ViralGrok
// Legal

Privacy Policy

Last updated: April 9, 2026

We do not sell your personal information to any third party, ever. We do not use your inputs to train AI models. Your data is handled with care.

01

Introduction

ViralGrok ("we", "us", or "our") is committed to protecting the privacy of our users ("you" or "your"). This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our AI-powered content generation platform at viralgrok.com ("the Service").

By using the Service, you consent to the data practices described in this Privacy Policy.

02

Information We Collect

2.1 Information You Provide

Account infoName, email address, and profile picture when you register via email or third-party OAuth providers (Google, X/Twitter).
Content inputsTopics, keywords, tone preferences, and other inputs you provide to generate content.
Payment infoBilling details processed securely by our payment provider, Polar. We do not store credit card numbers on our servers.
CommunicationsMessages you send to us for support or feedback.

2.2 Information Collected Automatically

Usage dataPages visited, features used, content generated, generation counts, and session duration.
Device infoBrowser type, operating system, screen resolution, and device identifiers.
Log dataIP address, access times, referring URLs, and error logs.
CookiesSession cookies for authentication and preferences. See Section 7 for details.

2.3 Information from Third Parties

GoogleEmail, name, and profile picture when you choose to sign in with Google.
X / TwitterUsername, display name, and profile information when you connect your X account.
PolarSubscription status and billing events (webhooks) for managing your plan.
03

How We Use Your Information

We use the collected information to:

  • Provide the Service: Generate AI content based on your inputs, manage your account, and process subscriptions.
  • Improve the Service: Analyze usage patterns to enhance features, performance, and user experience.
  • Communicate with you: Send account-related notifications, billing receipts, feature updates, and support responses.
  • Ensure security: Detect and prevent fraud, abuse, and unauthorized access.
  • Comply with law: Fulfill legal requirements and respond to lawful requests.
04

AI Content & Data Processing

4.1 How AI Uses Your Data

When you use our content generation features, your inputs (topics, keywords, tone preferences) are sent to AI model providers (xAI / Grok) to generate content. We want you to know:

  • Your inputs are used solely to generate content for you in real-time.
  • We do not use your inputs to train or fine-tune AI models.
  • Generated content may be temporarily stored for your access in the "Saved Content" feature.

4.2 Content Storage

Generated content is stored in our database so you can access your history and saved items. You can delete your saved content at any time through the Service interface.

05

Data Sharing & Third-Party Services

We share your information only with the following categories of service providers, solely for the purpose of operating the Service:

Provider
Purpose
Data shared
xAI (Grok API)
AI content generation
Content inputs (topics, keywords, tone)
Polar
Payment processing
Email, billing information
Neon / Prisma
Database hosting
Account and content data (encrypted)
Google OAuth
Authentication
Authentication tokens
Vercel
Application hosting
Request logs, IP addresses

We may also share information when required by law, such as in response to a subpoena, court order, or other legal process.

06

Data Security

We take the security of your data seriously and implement industry-standard measures, including:

  • Encrypted data transmission (HTTPS/TLS) for all communications.
  • Hashed passwords using Argon2 — we never store plaintext passwords.
  • Secure database connections with SSL/TLS encryption.
  • Regular security audits and access controls.
  • Minimal data retention — we only keep what is necessary.

Despite our efforts, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

07

Cookies & Tracking

We use the following types of cookies:

EssentialRequired for authentication, session management, and security. Cannot be disabled.
PreferenceRemember your settings such as theme (light/dark mode) and sidebar state.

We do not use third-party advertising cookies or cross-site tracking pixels. We do not serve ads.

08

Data Retention

We retain your data as follows:

AccountRetained as long as your account is active. Deleted within 30 days of account deletion request.
ContentRetained until you delete it or your account is closed.
Usage logsRetained for up to 90 days for analytics and debugging purposes.
PaymentsRetained as required by financial regulations (typically 7 years).
09

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Deletion: Request deletion of your personal data ("right to be forgotten").
  • Portability: Request your data in a machine-readable format.
  • Objection: Object to certain processing of your data.
  • Restriction: Request limitation of processing in certain circumstances.

To exercise any of these rights, contact us at privacy@viralgrok.com. We will respond within 30 days.

10

GDPR Compliance (EU/EEA Users)

If you are located in the European Union or European Economic Area, our legal bases for processing your data include:

  • Contract performance: Processing necessary to provide the Service you requested.
  • Legitimate interest: Improving the Service, fraud prevention, and security.
  • Consent: Where you have given specific opt-in consent.

You may lodge a complaint with your local Data Protection Authority if you believe your rights have been violated.

11

CCPA Compliance (California Users)

If you are a California resident, under the California Consumer Privacy Act (CCPA), you have the right to:

  • Know what personal data is collected and how it is used.
  • Request deletion of your personal data.
  • Opt-out of the sale of personal data (we do not sell data).
  • Not be discriminated against for exercising your privacy rights.
12

Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will take steps to delete that information promptly.

13

International Data Transfers

Your data may be processed and stored in the United States and other countries where our service providers operate. By using the Service, you consent to the transfer of your data to these jurisdictions, which may have different data protection laws than your home country.

We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where required.

14

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

15

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Privacyprivacy@viralgrok.com
Supportsupport@viralgrok.com
Webwww.viralgrok.com