groovy

Legal

Privacy Policy

Last updated June 11, 2026

1. Overview

Groovy (“Groovy”, “we”, “us”), a product of Inkubator Inc, lets you turn anything — artifacts, documents, images, and live previews — into a single, beautiful shareable link. This policy explains what we collect, why, and the choices you have.

By using Groovy you agree to this policy. If you do not agree, please don’t use the service.

2. Information we collect

  • Account data: your email address and authentication identifiers when you sign in (via our auth provider).
  • Content you share: the files, artifacts, titles, descriptions, and comments you upload or create on a link.
  • Link settings: configuration you choose per link — upload/download permissions, passwords, expiry, one-time view.
  • Usage data: basic, privacy-respecting analytics such as page views and link views, plus technical logs (IP address, browser type) needed to operate and secure the service.
  • API keys & connectors: when you use the Groovy API or the MCP connector/bundle, we store a hashed reference to the key you generate.

3. How we use your information

  • To create, host, and serve your links and the files attached to them.
  • To authenticate you and protect your account and content.
  • To enable comments and collaboration features.
  • To operate, maintain, debug, and improve the service.
  • To communicate with you about your account or important service changes.
  • To comply with legal obligations and enforce our terms.

4. Sharing & links

Links are shareable by design. Anyone with a link’s URL (and password, if you set one) can view the content you placed there. You control visibility through per-link settings such as login requirements, passwords, expiry, and one-time view.

We do not sell your personal information.

5. Service providers

We rely on a small set of trusted infrastructure providers to run Groovy. These processors handle data only on our behalf and under contract:

  • Supabase — authentication and database.
  • Vercel — web hosting and edge delivery.
  • Mux — video processing and streaming for shared media.
  • Object storage for the files you upload.

6. Data retention

We keep your content for as long as the link exists or until you delete it. Deleting a link removes its files. One-time-view links are consumed after their first view unless re-armed by the owner. Backups and logs are retained for a limited period as needed for security and reliability.

7. Your rights

Depending on where you live (including the EU/EEA under the GDPR), you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can delete your links at any time from your account, or contact us to exercise these rights.

8. Security

We use industry-standard measures — encryption in transit, access controls, and hashed credentials — to protect your data. No method of transmission or storage is perfectly secure, but we work hard to safeguard your information.

9. Children

Groovy is not directed to children under 16, and we do not knowingly collect their personal data.

10. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by the “last updated” date above and, where appropriate, by additional notice.

11. Contact

Questions about privacy? Reach us at privacy@groovy.so. Groovy is operated by Inkubator Inc, Hamburg, Germany.