Last Updated: November 7, 2025
Effective Date: November 7, 2025
Groxio.ai ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our marketing automation platform and services (the "Service").
This Privacy Policy applies to information we collect through the Service and in email, text, and other electronic communications between you and Groxio.ai.
1. Information We Collect
1.1 Information You Provide to Us
We collect information you voluntarily provide when using the Service:
| Category |
Examples |
| Account Information |
Name, email address, company name, billing address, phone number |
| Payment Information |
Credit card information, billing details (processed by third-party payment processors) |
| Profile Information |
User preferences, account settings, profile photo |
| Customer Data |
Contact lists, email addresses, campaign content, landing page content you upload or create |
| Communications |
Support requests, feedback, survey responses |
1.2 Information Automatically Collected
When you access the Service, we automatically collect:
- Usage Data: Pages viewed, features used, time spent, click patterns, campaign analytics
- Device Information: IP address, browser type, operating system, device identifiers
- Log Data: Access times, error logs, referring URLs
- Cookies and Tracking Technologies: See Section 4 for details
1.3 Information from Third Parties
We may receive information from:
- Data Providers: Business and consumer data for list building (Silvercrest, etc.)
- Email Service Providers: Delivery status, bounce rates, engagement metrics
- Payment Processors: Transaction confirmations, payment status
- Analytics Services: Aggregated usage statistics
2. How We Use Your Information
We use collected information for the following purposes:
2.1 To Provide and Maintain the Service
- Create and manage your account
- Process payments and transactions
- Send email campaigns on your behalf
- Generate landing pages and marketing content
- Provide customer support
- Monitor and improve Service performance
2.2 To Communicate with You
- Send Service-related notifications and updates
- Respond to your inquiries and support requests
- Send important notices about Terms of Service or Privacy Policy changes
- Provide marketing communications (with your consent)
2.3 To Improve and Develop the Service
- Analyze usage patterns and trends
- Develop new features and functionality
- Conduct research and analysis
- Test and optimize Service performance
2.4 For Security and Compliance
- Detect, prevent, and address fraud and security threats
- Monitor for violations of our Terms of Service
- Comply with legal obligations and regulations
- Protect our rights and property
3. Legal Bases for Processing (GDPR)
For users in the European Economic Area (EEA), we process personal data based on the following legal grounds:
- Contract Performance: To provide the Service you've subscribed to
- Legitimate Interests: To improve the Service, prevent fraud, and ensure security
- Legal Obligation: To comply with applicable laws and regulations
- Consent: For marketing communications and optional features (where required)
4. Cookies and Tracking Technologies
4.1 Types of Cookies We Use
| Cookie Type |
Purpose |
Duration |
| Essential Cookies |
Required for Service functionality (authentication, security) |
Session or 1 year |
| Analytics Cookies |
Help us understand how users interact with the Service |
Up to 2 years |
| Functional Cookies |
Remember your preferences and settings |
Up to 1 year |
| Performance Cookies |
Monitor Service performance and reliability |
Up to 1 year |
4.2 Managing Cookies
You can control cookies through your browser settings. Note that disabling essential cookies may limit Service functionality.
5. How We Share Your Information
We do not sell your personal information. We may share information in the following circumstances:
5.1 Service Providers
We share information with trusted third-party service providers who assist us in operating the Service:
- Email Service Providers: To send email campaigns (Mailgun, AWS SES)
- Cloud Infrastructure: To host data and applications (AWS, DigitalOcean)
- Payment Processors: To process subscription payments (Stripe, PayPal)
- Analytics Providers: To analyze Service usage
- Data Providers: To enable list building and data enrichment
These service providers are contractually obligated to protect your information and use it only for the purposes we specify.
5.2 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different Privacy Policy.
5.3 Legal Requirements
We may disclose your information if required to do so by law or in response to:
- Court orders, subpoenas, or other legal processes
- Government or regulatory requests
- Requests to enforce our Terms of Service
- Situations involving potential threats to safety or security
5.4 With Your Consent
We may share your information for other purposes with your explicit consent.
🔒 Customer Data: Your Customer Data (contact lists, campaigns) is NEVER shared with third parties for their own marketing purposes. It is used solely to provide the Service to you.
6. Data Security
We implement comprehensive security measures to protect your information:
6.1 Technical Safeguards
- Encryption: TLS/SSL encryption for data in transit
- Database Encryption: Encryption at rest for sensitive data
- Access Controls: Role-based access control (RBAC)
- Multi-Factor Authentication: Optional 2FA for enhanced security
- Regular Security Audits: Vulnerability assessments and penetration testing
6.2 Organizational Safeguards
- Employee training on data protection
- Limited access to personal data on a need-to-know basis
- Confidentiality agreements with employees and contractors
- Incident response procedures
6.3 Multi-Tenant Isolation
We implement strict tenant isolation to ensure your data is separated from other customers' data at the database and application levels.
⚠️ Security Notice: While we implement strong security measures, no method of transmission over the Internet is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.
7. Data Retention
We retain your information for as long as necessary to provide the Service and comply with legal obligations:
| Data Type |
Retention Period |
| Account Information |
Duration of account + 30 days after termination |
| Customer Data |
Until deleted by you or 30 days after account termination |
| Payment Records |
7 years (for tax and accounting purposes) |
| Usage Logs |
90 days |
| Campaign Analytics |
2 years or until account termination |
| Support Communications |
3 years |
8. Your Privacy Rights
8.1 General Rights (All Users)
- Access: Request a copy of the personal data we hold about you
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your personal data
- Opt-Out: Unsubscribe from marketing communications
8.2 GDPR Rights (EEA Users)
If you are located in the EEA, you have additional rights under GDPR:
- Right to Rectification: Correct inaccurate personal data
- Right to Erasure: Request deletion ("right to be forgotten")
- Right to Restriction: Limit how we process your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
- Right to Lodge a Complaint: File a complaint with your local data protection authority
8.3 CCPA Rights (California Residents)
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):
- Right to Know: Request disclosure of personal information collected, used, and shared
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt-out of the "sale" of personal information (we do not sell personal information)
- Right to Non-Discrimination: Exercise your rights without discrimination
8.4 How to Exercise Your Rights
To exercise any of these rights, contact us at:
We will respond to your request within 30 days (or as required by applicable law).
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from those in your country.
When we transfer personal data from the EEA to other countries, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions by the European Commission
- Other legally compliant transfer mechanisms
10. Children's Privacy
The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@groxio.ai.
11. California "Shine the Light" Law
California Civil Code Section 1798.83 permits California residents to request information about our disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.
12. Do Not Track Signals
Some browsers have a "Do Not Track" feature that signals websites you visit that you do not want to have your online activity tracked. The Service does not currently respond to "Do Not Track" signals.
13. Third-Party Links and Services
The Service may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information to them.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify you via email (for material changes)
- Display an in-app notification
Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.
15. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Groxio.ai
Data Protection Officer
Email: privacy@groxio.ai
Email: support@groxio.ai
Website: https://groxio.ai
16. Supervisory Authority
If you are located in the EEA and have concerns about our data processing practices that we have not adequately addressed, you have the right to lodge a complaint with your local data protection authority.
🔐 Your Privacy Matters: We are committed to transparency and protecting your privacy. If you have any questions or concerns, please don't hesitate to contact us.