Privacy Policy

The shortest, most honest privacy policy you'll read this year.

TL;DR: Free users: zero data, no name, no email. Pro buyers: your email goes to Polar (payment + receipt) and Brevo (so we can send you a thank-you on Day 1 and two short feedback prompts on Day 2 and Day 7 — that's it, no marketing spam). No phone, no IP stored long-term, files deleted within 1 hour. No ads, no behavioural analytics, no data resale.

1. Who is responsible for your data

Grabio is an iPhone Apple Shortcut for file utilities (compress, convert, PDF, background remove, QR, and more). It is operated by Aditya R Sharma, an individual based in India.

Data Controller: Aditya R Sharma · India · [email protected]

2. What we collect and why

Data	Why	Lawful basis (GDPR)	Retention
SHA-256 hash of your iOS device identifier	To rate-limit free tier (5 actions/day) and bind your Pro license to one device	Legitimate interest (Free tier abuse prevention) / Contract (Pro tier)	30 days rolling
Daily action count per device	To enforce free-tier limits	Legitimate interest	48 hours
Files you share to Grabio	To process the requested action (compress, convert, PDF, etc.)	Contract performance	Up to 1 hour, then deleted
Polar subscription ID + device hash binding (Pro users only)	To unlock Pro limits on the iPhone that paid	Contract performance	Subscription lifetime + 35-day grace
Pro buyer email — relayed from Polar to Brevo for onboarding (Pro users only)	Send a thank-you (Day 1) and two short feedback prompts (Day 2 + Day 7). No marketing list, no resale. You can unsubscribe one-click from any of them.	Legitimate interest (post-sale onboarding) / Contract	Held in Brevo for subscription lifetime + 1 year; we keep no copy on Grabio's server
IP address (request rate-limit window only)	To prevent abuse during the request	Legitimate interest	Discarded within 1 hour
Request metadata (endpoint, status, time)	Server health monitoring and debugging	Legitimate interest	24 hours

3. What we don't collect

No name. No phone. No address.
No behavioural analytics tied to you. Plausible (our self-hosted analytics) only counts aggregate page views with no personal data, no fingerprinting, no cookies.
No third-party ad networks. No Google Analytics. No Facebook Pixel. None.
No content of your files or URLs is logged. Servers process the bytes and forget them.

4. Subprocessors

These are the only third-party services that touch any Grabio data. We chose each one for privacy posture and minimal data exposure.

Provider	Country	What they do	What they receive
Hetzner Online GmbH	Germany (EU)	Server hosting	All processed data in transit and 1-hour cache
Plausible (self-hosted)	Hosted on adityaarsharma.com infrastructure (Germany)	Aggregate page-view analytics	No personal data; aggregate counts only
Polar.sh (Merchant of Record)	United States	Payment processing, VAT/tax compliance, receipt email to buyer	Buyer email + card data (we never see card numbers; Polar keeps the email, not us)
Brevo (Sendinblue)	France (EU)	Pro-buyer onboarding emails only — Day 1 thank-you + Day 2 and Day 7 feedback prompts. Triggered on Pro purchase. Not used for Free users.	Pro buyer email + purchase date
Cloudflare	United States	DNS for grabio.adityaarsharma.com	Inferred IP at DNS resolution (not stored by us)
Apple iCloud	International	Distributes the Shortcut binary	Anonymous to us; Apple's terms apply

5. International transfers

Our server lives in Germany (Hetzner). For Pro users in the EU/EEA, payment data goes to US-based Polar.sh under Standard Contractual Clauses; onboarding emails go through Brevo (France, EU). Your file content never leaves the Germany-hosted Grabio backend — we do not route file content to any third-party server for processing.

6. Cookies

The public Grabio site does not use tracking, advertising, or analytics cookies. Plausible is cookieless by design. The only cookie set is an essential admin session cookie (used only when the operator logs in to the admin dashboard at /admin). Regular users will never receive a cookie from us.

7. Your rights (GDPR, CCPA, and others)

Wherever you live, you have the right to know what we hold, ask for a copy, ask for deletion, and complain to your regulator. To exercise any of these:

Access (Art. 15): Email [email protected] with your Polar receipt ID. We export everything we hold (it's basically just your device hash and Pro entitlement) as JSON within 7 days, usually same day. For your email/receipt itself, contact Polar.
Rectification (Art. 16): Grabio holds no editable personal data on you. Email or billing changes go to Polar.
Erasure / Right to be Forgotten (Art. 17): Email us with your Polar receipt ID. We purge your device hash, Pro entitlement, audit log entries, and any backups within 30 days. Files are already deleted within 1 hour.
Portability (Art. 20): JSON export, same as the access request.
Objection (Art. 21): Stop using Grabio. Rate-limit data ages out automatically within 48 hours.
Complaint (Art. 77): You can complain to your country's data protection authority. In India: Data Protection Board of India. In the EU: your national DPA.

8. Security

HTTPS everywhere (Let's Encrypt). Redis password-protected and bound to localhost. Device identifiers hashed with SHA-256 before storage. Files processed in memory or in a permission-restricted temporary folder, then deleted by a cleanup cron within 1 hour. Admin dashboard is HTTP Basic Auth + signed session cookies. Backups are encrypted at rest on Hetzner and rotate every 24 hours.

9. Children

Grabio is not directed at children under 16. We do not knowingly process data from anyone under 16. If you believe a child has used Grabio, email us and we will purge any related device hash immediately.

10. Automated decision-making

None. Grabio does not make automated decisions that produce legal or significant effects on you. The only automated action is rate-limit counting (5 actions per day on the free tier), which can be lifted by buying Pro.

11. Changes to this policy

If we add a subprocessor or change a retention period materially, we will update this page and announce it on the landing page footer. The "Last updated" date at the top tells you when we last changed anything.

12. Contact

Aditya R Sharma · India · [email protected]. Human reply within 24 hours on weekdays.