Privacy Policy

Effective Date: November 28, 2025

Grizon AI, a service of Grizon Tech, is committed to protecting your privacy in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and other Indian laws. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform. By using the Platform, you consent to these practices. This policy is designed to be transparent, ensuring you understand how your data is handled. 

  • Information We Collect: Personal data: Email, phone, GSTIN, payment details (via Razorpay/Stripe – we don’t store cards). This is collected to manage your account, process payments, and verify identity for security. 
  • Usage Data: Prompts, outputs, credits used, IP address, device info (for security/abuse prevention). This helps us improve the platform and detect fraud. 
  • Cookies/Analytics: For session tracking (Google Analytics – anonymized). This enables us to analyze usage patterns without identifying individuals. 
  • How We Use Your Information: Service delivery: Process queries, allocate credits, provide support. This is the primary use to fulfill your subscription. 
  • Improvements: Anonymized data to train models (with consent). This allows us to enhance AI performance without using personal information. 
  • Compliance: GST filing, legal requirements. This ensures we meet regulatory obligations. 
  • Marketing: Emails, SMS and What’s App Messages for updates (opt-out available). This keeps you informed about new features or changes. 
  • Data Sharing: Third parties: APIs (e.g., OpenAI) process prompts (their privacy applies). Payment processors (Razorpay). This is necessary for service delivery, but we only share what’s required. 
  • No Sale: We don’t sell data. This protects your information from commercialization. 
  • Legal: If required by law (e.g., court order). This is limited to mandatory disclosures. 
  • Data Security: Measures: Encryption (HTTPS), access controls, AWS Mumbai servers. This safeguards data from unauthorized access. 
  • DPDP Compliance: Data minimization, consent for processing, right to access/delete (email support). This aligns with India’s data protection laws. 
  • User Rights: Access/correction: Request data copy (30 days). This allows you to review what we hold. 
  • Deletion: Delete account/data (subject to legal retention). This gives you control over your information. 
  • Consent Withdrawal: Cancel anytime (see Cancellation Policy). This lets you stop data processing by ending use. 
  • Children’s Privacy: Not for under 18. We delete data if discovered. This complies with child protection laws. 
  • Changes: Updated with notice. Continued use = acceptance. This allows policy evolution while giving you notice. 

For queries, contact support@grizonai.com or DPO at privacy@grizonai.com.