Skip to main content

Privacy Policy

Last updated: February 5, 2026

1. Data Controller

The controller of your personal data is:

GRANIZE LLC
447 Broadway, 2nd Floor, New York, US, 10013
Email: hello@granize.com

2. Data We Collect

We collect the following types of personal data:

2.1 Identification Data

  • Email address (for authentication and communication)
  • Profile information (name, if provided)

2.2 Conversation Data

When you use our AI agent service, we process and store:

  • Transcripts of real-time voice conversations
  • Audio processed through OpenAI Realtime API
  • Conversation context and exchanged messages
  • Conversation metadata (date, duration, tokens used)
  • Visitor identifiers (visitor_id) for session tracking

2.3 Technical Data

  • IP address
  • Browser and device information
  • Cookies and similar technologies (see our Cookie Policy)
  • Service usage data (pages visited, actions taken)

2.4 Project Data

  • AI agent configuration (name, voice, language, instructions)
  • Agent context and knowledge (information sources, documents)
  • Domains associated with your project

3. Legal Basis and Purpose of Processing

3.1 Contract Performance

We process your data to provide the AI agent service you have requested. This includes:

  • Processing conversations through OpenAI Realtime API
  • Storing conversations in our databases (Supabase)
  • Managing your account and projects
  • Processing payments and billing

3.2 Consent

With your explicit consent, we process:

  • Analytics cookies (Google Analytics) - you can withdraw your consent at any time
  • Marketing communications (if you subscribe)

3.3 Legitimate Interest

Based on our legitimate interest, we process data to:

  • Improve and optimize the service
  • Prevent fraud and ensure security
  • Aggregated statistical analysis (without personal identification)

4. Processing with OpenAI Realtime API

Important: To provide the AI agent service, we use OpenAI Realtime API, an artificial intelligence processing service operated by OpenAI, L.L.C. (United States).

4.1 Data Transferred to OpenAI

When you use our service, the following data is transferred and processed by OpenAI:

  • Real-time conversation audio
  • Voice-to-text transcripts
  • Conversation context and messages
  • Agent instructions and project knowledge

4.2 Purpose of Processing

OpenAI processes this data exclusively to provide the AI agent service you have requested. OpenAI does not use this data to train its models or for purposes other than providing the service.

4.3 International Transfer

Data is transferred to the United States, where OpenAI operates its servers. This transfer is made under appropriate safeguards established in the General Data Protection Regulation (GDPR):

  • Standard Contractual Clauses approved by the European Commission
  • OpenAI's commitment to data protection and GDPR compliance

4.4 Local Storage

In addition to processing by OpenAI, we store locally in our databases (Supabase, located in the EU):

  • Complete conversation transcripts (table conversation_messages)
  • Conversation metadata (table conversations)
  • Agent configuration and context

5. Data Retention

We retain your personal data for the following periods:

  • Account data: While your account is active and for 30 days after cancellation
  • Conversations: For 12 months from the last activity, or until you request deletion
  • Billing data: For the time required by applicable tax legislation (minimum 7 years in the US)
  • Cookies: As indicated in our Cookie Policy

You can request deletion of your data at any time by exercising your right to erasure (see section 7).

6. Sharing Data with Third Parties

We share your data with the following third parties:

6.1 Service Providers

  • OpenAI, L.L.C.: Conversation processing through Realtime API (see section 4)
  • Supabase: Data storage in databases (servers in the EU)
  • Google Analytics: Website usage analysis (only with your consent)
  • Payment providers: To process transactions (Stripe, etc.)

6.2 Legal Requirements

We may disclose your data if required by law, court order, or legal process, or to protect our rights, property, or safety, or that of our users.

7. Your Rights (GDPR/CCPA)

Under the General Data Protection Regulation and California Consumer Privacy Act, you have the following rights:

  • Right of access: You can request a copy of the personal data we have about you.
  • Right to rectification: You can request correction of inaccurate or incomplete data.
  • Right to erasure: You can request deletion of your personal data under certain circumstances.
  • Right to restriction of processing: You can request that we limit the processing of your data.
  • Right to data portability: You can request to receive your data in a structured and commonly used format.
  • Right to object: You can object to processing of your data based on legitimate interest.
  • Right to withdraw consent: You can withdraw your consent at any time (for cookies, marketing, etc.).

To exercise any of these rights, contact us at hello@granize.com. We will respond to your request within a maximum of 30 days.

You also have the right to file a complaint with your local data protection authority if you believe that the processing of your personal data violates applicable data protection laws.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of sensitive data at rest (API keys, tokens)
  • Two-factor authentication available
  • Restricted access to personal data only to authorized personnel
  • Regular security monitoring and audits

9. Children

Our service is not directed to children under 16 years of age. We do not knowingly collect personal data from children. If we discover that we have collected data from a child without parental consent, we will take steps to delete that information.

10. Changes to this Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. We recommend that you review this policy periodically.

11. Contact

If you have questions about this Privacy Policy or about the processing of your personal data, you can contact us at:

GRANIZE LLC
447 Broadway, 2nd Floor, New York, US, 10013
Email: hello@granize.com

← Back to home