Privacy Policy

Last Updated: April 27, 2026

This Privacy Policy describes how Growth Metrics Technologies Private Limited ("Company," "We," "Us,"

or "Our") collects, uses, stores, and discloses your information when you use the Grocliq software

platform ("Service"). It also explains your privacy rights and how the law protects you.

By using the Service, you agree to the collection and use of information in accordance with this Privacy

Policy.

Interpretation and Definitions

Interpretation

Words with initial capital letters have meanings defined below. These definitions apply whether they

appear in singular or plural form.

Definitions

Account means a unique account created for you to access our Service.

Company (referred to as "the Company," "We," "Us," or "Our") refers to Growth Metrics Technologies

Private Limited, with its registered address at WeWork, Platina Tower, Gurugram, Haryana 122002,

India.

Cookies are small files placed on your device by a website, containing details of your browsing history

and preferences.

Country refers to India.

Customer Data means all data, content, and information you upload, submit, or collect via the Service,

including leads, contacts, messages, and content you create.

Device means any device that can access the Service, such as a computer, mobile phone, or tablet.

Personal Data means any information that relates to an identified or identifiable individual.

Service refers to the Grocliq software platform, including the website

at https://grocliq.ai and https://app.grocliq.ai, and all related features, tools, and services.

Service Provider means any third-party company or individual employed by the Company to facilitate

the Service, perform services on our behalf, or assist in analyzing how the Service is used.

Software means the Grocliq cloud-based software application, including Lily (AI content writing), Growli

(SEO analysis), Sam (social media management), Leo (lead management and WhatsApp), and Mo (media

generation).

Third-Party Products refers to external services that integrate with the Service, including Meta

(Facebook, Instagram, WhatsApp), LinkedIn, Google Search Console, Google Cloud, and Stripe.

Usage Data refers to data collected automatically, either generated by your use of the Service or from

the Service infrastructure itself.Website refers to Grocliq, accessible from https://grocliq.ai

You means the individual or legal entity accessing or using the Service.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using our Service, we may ask you to provide personally identifiable information, including but

not limited to:

 Email address

 First name and last name

 Company/organization name

 Phone number (optional)

 Billing address and payment information (for paid subscriptions)

Account and Authentication Data

When you create an account or log in via third-party services, we collect:

 Login credentials (password stored in hashed form)

 Authentication tokens from third-party OAuth providers

 Account preferences and settings

Social Media Connection Data (Meta, LinkedIn)

When you connect third-party social media accounts through Sam or Leo, we collect and process:

Meta (Facebook, Instagram)

 Basic profile information (name, email if provided)

 List of Facebook Pages you manage (Page ID, Page name)

 Instagram Business account identifiers

 Access tokens required to publish content on your behalf (stored securely, encrypted)

LinkedIn

 Basic profile information via OpenID Connect (name, email, profile picture)

 Access tokens required to publish content on your behalf

We do not collect your social media passwords. All connections use OAuth provided by the third-party

platforms.Lead Ads Data (Leo)

When you connect Facebook Pages for Lead Ads through Leo, we collect:

 Facebook Page identifiers and access tokens

 Lead form submissions from your connected Pages, including:

 Lead name

 Lead email address

 Lead phone number

 Any custom fields included in your Lead Ad forms

 Form submission timestamp

 Lead Ad form identifier

This data is collected via Meta's Lead Ads API when leads submit forms on your Facebook Pages. We

store this data in your workspace to power Leo's CRM and lead management features.

WhatsApp Business Data (Leo)

When you connect a WhatsApp Business number through Leo, we collect:

 WhatsApp Business Account (WABA) ID

 Phone number ID and display phone number

 Business verified name

 Access tokens (stored securely, encrypted)

 Inbound and outbound WhatsApp message content

 Message timestamps and delivery status

 Customer phone numbers and display names from conversations

This data is used to send and receive WhatsApp messages on your behalf and display conversation

history in Leo's inbox.

Google Search Console Data (Growli)

When you connect Google Search Console, we collect:

 Search performance data (impressions, clicks, average position, CTR)

 Search queries and landing pages

 Indexing status and coverage data

 Sitemap informationWe access this data in read-only mode. We do not modify your Search Console settings.

AI-Generated Content Data (Lily, Mo)

When you use AI content generation features:

 We process your prompts and instructions to generate content

 Generated content is stored in your account

 We may use anonymized, aggregated usage patterns to improve AI features

 We do not use your specific content to train AI models without your explicit consent

Usage Data

Usage Data is collected automatically when using the Service, including:

 Device Internet Protocol (IP) address

 Browser type and version

 Pages visited and features used within the Service

 Time and date of visits

 Time spent on pages

 Unique device identifiers

 Operating system

 Referring URLs

 Error logs and diagnostic data

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

 Maintain your session and authentication state

 Remember your preferences

 Analyze Service usage and performance

 Improve and optimize the Service

Types of Cookies We Use:

Cookie Type Purpose Duration

Essential/Session Authentication, security, core functionality SessionCookie Type Purpose Duration

Preference Remember settings, language, login state Persistent

Analytics Understand usage patterns, improve Service Persistent

You can instruct your browser to refuse cookies, but some Service features may not function properly

without them.

Use of Your Personal Data

We use your Personal Data for the following purposes:

To Provide and Maintain the Service

 Create and manage your account

 Process subscriptions and payments

 Deliver the features you use (content creation, publishing, SEO analysis, lead management,

messaging)

To Enable Third-Party Integrations

 Connect your social media accounts via OAuth

 Publish content to connected platforms when you request it

 Receive and store Lead Ad submissions from your Facebook Pages

 Send and receive WhatsApp messages on your behalf

 Retrieve search performance data from Google Search Console

To Communicate With You

 Send service-related notifications (security alerts, feature updates, maintenance notices)

 Respond to support requests

 Send product updates and offers (where permitted by law and your preferences)

To Improve the Service

 Analyze usage patterns and feature adoption

 Identify and fix bugs and performance issues

 Develop new features

 Conduct research and analytics (using aggregated, anonymized data)

For Security and Compliance Detect and prevent fraud, abuse, and security threats

 Enforce our Terms of Service

 Comply with legal obligations

For Business Operations

 Process business transfers (merger, acquisition, sale)

 Manage billing and payments via Stripe

Sharing of Your Personal Data

We may share your Personal Data in the following situations:

With Service Providers We share data with trusted third-party providers who help us operate the

Service, including:

 Cloud hosting providers (for data storage and processing)

 Payment processors (Stripe, for billing)

 Email service providers (for transactional emails)

 Analytics providers (for usage analysis)

All Service Providers are bound by contractual confidentiality and security obligations.

With Third-Party Platforms We share data with platforms you connect, as necessary to provide features

you request:

 Meta (Facebook, Instagram, WhatsApp): To authenticate, publish content, receive leads, and

send messages

 LinkedIn: To authenticate and publish content

 Google: To access Search Console data

For Business Transfers If we are involved in a merger, acquisition, or asset sale, your Personal Data may

be transferred. We will provide notice before such transfer occurs.

With Your Consent We may share your information for any other purpose with your explicit consent.

For Legal and Safety Reasons We may disclose your data:

 To comply with legal obligations or valid legal requests

 To enforce our Terms of Service and agreements

 To protect the rights, property, or safety of the Company, our users, or the public

 To prevent fraud, abuse, or security threats

We Do Not Sell Your Personal Data.Data Retention

We retain your Personal Data only as long as necessary for the purposes described in this Privacy Policy:

Account Data: Retained while your account is active and for a reasonable period afterward to comply

with legal obligations.

Customer Data (leads, messages, content): Retained until you delete it, disconnect integrations, or

delete your account, unless retention is required by law.

Access Tokens: Retained only while integrations are active. Deleted when you disconnect accounts or

delete your account.

Usage Data: Generally retained for shorter periods for analytics, unless needed for security or legal

purposes.

Backup Data: May be retained in backups for a limited period and deleted in the normal course of

backup rotation.

Upon account deletion or written request, we will delete your Personal Data within 30 days, except

where retention is required by law.

Data Security

We implement appropriate technical and organizational measures to protect your Personal Data,

including:

 Encryption of data in transit (HTTPS/TLS)

 Encryption of sensitive data at rest (access tokens, passwords)

 Access controls and authentication requirements

 Regular security assessments

 Secure cloud infrastructure

However, no method of transmission over the Internet or electronic storage is 100% secure. While we

strive to protect your data, we cannot guarantee absolute security.

Your Privacy Rights

Depending on your location, you may have the following rights:

Access: Request a copy of the Personal Data we hold about you.

Correction: Request correction of inaccurate or incomplete data.

Deletion: Request deletion of your Personal Data (subject to legal retention requirements).

Portability: Request your data in a portable format.

Objection: Object to certain processing of your data.

Withdraw Consent: Withdraw consent where processing is based on consent.Revoke Third-Party Access: Disconnect connected accounts at any time from your account settings or

via the third-party platform's settings (e.g., Facebook Business Settings).

To exercise these rights, contact us at fin@grocliq.com. We will respond within 30 days.

International Data Transfers

Your information may be transferred to and processed in countries other than your own, including India

and other locations where our Service Providers operate.

We take steps to ensure your data is treated securely and in accordance with this Privacy Policy,

including using appropriate contractual protections where required.

Children's Privacy

Our Service is not intended for anyone under the age of 18. We do not knowingly collect Personal Data

from children under 18. If you are a parent or guardian and believe your child has provided Personal

Data, contact us and we will delete it.

Third-Party Links and Services

Our Service may contain links to third-party websites or services not operated by us. We are not

responsible for the privacy practices of these third parties. We encourage you to review their privacy

policies.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of changes by:

 Posting the updated policy on this page

 Updating the "Last Updated" date

 For material changes, sending email notification or displaying a prominent notice in the Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated

Privacy Policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us:

Email: fin@grocliq.com

Website: https://grocliq.ai

Growth Metrics Technologies Private Limited

WeWork, Platina Tower

Gurugram, Haryana 122002

India

Document History: April 27, 2026 — Updated to include Lead Ads, WhatsApp, and comprehensive data handling

disclosures

 January 23, 2026 — Initial publication