Graphora

Privacy Policy

1. Overview

This Privacy Policy describes how Graphora ("we", "us", "our") collects, uses, and protects your personal data when you use our website and application (collectively, the "Service"). We are committed to protecting your privacy and handling your data transparently.

2. Data We Collect

Account Information

When you create an account, we collect your email address, display name, and authentication credentials. If you sign in through a third-party provider, we receive basic profile information from that provider.

Content Data

We store the notes, documents, and knowledge graphs you create within Graphora, including any content shared in collaborative spaces.

Cookies and Local Storage

We use essential cookies to maintain your session and preferences. We do not use third-party advertising cookies. You can manage cookie preferences in your browser settings.

3. How We Use Your Data

  • Providing and maintaining the Service
  • Authenticating your identity and securing your account
  • Syncing your notes and graphs across devices
  • Enabling real-time collaboration in shared spaces
  • Communicating important updates about the Service

4. Data Storage and Security

Your data is stored on servers within the European Union. We use industry-standard encryption for data in transit (TLS) and at rest. Access to personal data is restricted to authorized personnel on a need-to-know basis.

5. Third-Party Services

We use the following third-party services:

  • Cloudflare — for content delivery, DDoS protection, and DNS management
  • Authentication Providers — if you choose to sign in via a third-party provider (e.g., Google, GitHub), their privacy policies apply to data they process

6. Your Rights (GDPR)

If you are located in the European Economic Area, you have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your personal data
  • Portability — request your data in a machine-readable format
  • Restriction — request that we limit processing of your data
  • Objection — object to processing based on legitimate interests

To exercise any of these rights, please contact us at privacy@graphora.app. We will respond to your request within 30 days.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the Service. Continued use of the Service after changes constitutes acceptance of the updated policy.

9. Contact

For privacy-related inquiries, please contact us at privacy@graphora.app.