Privacy Policy
Last updated: February 4, 2026
Effective date: February 4, 2026
Quick Navigation
Introduction
GroupSmarter ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. This policy applies to all users of GroupSmarter, including organization administrators, members, and visitors.
Information We Collect
We collect information in the following categories: Account Information: • Name and email address • Password (encrypted) • Profile photo (optional) • Phone number (optional) Organization Information: • Organization name and type • Member lists and roles • Event details and RSVPs • Budget and financial records • Communications and messages • Fundraising campaigns and donations Usage Information: • Log data (IP address, browser type, pages visited) • Device information • Feature usage patterns • Paige conversation history Payment Information: • Billing name and address • Payment method (processed by Stripe - we don't store full card numbers) • Transaction history
How We Use Your Information
We use collected information to: Provide the Service: • Create and manage your account • Enable organization features • Process payments and transactions • Deliver Paige AI assistance Improve the Service: • Analyze usage patterns • Develop new features • Fix bugs and issues • Optimize performance Communicate with You: • Send service notifications • Respond to support requests • Share product updates (with consent) • Deliver important security alerts Legal and Safety: • Comply with legal obligations • Enforce our Terms of Service • Protect against fraud and abuse • Respond to legal requests
Data Sharing and Disclosure
We do NOT sell your personal information. We may share data with: Service Providers: • Stripe (payment processing) • Cloud hosting providers (data storage) • Email delivery services • AI model providers (for Paige functionality) Within Your Organization: • Organization admins can view member information • Members can see shared organization data based on permissions Legal Requirements: • When required by law or legal process • To protect our rights or safety • To prevent fraud or security threats Business Transfers: • In connection with a merger, acquisition, or sale of assets • Your data would remain subject to this Privacy Policy
Third-Party Services
GroupSmarter integrates with third-party services: Stripe (Payments): • Processes all payment transactions • Subject to Stripe's Privacy Policy • We do not store complete payment card information AI Services (Paige): • Powers our AI assistant features • Conversations may be processed by AI providers • No personally identifiable data is retained by AI providers • See AI and Paige Privacy section for AI-specific policies Analytics: • We use analytics to understand usage patterns • Data is aggregated and anonymized where possible
Data Retention
We retain your data as follows: Active Accounts: • Data retained while account is active • Regular backups maintained for disaster recovery Deleted Accounts: • Account data deleted within 30 days of account deletion • Backups may retain data for up to 90 days • Some data may be retained for legal compliance Transaction Records: • Financial records retained for 7 years (legal requirement) Aggregated Data: • Anonymized usage statistics may be retained indefinitely
Your Rights and Choices
Depending on your location, you may have the right to: Access: Request a copy of your personal data Correction: Update inaccurate information Deletion: Request deletion of your data Portability: Export your data in standard formats Objection: Object to certain processing activities Restriction: Limit how we use your data To exercise these rights: • Use in-app settings for most requests • Email privacy@groupsmarter.com for complex requests • We will respond within 30 days Communication Preferences: • Manage email preferences in Account Settings • You cannot opt out of essential service communications
Data Security
We implement industry-standard security measures: Technical Safeguards: • Encryption in transit (TLS/SSL) • Encryption at rest • Regular security audits • Secure development practices Organizational Safeguards: • Employee access controls • Security training • Incident response procedures • Regular security reviews Your Responsibilities: • Use strong, unique passwords • Enable two-factor authentication • Report suspicious activity immediately No system is 100% secure. We cannot guarantee absolute security but strive to protect your data using best practices.
Cookies and Tracking
We use cookies and similar technologies: Essential Cookies: • Authentication and session management • Security features • Cannot be disabled Functional Cookies: • Remember your preferences • Improve user experience Analytics Cookies: • Understand usage patterns • Measure feature effectiveness Managing Cookies: • Browser settings can block or delete cookies • Blocking essential cookies may prevent Service use • We do not use cookies for third-party advertising
AI and Paige Privacy
Special considerations for our AI features: Data Processing: • Paige processes your organization's data to provide assistance • Conversations are encrypted and stored securely • AI providers receive anonymized queries without personal identifiers Learning and Improvement: • Aggregated, anonymized interaction data may improve AI models • You can opt out of improvement contributions in Settings • Individual conversations are not used for training without consent Limitations: • Paige does not have internet access beyond GroupSmarter data • Paige cannot take actions outside the platform • AI responses should be verified for accuracy
International Data Transfers
GroupSmarter is based in the United States. If you access the Service from outside the US: • Your data may be transferred to and processed in the US • We implement appropriate safeguards (Standard Contractual Clauses) • EU/UK users: We comply with GDPR requirements • Your use constitutes consent to these transfers
GDPR Compliance (EU/UK Users)
For users in the European Union or United Kingdom: Legal Bases for Processing: • Contract performance (providing the Service) • Legitimate interests (improving the Service) • Consent (marketing communications) • Legal obligations (compliance requirements) Data Protection Officer: • Contact: groupsmarterapp+dpo@gmail.com Supervisory Authority: • You may lodge complaints with your local data protection authority
CCPA Compliance (California Users)
For California residents under CCPA: Your Rights: • Know what personal information we collect • Request deletion of your information • Opt out of sale of personal information (we do not sell data) • Non-discrimination for exercising rights Categories of Information Collected: • Identifiers (name, email, IP address) • Commercial information (transaction history) • Internet activity (usage data) • Geolocation data (approximate location) To exercise rights: Email groupsmarterapp+privacy@gmail.com with "CCPA Request"
Children's Privacy
GroupSmarter is not directed to children under 13: • We do not knowingly collect data from children under 13 • If we discover such data, we will delete it promptly • Parents may contact us to request deletion of a child's data • Organizations using GroupSmarter with minors are responsible for compliance with applicable laws (COPPA, etc.)
Changes to This Policy
We may update this Privacy Policy periodically: • Material changes will be announced via email or in-app notice • The "Last Updated" date will be revised • Continued use after changes constitutes acceptance • Previous versions available upon request
Contact Us
For privacy-related questions or requests: Privacy Team: groupsmarterapp+privacy@gmail.com Data Protection Officer: groupsmarterapp+dpo@gmail.com General Contact: hello@groupsmarter.com GroupSmarter Mississippi, USA We aim to respond to all requests within 30 days.
Marketplace Data
When organizations use our marketplace feature: Seller Data We Collect: • Product listings and descriptions • Inventory information • Sales history and transaction records • Payout account information (processed by Stripe) Purchaser Data We Collect: • Name and contact information • Shipping address (for physical products) • Purchase history within the organization • Payment information (processed by Stripe - we do not store full card numbers) How Marketplace Data is Used: • Processing and fulfilling transactions • Providing purchase history and receipts • Enabling organization-purchaser communication • Calculating platform fees • Fraud prevention and dispute resolution Data Sharing: • Purchaser information is shared with the selling organization to fulfill orders • Payment data is processed by Stripe under their privacy policy • We do not sell marketplace transaction data to third parties Data Retention: • Transaction records retained for 7 years (legal/tax requirements) • Product listings retained while organization is active • Purchaser data retained per organization membership policies
Sponsor and Vendor Data
When organizations use sponsor/vendor management features: Data Collected: • Business names and contact information (entered by organization) • Sponsorship/donation history • Communication logs • Contract and commitment details Important Notice: Sponsor and vendor data is entered and managed entirely by organizations. GroupSmarter: • Does not independently collect data from sponsors/vendors • Does not verify accuracy of sponsor/vendor information • Does not contact sponsors/vendors except at organization direction Organization Responsibilities: Organizations are responsible for: • Having appropriate consent or legitimate interest to store sponsor/vendor data • Responding to data access or deletion requests from sponsors/vendors • Complying with applicable B2B data protection requirements Data Isolation: Sponsor/vendor data is strictly isolated to the organization that entered it. We do not: • Share sponsor/vendor lists between organizations • Use sponsor/vendor data for our own marketing • Sell or transfer sponsor/vendor data to third parties
Meeting and Minutes Data
When organizations use meeting management features: Data Collected: • Meeting schedules and agendas • Attendance records • Meeting notes and minutes • Action items and decisions • Voting records (if applicable) Access Controls: • Meeting data visibility is controlled by organization permissions • Only authorized organization members can view meeting records • Historical meeting data is accessible to organization admins Data Retention: • Meeting records retained while organization is active • Upon organization deletion, meeting data is deleted per standard policy • Organizations can export meeting records at any time Sensitive Discussions: Organizations should be aware that meeting content may contain sensitive information. We recommend: • Using appropriate permission settings for sensitive meetings • Not documenting highly confidential matters in shared platforms • Following your organization's own confidentiality policies