Privacy Policy

Last updated: April 29, 2026

1. What we collect

When you join the waitlist or start a free scan, we collect your email address and authentication details needed to sign you in. If you continue into scanning, we may process the scalp photo you provide and scan-result data needed to generate your result.

2. How we use your data

• To send your sign-in link and product updates you requested.
• To provide the free scan, result, six-month projection, and future app access.
• To improve reliability, understand funnel performance, and prevent abuse.

3. Data storage

Your data is stored securely on Supabase (hosted on AWS, EU/US regions) with encryption at rest and in transit. We follow industry-standard security practices.

4. Data sharing

We never sell or rent your personal data. We share data only with service providers needed to operate Grald, such as hosting, authentication, email delivery, abuse prevention tools such as Cloudflare Turnstile, analytics tools such as Mixpanel, and error monitoring tools such as Sentry.

5. Your rights

You may request deletion of your data at any time by emailing privacy@grald.app. We will process your request within 30 days.

6. Cookies

Our waitlist page may use localStorage for theme preferences and analytics identifiers. We do not use third-party advertising cookies at this time.

7. Future app usage

As Grald expands beyond the waitlist, scalp photos and scan results may be stored so you can compare progress over time. We will update this policy before adding materially different app data uses.

8. Contact

For questions about this policy, email privacy@grald.app.

9. Changes

We may update this policy as we approach launch. Material changes will be communicated via the email address you provided.