Privacy Policy

At GRC, we prioritize the security and privacy of our customers' data. We have a holistic Information Security Program in place that is in line with SOC 2 Framework, a widely recognized information security auditing procedure. This program is communicated throughout our organization to ensure a uniform understanding of its protocols and methodologies.

Last updated: 01. August 2023


To provide our customers with access to the Services, we gather the following types of information, however, this information is only used in YOUR secure enclave and is not available to third parties.

Text Input:
We collect the text entered into our Services, which includes the usage of text generation, semantic comparison, and text-to-vector conversion tools. This information is used to support your utilization of the tools, including generating realistic sentence suggestions, matching inputted text to semantic equivalents, and producing vector representations of input text for downstream computing.

Generated Information:
Additionally, we collect information generated as a result of your interaction with the tools, such as generated text, lists of semantic matches, and numeric vector representations, all of which help enhance your experience with the Services.

Use and retention of collected information:
The information we collect is utilized and retained for various purposes, including: Providing the Services to you. Enhancing and improving the GRC Services and other offerings in your deployment. Training and refining your models. Conducting benchmarking activities. Monitoring compliance with our terms and acceptable use guidelines.

Important note regarding personal information:
It is important to emphasize that our Services are not intended for processing personal information, except in your secure deployment. We strongly advise our clients against uploading any personal information while using our Services, that are not a secure deployment. However, if any personal information is provided to us, it will be collected, used, and disclosed as described above and in accordance with the terms governing the use of our Services. Our customers are responsible for complying with relevant privacy laws when utilizing the Services, including providing necessary notices and obtaining appropriate consent for sharing information with GRC and using our tools. Any information collected or generated is retained in accordance with our contractual commitments to our clients. For inquiries about the personal information we process on behalf of our customers, we encourage you to first contact the respective customer directly and/or review their applicable privacy policy. If you previously signed up to receive marketing communications from one of our customers and now wish to unsubscribe, please contact the customer directly.

Information collected through our Website or other interactions with you:

GRC Envision GmbH. ("GRC") may collect information about you when you:

- Create an account
- Book a demo
- Sign up to receive marketing emails such as newsletters and blog posts
- Participate in our surveys
- Apply for a job
- Contact us with a comment, question, or complaint
- Visit our Website

Requesting Access to the Services:
Before accessing or using the Services, you may be required to complete the GRC API Application. As part of this Application, we will gather your business contact information, details about your organization (including its type and location), and information about your intended use of the Services (including a description of your use case, past experiences with similar services, and usage frequency estimates). We utilize this information to comprehend the purposes for which you seek to use the Services, evaluate the suitability of the Services for your organization and intended purposes, and personalize your user experience.

Creating an Account:
Upon approval of your Application, you must create an account to access and use the Services. To set up your account, we collect your first and last name, email address, and a password of your choice. This information is used to create and manage your account and enable your access to and use of the Services. We strongly advise against sharing your password with anyone, and we will never ask for your password through unsolicited communications (such as letters, phone calls, or email messages). If you become aware of any unauthorized access or use of your account, please notify us immediately.

Marketing Communications:
We may send you communications (including via mail and email) regarding our platform and other products and services that we believe might interest you. You have the option to unsubscribe at any time by clicking the "unsubscribe" link provided at the bottom of each email or by contacting us using the contact information provided in the "Contact Us" section below. Please note that even after unsubscribing, you may continue to receive transactional or account-related communications from us.

Occasionally, we may invite you to participate in our surveys. The information collected through these surveys is used in an aggregated and de-identified form. We use this information to gain insights into our users and enhance our Website.

If you apply for a job with us, we may collect certain personal information about you (such as the details contained in your resume, cover letter, or other employment-related materials). We use this information solely for the purpose of processing, evaluating, and responding to your application.

Contact Us:
When you contact us with a comment, question, or complaint, we may ask for identifying information such as your name, address, and telephone number, along with additional details necessary to promptly address your query or respond to your comment. We may retain this information to provide future assistance and improve our customer service and service offerings.