Explore

Privacy Policy

Data We Collect

grandle collects the information needed to operate a regulated exchange: your name, email address, government ID, proof of address, and transaction records. Collection happens at registration and during ongoing compliance reviews.

Device data, IP addresses, and browser identifiers are logged automatically when you access the platform. This data supports fraud detection and security monitoring.

How We Use Your Data

Your data is used to verify your identity, process transactions, detect fraudulent activity, and meet regulatory reporting obligations. grandle does not sell personal data to advertisers or data brokers.

Cookies

grandle uses strictly necessary cookies to keep you logged in and maintain session security. Analytics cookies — used to measure page performance — are optional and can be declined in your browser settings.

Third-party cookies from integrated payment or identity providers may appear during specific flows. Those providers operate under their own privacy policies, which grandle links to at the point of integration.

Data Sharing

grandle shares your data only with licensed custodians, payment processors, and government authorities when legally required. No data is shared with unaffiliated third parties for commercial purposes.

Security

Personal data is encrypted at rest using AES-256 and in transit using TLS 1.3. Access to user data within grandle is role-restricted and logged for internal audit.

grandle retains penetration testing records and runs annual third-party security audits. In the event of a data breach, affected users will be notified within 72 hours of confirmed detection.

Your Rights

You have the right to access, correct, export, or request deletion of your personal data. Submit a request through your account settings or by contacting the grandle pri info@grandle.io vacy team directly.

Third-Party Links

The grandle platform may contain links to external sites. Once you leave grandle, this Privacy Policy no longer applies. Review the privacy practices of any external site before submitting personal information.

Data Retention

Transaction records and identity documents are retained for 5 years following account closure, as required by AML regulations. Non-essential data is deleted within 90 days of account termination.

Policy Updates

This Privacy Policy was last updated on January 1, 2026. When material changes are made, grandle will notify registered users by email at least 14 days before the changes take effect.