Privacy Policy

This Privacy Policy explains how GRVTY LTD(“GRVTY,” “we,” “us”) collects, uses, retains, and protects information when you visit grvty.ltd, contact us, or interact with content we publish or manage through third-party platforms such as LinkedIn and X.

GRVTY LTD is a British Virgin Islands company registered at Intershore Chambers, Road Town, Tortola, British Virgin Islands VG1110. For any privacy question or request, contact us at hello@grvty.ltd.

1. Information We Collect

Information you provide

When you email us, book a call, or otherwise reach out, we collect the information you choose to share — typically name, email address, company, and the content of your message.

Information collected automatically

When you visit grvty.ltd, our hosting and analytics providers may log standard technical information such as IP address, user agent, referring URL, pages viewed, and approximate location derived from IP. We use this information to operate the site, measure aggregate traffic, and detect abuse. We do not use this data to build advertising profiles.

Information from LinkedIn (Marketing & Community Management APIs)

GRVTY uses LinkedIn’s Marketing Developer Platform, including the Community Management API, to manage and engage with content on the official GRVTY company page and on a personal LinkedIn profile operated by GRVTY’s principal, in each case only where the page or profile owner has authorized GRVTY through LinkedIn’s OAuth flow. With that authorization in place, we may access:

• Posts, comments, and replies on the authorized pages
• Reactions, share counts, and other engagement metrics on those posts
• Direct messages and conversation threads sent to or from those pages
• Public profile information of LinkedIn members who have engaged with those pages (member URN, name, headline, profile URL)
• Page-level analytics and aggregate audience demographics

We access this information only to perform community-management actions the page owner has asked us to perform — publishing content, moderating and replying to comments, responding to messages, and reporting on performance. We do not use LinkedIn data to build advertising audiences outside of LinkedIn, and we do not combine LinkedIn member data with data from other sources to identify individuals beyond what LinkedIn itself permits.

2. How We Use Information

• Operate, maintain, and improve grvty.ltd
• Respond to inquiries and deliver services we’ve agreed to provide
• Publish, schedule, and moderate content, and reply to comments and messages on authorized LinkedIn pages
• Generate aggregate engagement and performance reports for page owners
• Comply with legal obligations and enforce our Terms of Service

We do not sell personal information. We do not use LinkedIn member data to train artificial intelligence or machine-learning models.

3. How We Share Information

We share information only as needed to operate the service:

• Service providers who host our website, run analytics, send email, store files, or otherwise process data on our behalf under written confidentiality and data-protection terms.
• Page owners we represent, who receive engagement data, reports, and message context relating to their own LinkedIn pages.
• LinkedIn, when we publish, edit, or delete content through its API on behalf of an authorized page.
• Legal and safety, where disclosure is required by law or necessary to investigate fraud, abuse, or threats to security.
• Successors in a transaction, in the event of a merger, acquisition, or sale of assets, subject to this Policy.

4. Data Retention

We keep information only for as long as it serves a defined purpose, then delete or anonymize it. The table below explains how long we retain each category and why.

• Inquiry emails, business correspondence, and contact records: up to seven (7) years after the last interaction. We retain these to maintain continuity of business relationships, comply with tax and accounting record-keeping obligations, and meet our obligations under the laws of the British Virgin Islands and any jurisdictions in which we do business.
• Website analytics: up to twenty-six (26) months in identifiable form (matching the standard maximum window of common analytics platforms). Aggregated and anonymized metrics may be kept longer for trend analysis and benchmarking.
• LinkedIn post, comment, and direct-message content:up to twenty-four (24) months from the date of the interaction. We retain this for campaign reporting, year-over-year performance analysis, conversation context with recurring members of an authorized page’s audience, and for responding to subsequent comments or messages on the same thread. After that period, raw content is deleted from our active systems unless the page owner has separately requested longer retention for a specific service.
• LinkedIn member identifiers (member URNs, profile URLs, names, headlines): retained for up to twenty-four (24) months from the most recent interaction with that member, in order to provide continuous community management on behalf of the authorized page (recognizing returning commenters, maintaining conversation history, attributing engagement). Identifiers tied to a single, one-off interaction are purged within sixty (60) days where no further engagement occurs.
• Page-level analytics and aggregate audience demographics: up to thirty-six (36) months for identifiable per-period reports; aggregated and anonymized analytics may be retained on an ongoing basis.
• Authorization, audit, and access logs:up to seven (7) years. We retain a record of which pages were authorized, when, by whom, and what API actions were taken, in order to demonstrate accountable use of LinkedIn’s APIs, investigate security incidents, and meet legal record-keeping obligations.
• Aggregated and anonymized engagement metrics: may be retained on an ongoing basis for reporting, benchmarking, and product improvement, provided the data cannot reasonably be used to re-identify a LinkedIn member.
• Backups: data may persist in encrypted, access-controlled backups for up to ninety (90) days after deletion from active systems, after which backups are rotated out and overwritten.

If you authorize GRVTY to manage your LinkedIn page or profile and later revoke that authorization (whether through LinkedIn’s OAuth controls or by contacting us directly), we will stop accessing your data through the API immediately and will delete data we hold about that page from our active systems within sixty (60) days, except where retention is required by law, by LinkedIn’s API Terms of Use, or for the establishment, exercise, or defense of legal claims.

We will also delete or anonymize information sooner than the periods above when a LinkedIn member exercises a valid deletion right and that right applies to data we hold, or when LinkedIn instructs us to delete data under its API Terms.

5. Your Rights

Depending on where you live, you may have rights under the UK GDPR, EU GDPR, California Consumer Privacy Act, or similar laws to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete information
• Delete personal information, subject to legal exceptions
• Object to or restrict certain processing
• Receive a portable copy of information you have provided to us
• Withdraw consent where processing is based on consent
• Lodge a complaint with a supervisory authority

To exercise any of these rights, email hello@grvty.ltd. We may need to verify your identity before acting on a request. For data we process about you on behalf of a LinkedIn page owner or other client, please direct your request to that party; we will assist them in responding.

6. Cookies and Similar Technologies

grvty.ltd uses a small number of cookies and similar technologies that are strictly necessary to operate the site, plus analytics that help us understand aggregate usage. Where required by law, we will request your consent before setting non-essential cookies and provide a way to manage your preferences. You can also block or delete cookies through your browser.

7. Security

We use industry-standard administrative, technical, and physical safeguards to protect information we hold, including encryption in transit, access controls, least-privilege provisioning, and regular review of our service providers. No method of transmission or storage is perfectly secure; we cannot guarantee absolute security but we work to make any incident rare and contained.

8. International Transfers

GRVTY is based in the British Virgin Islands and works with service providers located in the United States, the European Union, the United Kingdom, and other jurisdictions. When we transfer personal information across borders, we rely on appropriate safeguards such as standard contractual clauses or a recipient’s certified compliance program.

9. Children

Our website and services are intended for adults using LinkedIn and similar professional platforms. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us and we will delete it.

10. Third-Party Platforms

Our use of information received through LinkedIn’s APIs is also governed by the LinkedIn API Terms of Use, the LinkedIn Developer Agreement, and LinkedIn’s Privacy Policy. When those terms impose stricter limits on how we may use, retain, or share LinkedIn data, those limits control. Links from our site to other platforms are provided for convenience; we are not responsible for their privacy practices.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page and, where appropriate, provide additional notice. Your continued use of grvty.ltd after the effective date constitutes acceptance of the updated Policy.

12. Contact

Questions, requests, or complaints about this Policy or our handling of personal information can be sent to:

GRVTY LTD
Intershore Chambers, Road Town, Tortola
British Virgin Islands VG1110
hello@grvty.ltd