Legal
Privacy Policy
Gruplly is built for creators running communities, courses, and paid access. This policy explains what information we handle, why we handle it, and the systems involved.
Information we collect
We collect account details such as name, email address, username, avatar, and authentication metadata. When creators configure groups, we also store workspace content such as descriptions, channels, courses, media, invites, and membership records.
Billing and payments
Payment processing is handled by Stripe. Gruplly does not store raw card numbers or full payment credentials. We store the minimum billing and subscription information needed to confirm membership, grant access, and support account operations.
Authentication and infrastructure
Authentication is handled through Supabase. Product data is stored in PostgreSQL through Prisma. Uploaded assets may be stored in connected object storage. Operational emails may be delivered through Resend or equivalent providers configured by Gruplly.
How we use data
We use data to operate accounts, authenticate users, power communities and courses, process paid access, prevent abuse, and improve product reliability. We do not sell personal information.
Retention and access
We retain information for as long as necessary to operate the product, meet legal obligations, resolve disputes, and support legitimate business records. If you need help with data access, correction, or deletion, contact the Gruplly team through the support channel associated with your deployment.
Policy updates
We may update this policy as the product evolves. Material changes should be reflected on this page before they are relied on in public launch communication.