Privacy Policy

Last updated:

This Privacy Policy describes how Gregator ("we", "us", or "our") collects, uses, and shares information when you use the Gregator website, products, and services (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information we collect

Account information

When you sign up we collect your email address and authentication identifiers from the provider you use to sign in (for example Google). We do not store your password.

Content you create

We store the topics you research, the courses Gregator generates for you, your chat history with Greg, progress through course chapters, and any settings or preferences you configure. This content is bound to your account and is not shared with other users.

Usage data

We record basic, non-identifying usage information — for example which features you use and how often — so we can improve the product. We log operational events (errors, request latencies) for reliability.

Third-party content

Gregator searches public sources on your behalf (search engines, academic indexes, public web pages). The content of those sources is subject to the terms of whoever publishes it.

2. How we use information

• To provide, operate, and improve the Service.
• To generate courses, answer your questions, and personalize your experience.
• To communicate with you about the Service, including security and administrative messages.
• To detect, prevent, and address fraud, abuse, or security issues.
• To comply with legal obligations.

3. How we share information

We do not sell your personal information. We share information only in these situations:

• Service providers: we use third-party infrastructure providers (for example hosting, database, authentication, and AI model providers) to run the Service. These providers process information on our behalf under contractual obligations.
• AI providers: when you research a topic or chat with Greg, your prompts are sent to one or more AI model providers. Providers we currently use include Google (Gemini), Moonshot (Kimi), DeepSeek, and MiniMax. Check each provider's policy for its data handling.
• Legal: we may disclose information if required by law, subpoena, or to protect the rights, property, or safety of Gregator, our users, or others.
• Business transfers: if Gregator is involved in a merger, acquisition, or asset sale, your information may be transferred, subject to this Policy.

4. Data retention

We retain your account data for as long as your account is active. You can delete your account at any time, which removes your courses, chat history, and profile data within 30 days. Some data may be retained in backups or for legal compliance.

5. Security

We use industry-standard measures — encryption in transit (TLS), encryption at rest, access controls, and audit logging — to protect your information. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

6. Your rights

Depending on where you live, you may have the right to access, correct, delete, export, or restrict processing of your personal information. To exercise any of these rights, email [email protected].

7. International data transfers

Gregator is operated from the European Union and the data centers our providers operate in may be located elsewhere. By using the Service, you consent to the transfer of information to countries which may have different data protection rules than your own.

8. Children

The Service is not intended for children under 16. We do not knowingly collect personal information from children. If you believe we have, please contact us and we will delete it.

9. Changes to this policy

We may update this Policy from time to time. When we do, we'll change the "Last updated" date at the top, and for material changes we'll notify you by email or in-app notice.

10. Contact

Questions or requests? Email [email protected].