [email protected]
Location: Sydney, New South Wales, Australia
Contact: [email protected]

Our Commitment to Your Privacy

Grella is built on a foundation of zero-knowledge encryption. We designed our architecture so that we cannot access your data, even if we wanted to. Your conversations, documents, and AI interactions remain private to you and your organization.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Full name
  • Email address
  • Organization name
  • WorkOS authentication credentials (if using SSO)

1.2 Usage Data

We automatically collect:

  • Device information (browser type, operating system)
  • IP address
  • Login timestamps
  • Feature usage patterns (for product improvement)
  • Error reports (for debugging and service reliability)

1.3 Payment Information

Payment details are processed by Stripe. We never store your credit card information on our servers. Stripe's privacy policy applies to payment data: https://stripe.com/privacy

1.4 Your Content (Encrypted)

  • Chat messages with AI
  • Uploaded documents and files
  • Project data and workspace content
  • AI conversation history

IMPORTANT: All content is encrypted with your organization's encryption key. We cannot read, access, or decrypt this data without your organization's passphrase.

2. How We Protect Your Data

2.1 Zero-Knowledge Encryption Architecture

Organization-Level Encryption:

  • When your organization is created, you receive a unique passphrase
  • This passphrase generates your organization's master encryption key
  • Your org key is encrypted with our enclave key (protected by Hardware Security Module)
  • All your data is encrypted with your org key before storage

What This Means:

  • ✔ We store encrypted data in our database
  • X We cannot decrypt your data without your org passphrase
  • X We cannot read your messages, documents, or AI conversations
  • ✔ Only your organization admin and authorized members can access your data

2.2 Data in Transit

  • All data between your device and our servers uses end-to-end encryption
  • Session keys are established for each user connection
  • TLS 1.3 encryption protects all network traffic

2.3 Trusted Execution Environment (TEE)

  • Decryption only occurs inside secure AMD EPYC Trusted Execution Environment
  • Even our server infrastructure cannot access plaintext data
  • Hardware-level security protections

2.4 Zero-Knowledge Options

For maximum security, organizations can:

  • Provide their own Hardware Security Module (HSM)
  • Use a passphrase-derived encryption key they control
  • Ensure Grella has absolutely zero access to data

3. How We Use Your Information

3.1 Account Information

We use your account information to:

  • Authenticate your identity
  • Provide customer support
  • Send service notifications and updates
  • Process billing and subscriptions

3.2 Usage Data

We use usage data to:

  • Improve platform performance
  • Fix bugs and errors
  • Understand feature usage patterns
  • Enhance user experience
  • Ensure service security

3.3 Your Encrypted Content

We do NOT:

  • X Read your messages or documents
  • X Use your data for AI training
  • X Share your data with AI model providers
  • X Sell or monetize your data
  • X Access your content for any purpose

Your encrypted content is used ONLY to:

  • ✔ Store it securely on your behalf
  • ✔ Deliver it back to you when requested
  • ✔ Enable your organization's authorized access

Organization Admins Can:

  • ✔ Access their organization's data (for compliance, monitoring, legal discovery)
  • ✔ Share access with authorized team members
  • ✔ Export data for legal or business purposes
  • ✔ Review audit logs of data access

4. Data Sharing and Third Parties

4.1 Service Providers We Use

We use trusted third-party service providers to help operate our platform. These services do NOT have access to your encrypted content:

ServicePurposeData They Access
WorkOSAuthentication & SSOEmail, name, login credentials
StripePayment processingBilling information, payment methods
Email ServiceTransactional emailsEmail address, notification content
AnalyticsUsage analyticsAnonymized usage patterns, feature interactions
Error MonitoringService reliabilityError reports (no user content stored)

Important: None of these services can decrypt your messages, documents, or workspace content.

4.2 We Share Data When:

Legal Requirements:

  • Court orders, subpoenas, or government requests
  • Required by applicable law or regulation
  • To protect our legal rights or comply with legal processes

With Your Consent:

  • When you explicitly authorize data sharing
  • When you invite team members to your organization

Business Transfers:

  • If Grella is acquired, merged, or sold
  • You will be notified and can choose to delete your data

4.3 What We Can and Cannot Provide

If we receive a legal request for data:

We CAN provide:

  • Encrypted data from our database (unusable without org key)
  • Audit logs showing access patterns (metadata only)
  • Account information (email, org name, timestamps)

X We CANNOT provide:

  • Decrypted messages or documents (we don't have org keys)
  • Plaintext content (cryptographically impossible without org passphrase)

Note: Organization admins control their own data. If they choose to provide their passphrase, they can decrypt their organization's data.

5. Audit Trails and Compliance

5.1 Audit Logging

We maintain detailed audit logs showing:

  • Who accessed what data and when
  • Administrative actions taken
  • Login attempts and authentication events
  • Data export and sharing activities
  • IP addresses and device information

Purpose: Security monitoring, compliance requirements, legal discovery, and organizational oversight.

5.2 Audit Log Retention

  • Active organizations: Audit logs retained for the lifetime of the account
  • Deleted organizations: Audit logs retained for 7 years after deletion
  • Individual users: Logs retained while organization exists, then 7 years after org deletion

Why 7 years: This meets legal, tax, regulatory, and compliance requirements for professional services industries.

5.3 Compliance Standards

Grella is designed to meet the requirements of:

  • GDPR (General Data Protection Regulation - EU)
  • CCPA (California Consumer Privacy Act - US)
  • Australian Privacy Principles (APPs)
  • SOC 2 security and availability principles

We are actively working toward formal certification and compliance validation.

6. Data Retention and Deletion

6.1 Individual User Account Deletion

  • Users can request account deletion at any time
  • User accounts are marked as "deleted" but data remains available to the organization
  • Organization admins retain access for compliance and legal purposes
  • Why: Organizations need to maintain records for legal, regulatory, and business requirements

6.2 Organization Deletion

  • Organization admins can permanently delete their entire organization
  • Encrypted data: Deleted immediately and permanently
  • Audit logs: Retained for 7 years (as described in section 5.2)
  • Account metadata: Retained for 7 years for legal/compliance purposes

6.3 Data You Can Export

Before deletion, you can export:

  • All your messages and conversations
  • Uploaded documents and files
  • Project data and workspace content
  • Complete audit trail of your organization's activity

7. Your Privacy Rights

7.1 Under Australian Privacy Principles (APPs)

You have the right to:

  • Access your personal information
  • Correct inaccurate or outdated information
  • Delete your account (subject to legal retention requirements)
  • Opt-out of marketing communications
  • Complain to the Office of the Australian Information Commissioner (OAIC)

7.2 Under GDPR (If Applicable)

If you're in the EU, you also have the right to:

  • Data portability (receive your data in a machine-readable format)
  • Restriction of processing in certain circumstances
  • Object to processing based on legitimate interests
  • Lodge a complaint with your local data protection authority

7.3 Under CCPA (If Applicable)

If you're a California resident, you have the right to:

  • Know what personal information we collect and how we use it
  • Request deletion of your personal information
  • Opt-out of the "sale" of personal information (we don't sell your data)
  • Non-discrimination for exercising your privacy rights

7.4 How to Exercise Your Rights

Contact us at [email protected] with:

  • Your full name and email address
  • The specific right you wish to exercise
  • Any relevant details to help us process your request

We will respond within 30 days of receiving your request.

8. International Data Transfers

8.1 Data Storage Location

Your data is stored on secure servers. While our primary operations are based in Australia, your encrypted data may be stored or processed in other jurisdictions to ensure service availability and performance.

8.2 Security of Transfers

Regardless of where data is stored:

  • ✔ All data remains encrypted with your organization's key
  • ✔ We cannot decrypt data in any jurisdiction
  • ✔ Standard Contractual Clauses (SCCs) protect EU data transfers
  • ✔ Appropriate safeguards are in place for all international transfers

9. Cookies and Tracking

9.1 Cookies We Use

We use cookies and similar technologies for:

  • Essential cookies: Required for login and core functionality
  • Analytics cookies: Understanding how you use our platform
  • Preference cookies: Remembering your settings and preferences

9.2 Your Cookie Choices

You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using certain features.

9.3 Do Not Track

We respect Do Not Track (DNT) browser signals for analytics and non-essential tracking.

10. Children's Privacy

Grella is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we discover that we have collected information from a child under 18, we will delete it immediately.

If you believe a child has provided us with personal information, please contact us at [email protected].

11. Security Measures

11.1 Technical Safeguards

  • End-to-end encryption for all sensitive data
  • Hardware Security Module (HSM) protection for encryption keys
  • Trusted Execution Environment (TEE) for secure processing
  • Regular security audits and penetration testing
  • Automated threat detection and monitoring

11.2 Organizational Safeguards

  • Strict access controls and authentication
  • Employee security training and background checks
  • Incident response procedures
  • Regular security policy reviews

11.3 Limitations

While we implement industry-leading security measures, no system is 100% secure. We cannot guarantee absolute security, but we commit to:

  • Notifying you of any data breach within 72 hours
  • Taking immediate steps to contain and remediate incidents
  • Providing detailed information about the nature and scope of any breach

12. Changes to This Privacy Policy

12.1 Updates

We may update this Privacy Policy from time to time to reflect:

  • Changes in our practices or services
  • Legal or regulatory requirements
  • User feedback and improvements

12.2 Notification

When we make significant changes:

  • ✔ We'll update the "Last Updated" date at the top
  • ✔ We'll notify you via email at least 30 days before changes take effect
  • ✔ We'll display a prominent notice in the application
  • ✔ Continued use after changes constitutes acceptance

12.3 Material Changes

For material changes that reduce your rights or significantly change how we handle your data, we will:

  • Obtain your explicit consent before the changes apply to you
  • Provide you the option to delete your account if you don't agree

13. Contact Us

13.1 Privacy Questions

If you have questions about this Privacy Policy or how we handle your data:

Email: [email protected]

Response Time: We aim to respond within 2 business days

13.2 Data Protection Officer

For GDPR-related inquiries, you can contact our Data Protection Officer at: [email protected]

13.3 Regulatory Authorities

You have the right to lodge a complaint with:

Australia: Office of the Australian Information Commissioner (OAIC)
Website: https://www.oaic.gov.au
Phone: 1300 363 992

EU: Your local data protection authority
Directory: https://edpb.europa.eu/about-edpb/board/members_en

14. Definitions

Organization: A company or entity that creates a Grella account and workspace.

Organization Admin: The person who manages an organization's Grella account, controls access, and holds the organization's encryption passphrase.

Encrypted Content: All messages, documents, files, and workspace data that is encrypted with your organization's encryption key.

Audit Logs: Records of who accessed what data and when, maintained for security and compliance purposes.

Zero-Knowledge Encryption: An architecture where Grella cannot access, read, or decrypt your content because we don't have your organization's encryption keys.

Personal Data: Any information that relates to an identified or identifiable individual.

By using Grella, you acknowledge that you have read, understood, and agree to this Privacy Policy.

This Privacy Policy was last updated on January 2, 2025 and is effective immediately.