grith.ai
Draft — pending legal review. This document describes Field-Logic Ltd's intended practices but has not yet been signed off by counsel. It is not binding until that review is complete and this banner is removed. Questions: legal@grith.ai.

Privacy Policy

How Field-Logic Ltd handles personal data through grith.ai and the grith product.

Last updated:

1. Who we are

This Privacy Policy is published by Field-Logic Ltd ("Field-Logic", "we", "us"), a company registered in England and Wales, trading as grith. We are the data controller for the personal data described in this policy.

Contact for privacy / data-protection enquiries: privacy@grith.ai.

2. What this policy covers

This policy describes how we handle personal data when you:

  • visit grith.ai or docs.grith.ai;
  • create a grith account or sign in via GitHub;
  • subscribe to a paid tier through Polar;
  • email us, fill in the contact form, or report a vulnerability;
  • run the grith product with cloud-sync features enabled.

The grith product itself runs locally on your machine. Most data processing — proxy evaluations, audit logs, supervisor traces — stays on your device unless you explicitly enable a feature that sends data to our servers (see section 5. Product telemetry and cloud sync).

3. What we collect and why

3.1 Website visitors (anonymous)

  • Server logs — IP address, user-agent, requested URL, referrer, timestamp. Retained for up to 30 days for security and abuse-prevention purposes. Lawful basis: legitimate interests (operating and securing the service).
  • PostHog analytics — anonymous usage events (page views, navigation paths, feature interactions) only if you accept non-essential cookies. We use PostHog's EU region (eu.i.posthog.com). See our Cookie Policy for the cookie names and retention. Lawful basis: consent.
  • Consent state — your cookie-banner choice is stored in your browser's localStorage ascookie_consent (value yes / no). This is essential and never leaves your device.

3.2 Account holders

When you create an account:

  • Email address — required for sign-in, transactional email (verification, licence delivery, billing), and support correspondence. Lawful basis: contract.
  • Name and avatar — only if you sign in via GitHub OAuth. We receive your public GitHub profile (name, username, avatar URL, primary email). Lawful basis: contract.
  • Authentication tokens — issued and managed by Better Auth, stored server-side and as a secure session cookie in your browser.
  • Encrypted LLM provider keys — if you store OpenAI / Anthropic / OpenRouter / Ollama keys in your grith account, they are encrypted at rest with AES-256-GCM using a key derived from a server-held master secret. Plaintext keys are never logged. Lawful basis: contract.

3.3 Paid subscribers

Payment is processed by Polar; we do not see or store your card details. From Polar we receive and store the subscription ID, tier, status, billing email, and subscription lifecycle events (created, renewed, cancelled, refunded). Lawful basis: contract.

3.4 Contact / support correspondence

If you email us or use the contact form, we hold the contents of your message together with your email address for as long as the enquiry remains open, plus a reasonable backlog period (typically 24 months). Lawful basis: legitimate interests (handling and improving customer support) or consent.

3.5 Product telemetry and cloud sync

The grith product supports optional features that send data to our servers:

  • Audit pipeline (Pro / Team / Enterprise) — when enabled, condensed audit records (tool-call evaluations, decisions, scores; not the underlying file or network payloads) are pushed to our backend for cross-device review and team-level reporting. Configurable per-session and can be disabled at any time.
  • Update checks — the daemon may query the public GitHub Releases API to check for new versions. This reveals your IP and user-agent to GitHub; we receive no data from this call.
  • License validation (Pro / Team / Enterprise) — periodic signed-licence checks against our backend. We log your account ID and the timestamp.

Where features are explicitly opt-in or opt-out, the lawful basis is contract (delivering the feature you chose to use); where they support security and abuse prevention the basis is legitimate interests. Local-only usage of the open-source product never sends data to our servers.

4. Sub-processors

We rely on the following processors to deliver the service. Each is bound by a data-processing agreement and operates within the regions stated.

ProcessorPurposeRegion
Amazon Web Services (Amplify, RDS, S3, SES)Hosting, database, email deliveryeu-north-1 (Stockholm)
PolarPayment processing and subscription managementEU / US (per Polar's sub-processor list)
PostHogProduct analytics (consent-gated)EU (Frankfurt)
GitHub (Microsoft)OAuth identity provider; source-hostingUS
CloudflareCDN / DDoS mitigation in front of grith.aiGlobal edge

We will give at least 30 days' notice before introducing a new sub-processor that materially changes how personal data is handled.

5. International transfers

Where personal data is transferred outside the UK / EEA (for example to GitHub or to Polar's US infrastructure), the transfer is covered either by an adequacy decision or by the UK International Data Transfer Addendum / EU Standard Contractual Clauses with appropriate supplementary measures.

6. How long we keep your data

  • Server logs: up to 30 days.
  • PostHog analytics: 12 months, then aggregated.
  • Account data: while your account is active, plus 90 days after deletion (for legitimate-interest review; longer if required by law).
  • Billing records: 7 years (UK tax / VAT requirement).
  • Support correspondence: 24 months.
  • Audit-pipeline data (Pro+): per the retention you configure, default 90 days.

7. Your rights

Under UK GDPR you have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate data;
  • erase your data (subject to legal-retention exceptions);
  • restrict or object to processing;
  • data portability (receive a copy in a machine-readable format);
  • withdraw consent at any time, where consent is the lawful basis;
  • lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority.

Email privacy@grith.ai to exercise any of these rights. We aim to respond within 30 days.

8. How we protect your data

Technical and organisational measures we take:

  • TLS in transit for all public endpoints.
  • Encryption at rest for stored secrets (provider keys, license signing key).
  • Hashed-and-salted passwords (where used); session tokens issued and rotated by Better Auth.
  • Secret material kept in a managed password vault, not on developer disks.
  • Audit logging on production database access.
  • Annual review of sub-processors and contracts.

If we become aware of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where the risk is high, notify affected users without undue delay.

9. Children

The grith service is not directed at children under 16. We do not knowingly collect personal data from children.

10. Changes to this policy

We may update this policy when our practices change or when legal requirements evolve. Material changes will be announced on this page and (for account holders) by email at least 30 days before they take effect. The "Last updated" date at the top of this page always reflects the current version.

11. Contact

Field-Logic Ltd, registered in England and Wales. Privacy enquiries: privacy@grith.ai. Other legal matters: legal@grith.ai. Security vulnerabilities — please follow our Security Policy rather than emailing privacy@.

© 2026 grith. All rights reserved.

Product names and logos are trademarks of their respective owners. Their use indicates compatibility, not endorsement.