Privacy Policy

This Privacy Policy explains how Grain Bridge ("Company", "we", "us") collects, uses, and protects your information when you use the Laytime platform ("Service"). We are committed to protecting your privacy and handling your data responsibly.

Account information

When you create an account, we collect your name, email address, company name, and role. If your organization subscribes to a paid plan, we also collect billing contact information.

Uploaded documents

When you use the Service, you upload charter party documents and statements of fact. We process these documents to extract relevant data for laytime calculations. Uploaded documents are stored securely and associated with your organization's account.

Usage data

We automatically collect information about how you interact with the Service, including page views, feature usage, calculation history, and error logs. This data helps us improve the product and diagnose technical issues.

Cookies and similar technologies

We use essential cookies to maintain your session and authentication state. We do not use third-party advertising cookies or trackers.

We use collected information to:

• Provide, operate, and improve the Service
• Process uploaded documents and generate laytime calculations
• Manage your account and subscription
• Send transactional communications (invoices, account notifications)
• Provide customer support
• Monitor for security threats and abuse
• Comply with legal obligations

To provide the Service, we share limited data with the following categories of third-party processors:

• AI providers — Document content is sent to AI services (e.g., Anthropic Claude, Mistral) for extraction and OCR processing. These providers process data according to their enterprise data processing agreements and do not use your data to train their models.
• Infrastructure providers — Hosting, database, and authentication services that store and process your data on our behalf.
• Email services — For sending transactional emails such as invoices and account notifications.

We do not sell, rent, or trade your personal information or document content to third parties.

We retain your account information and calculation history for the duration of your account. Uploaded documents are retained as long as your account is active and for a reasonable period after account closure to allow data export.

You may request deletion of specific calculations or your entire account at any time by contacting us. Upon account deletion, we will remove your data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., invoicing records).

We implement industry-standard security measures to protect your data, including:

• Encryption in transit (TLS) and at rest
• Row-level security policies ensuring organizational data isolation
• Access controls and authentication via secure providers
• Regular security reviews and monitoring

No system is perfectly secure. While we take reasonable precautions, we cannot guarantee absolute security of your data.

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate personal data
• Request deletion of your personal data
• Export your data in a portable format
• Object to or restrict certain processing of your data
• Withdraw consent where processing is consent-based

To exercise these rights, contact us at the email below. We will respond within 30 days.

Your data may be processed in jurisdictions outside your country of residence, including where our infrastructure providers and AI services operate. We ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent mechanisms, for any international data transfers.

The Service is not directed at individuals under 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a child, we will delete it promptly.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice within the Service at least 14 days before they take effect. The "effective date" at the top of this page indicates when the current version took effect.

For privacy-related questions or requests, contact us at privacy@grainbridge.broker.