Grapevine

Privacy Policy

Last updated: July 9, 2026

Grapevine turns your group's shared information into an AI-written feed. That only works if you trust exactly what we do — and don't do — with your data. This policy says it plainly.

The three privacy tiers

1. Group content (chat channels, feed posts, reactions, uploaded documents, connected data sources): encrypted in transit (TLS) and at rest, isolated per group with database-level row security. Our AI processes this content to generate your feed — that is the product, and it means group content is not end-to-end encrypted. No Grapevine employee reads your content in the normal course of business; access is limited to automated processing, aggregate diagnostics, and cases where you explicitly ask for support.

2. Direct messages on web: encrypted at rest and structurally excluded from AI processing — the systems that generate the feed cannot query direct-message data. We do not read them, use them, or analyze them.

3. Direct messages on mobile (where available): end-to-end encrypted with keys held on your device. Neither the AI, nor group admins, nor Grapevine itself can read them — even if compelled. If you lose your device, that history is unrecoverable by design.

What the AI sees, and how to limit it

The AI reads group channels, feed activity, and data sources your group connects or uploads. It never reads direct messages. Group admins can mute the AI for any member: that member is never addressed or referenced by the AI, and their messages are excluded from AI processing. Reactions and votes are anonymous by design — identity is never shown to anyone, including admins.

Your data is not training data

We use your content solely to provide the service to your group. We do not sell it, rent it, or use it to train our own or third-party foundation models. AI processing is performed via Anthropic's API under terms that do not permit training on your data.

The right to burn

Group admins can permanently delete their entire group — every post, message, upload, connected-source record, and analytics row. Burning is irreversible and propagates to backups within 30 days. Individual members may delete their own account and authored content at any time.

What we collect

Account basics (email, name, title, profile photo, preferences), content you and your group create, data sources your group connects (always read-only — Grapevine never writes back to a connected system), and standard service telemetry (logins, device/browser type, diagnostics). We use cookies only for authentication and session management — no advertising trackers.

Subprocessors

We rely on a small set of infrastructure providers to run Grapevine: Supabase (database, authentication, storage), Anthropic (AI processing), and our hosting provider. Each processes data only to provide their service to us, under their own security commitments.

Your rights

Depending on where you live (including under GDPR and CCPA), you may have rights to access, correct, export, or delete your personal data, and to object to certain processing. Write to privacy@grapevine.app and we will honor verified requests within 30 days. We do not discriminate against you for exercising these rights.

Retention & security incidents

We keep data while your group is active and delete it per the burn and account-deletion rules above. If a security incident affects your data, we will notify affected group admins without undue delay after confirmation, with what we know and what we're doing.

Children

Grapevine is not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect their data.

Changes

If we materially change this policy, group admins get notice before the change takes effect. Continued use after notice is acceptance.

Questions: privacy@grapevine.app · Terms of Service · Home