Back to Home
Legal

Privacy Policy

Last Updated:
August 18, 2025
Effective Date:
August 18, 2025

1. Introduction

This Privacy Policy ("Policy") explains how FlatGrad ("Company," "we," "us," or "our") collects, uses, shares, sells, retains, and protects information when you access or use our website, mobile applications, platforms, and related services (collectively, the "Platform").

By using the Platform, you acknowledge that you have read, understood, and agree to the terms of this Policy. If you do not agree, you must immediately discontinue use.

2. Definitions

  • Personal Data: Information that identifies or can reasonably identify a natural person (e.g., name, email, phone number, device ID).
  • Non-Personal Data: Aggregated, anonymized, or de-identified data not linked to a specific user.
  • Processing: Any operation performed on data (collection, storage, profiling, sharing, sale).
  • Sale: Disclosure of Personal Data in exchange for monetary or other valuable consideration (per CCPA).
  • Cookies/Trackers: Files, scripts, or technologies used for analytics, personalization, advertising, and functionality.

3. Categories of Data We Collect

We may collect the following categories of information:

  • Account Information – Name, username, password, email, profile details.
  • Contact Information – Phone number, mailing address, social media handles.
  • Financial Information – Payment data (processed via third-party providers), billing history, transaction records.
  • Technical Data – IP address, device IDs, browser/OS, cookies, session replays, heatmaps, clickstream.
  • Usage Data – Login times, searches, preferences, interactions, error reports.
  • Location Data – Approximate or precise geolocation (when enabled).
  • Communications – Emails, chats, posts, messages.
  • Behavioral Data – Profiles, inferences, interests, engagement patterns.
  • Third-Party Data – Data from partners, advertisers, analytics providers, and data brokers.

4. How We Collect Data

  • Directly: When you sign up, fill forms, upload, transact, or contact us.
  • Automatically: Through cookies, pixels, SDKs, replays, and analytics.
  • From Third Parties: Business partners, advertisers, social logins, data vendors.
  • Combined: We may link data across devices, sessions, and sources.

5. Use of Data

We use collected data to:

  • Operate, maintain, and improve the Platform.
  • Personalize experiences, recommendations, and advertising.
  • Process payments and verify accounts.
  • Conduct analytics, profiling, and targeted marketing.
  • Detect, prevent, and respond to fraud, abuse, and illegal conduct.
  • Enforce our Terms of Service.
  • Comply with legal/regulatory obligations.

6. Sharing & Disclosure

We may share or sell data with:

  • Service Providers – Hosting, analytics, cloud, marketing, and payments.
  • Business Partners – Advertisers, affiliates, sponsors, researchers.
  • Law Enforcement & Regulators – As required by law or to protect rights/safety.
  • Corporate Transactions – In mergers, acquisitions, or restructuring.
  • Other Users – Information you choose to make public.

We disclaim liability for misuse of your data by third parties.

Third-Party Downstream Use.Once Personal Data is disclosed to a third party (including advertisers, analytics providers, affiliates, or data brokers), its subsequent use and disclosure are governed by that third party's privacy policy. We do not control, and disclaim responsibility for, third-party processing after disclosure or sale.

7. Sale of Personal Data

IMPORTANT: DATA MONETIZATION DISCLOSURE

Where permitted by law, we may sell Personal Data to advertisers, affiliates, or data brokers. You may have rights to opt-out under applicable law.

Opt-Out Mechanism.You may opt-out of the sale or sharing of your Personal Data at any time via our "Do Not Sell or Share My Personal Information" link available in the footer of our website and within account settings.

8. Cookies & Tracking

We use multiple tracking technologies for:

  • Necessary – Authentication, security, prevention of fraud.
  • Functional – Saving settings, preferences.
  • Analytics – Performance, behavior, site improvements.
  • Advertising – Retargeting, affiliate tracking, personalization.

We do not respond to "Do Not Track" signals.

Consent Tool. Where required by law, we provide a cookie consent banner or preferences center enabling you to accept, reject, or customize non-essential cookies.

9. Data Retention

We retain information as long as necessary for business and legal purposes:

  • Account data: Until deletion + applicable retention period.
  • Transactions: Minimum 7 years for compliance.
  • Logs/communications: At least 2 years.
  • Backups: May persist beyond deletion.

10. Security

We implement technical, administrative, and physical safeguards (encryption, access controls, monitoring). No system is 100% secure. Users are responsible for safeguarding their credentials and devices.

Liability Cap. To the maximum extent permitted by law, our liability under this Policy is limited to one hundred U.S. dollars (US$100) or the amount you paid to FlatGrad in the twelve (12) months prior to the claim, whichever is greater.

11. Children's Data

We do not knowingly collect data from children under 13 (or under 16 in some jurisdictions). If discovered, such data will be deleted.

12. International Transfers

By using the Platform outside the U.S., you consent to transfer and storage in the United States. Protections may differ from those in your jurisdiction.

Transfer Safeguards. When transferring Personal Data outside your jurisdiction, we rely on appropriate safeguards (such as the EU Standard Contractual Clauses or other approved transfer mechanisms) and implement additional technical and organizational measures where appropriate.

13. Your Rights

Depending on jurisdiction (e.g., GDPR, CCPA, CPRA, PIPEDA), you may have rights to:

  • Access, correct, or delete your data.
  • Request data portability.
  • Opt-out of targeted advertising or sale of data.
  • Restrict or object to certain processing.
  • Withdraw consent at any time (where applicable).

Requests must be submitted to team@flatgrad.com with subject line: Privacy Policy Request.

Request Timelines & Verification. We respond to verifiable requests within the timeframes required by applicable law (e.g., generally 30–45 days, with allowable extensions). We will take reasonable steps to verify your identity before acting on a request.

Authorized Agents (California). You may designate an authorized agent to submit requests on your behalf; we may require proof of authorization and verification of your identity.

Appeal Process (where required by law).If we decline to act on your request, you may appeal by replying to our response with "Appeal" in the subject line. We will inform you in writing of any action taken or not taken in response to your appeal and the reasons for our decision.

Exercise Your Rights: To opt-out of the sale or sharing of your personal data, or to submit other privacy requests, click below:

Do Not Sell or Share My Personal Information

14. California Privacy Rights (CCPA/CPRA)

California residents may:

  • Request categories of data collected, sold, or shared.
  • Request deletion of personal data.
  • Opt-out of sale/sharing of data.
  • Exercise rights without discrimination.

We provide a "Do Not Sell My Personal Information" link where required.

15. EU/UK Data Protection (GDPR/DPA)

  • Legal bases: consent, contract, legal obligation, legitimate interests.
  • Users may lodge complaints with their supervisory authority.
  • Transfers rely on Standard Contractual Clauses (SCCs) or similar mechanisms.

16. Automated Decision-Making & Profiling

We may use algorithms, machine learning, or profiling to personalize content, moderate activity, detect fraud, and serve ads. You may request human review of significant automated decisions.

17. Third-Party Services & Links

The Platform integrates with or links to third-party services (e.g., Google, payment processors, advertisers). Their privacy practices are outside our control.

18. Liability Disclaimer

To the fullest extent permitted by law:

  • We are not liable for unauthorized access, breaches, or misuse by third parties.
  • We are not liable for user negligence (weak passwords, unsafe devices, etc.).
  • Use of the Platform and disclosure of information is at your own risk.

19. Dispute Resolution & Waiver

All disputes under this Policy are subject to Binding Arbitration, Class Action Waiver, and Governing Law as in our Terms of Service. By accepting, you waive your right to sue us in court (except where law requires).

20. Changes to this Policy

We may update this Policy at any time. Material changes will be posted with at least 30 days' notice. Continued use constitutes acceptance.

21. Contact Information

FlatGrad

Email: team@flatgrad.com

Subject Line: Privacy Policy Inquiry

Response Time: Within 5 business days

© 2025 FlatGrad. All rights reserved.

22. "Do Not Sell or Share My Personal Information" Requests

California and certain other state residents may opt-out of the sale or sharing of Personal Data. You may submit an opt-out via our footer link, the in-app settings link, or by emailing team@flatgrad.comwith subject line "Do Not Sell or Share My Personal Information". We will honor your preference and record your choice as required by law.