← Back to Home

GREV LLC

Privacy Policy

Effective Date: March 28, 2026

GREV LLC is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share information when you use the GREV platform, including the website at grev.app, the GREV desktop agent, the GREV MCP server, and related services.

1. Information We Collect

1.1 Account Information

Email address, display name, and professional role.

1.2 Work Activity Data

Application names, window titles, browser URLs and domains, timestamps, duration, and system state (idle, sleep/wake).

1.3 What We Do NOT Collect

Keystrokes, mouse movements, screenshots (unless explicitly enabled), file contents, passwords, audio/video, clipboard contents, or email/message bodies.

1.4 Integration Data

If you connect external services (Google Calendar, GitHub, Slack), we collect structured metadata such as meeting titles and commit messages. We do not access full document or email content unless required by the integration and authorized by you.

1.5 Usage Data

Standard web analytics about how you interact with the GREV web application.

2. How We Use Your Information

  • To provide the Service: processing work data to generate work blocks, summaries, analytics, and feeds.
  • To power AI features: generating summaries and responses within the dashboard and MCP server.
  • To improve the Service: analyzing aggregate, anonymized patterns.
  • To communicate: account notifications and support.
  • To ensure security: detecting unauthorized access and abuse.

3. How We Share Your Information

We do not sell your personal data.

3.1 Within Your Workspace

Shared work blocks are visible to workspace members. Private data is never visible to others.

3.2 Via MCP Server

When you connect to a third-party AI assistant, that assistant can query your work data. You control this connection and can revoke it at any time.

3.3 Service Providers

  • Supabase (database, US)
  • Vercel (web hosting)
  • Cloudflare (MCP hosting)
  • Anthropic (AI model provider)

3.4 Legal Requirements

We may disclose data if required by law.

4. Data Storage and Security

Data is stored in the United States via Supabase. We use:

  • Encryption in transit (TLS/HTTPS)
  • Encryption at rest
  • SHA-256 hashing for agent keys
  • Row-level security policies

5. Data Retention

We retain data while your account is active. Request deletion at [email protected]. Data removed within 30 days of account deletion. Anonymized aggregate data may be retained indefinitely.

6. Your Rights and Controls

  • Access: View all data through the dashboard.
  • Sharing control: You choose what to share.
  • Blacklist: Exclude apps or domains from tracking.
  • Pause/stop: Control tracking anytime.
  • Disconnect: Revoke MCP connections.
  • Export: Request data export at [email protected].
  • Deletion: Request account deletion at [email protected].
  • GDPR/CCPA: Contact [email protected] to exercise additional rights.

7. Cookies

Essential cookies only for authentication and sessions. No advertising or cross-site tracking.

8. Children's Privacy

Not intended for users under 16. We do not knowingly collect data from children.

9. International Data Transfers

Data is processed in the United States. By using the Service, you consent to this transfer.

10. Changes

We may update this policy with notice via the website.

11. Contact

GREV LLC

Email: [email protected]

Website: https://grev.app