Privacy Policy

Last updated: May 20, 2026

About this policy

Grocelie operates a marketing site at grocelie.com, a signed-in web app at app.grocelie.com, and the Grocelie mobile app on iOS and Android, and this policy covers all three.

You only need to read the section that matches how you use Grocelie — use the jump-block below to skip straight to it.

If you use the Grocelie app

This section applies if you use any Grocelie product app — the web app at app.grocelie.com, or the Grocelie mobile app available on iOS and Android via the App Store and Google Play. We collect the minimum data needed to provide your account and app features. We do not sell, share, or monetise your data.

Data we collect

We collect only what you provide directly:

• Email address — used for authentication (one-time passcode sign-in), email change confirmation, and occasional product updates or re-engagement emails. You can unsubscribe from non-essential emails at any time.
• Display name— an optional name you can set during sign-up or in your profile. The display name field is always marked “optional”; if you leave it blank, no name is stored.
• Account setup flag — we store a flag indicating whether you have completed initial app setup, as part of your account record. This is used to route you to the correct screen on each app launch.
• Grocery data — stock items, lists, shops, and units you create in the app.
• Feedback — optional ratings and comments you submit through in-app feedback prompts. Stored in your account to help us improve the product.
• Onboarding choices — starter items, shops, and preferences selected during Quick Start, along with your browser language and time spent in the wizard. Used to tailor your initial experience and improve onboarding for future users.
• Usage counts — lightweight event counters (e.g., items created, lists completed) stored locally on your device to determine when to show feedback prompts. These counts are never sent to our servers.

We do not collect your physical address, phone number, payment information, or your device's GPS location.

Account retention

Accounts that are not verified within 24 hours are automatically removed. Accounts that are verified but never complete initial app setup are removed after 90 days of inactivity.

How data is used

• To authenticate your account via email one-time passcode.
• To store and display your stock, list, and deals data.
• To send occasional product updates or re-engagement emails. You can unsubscribe from these at any time.
• To collect voluntary feedback and improve the product.
• To tailor onboarding to your region and language.
• To improve product reliability and fix issues.
• To review and moderate deal submissions, business user applications, and community content — the Grocelie administrator may see your account name and email address in the context of moderation. This information is not shared with other users.

By creating an account you are opted in to receive product updates. You can unsubscribe at any time using the link in any such email.

Email communications

We may send you emails related to your account (sign-in codes, email change confirmations) and occasional product updates (new features, re-engagement). Transactional emails required for account security cannot be opted out of. You can unsubscribe from product and marketing emails at any time using the link in any such email.

Session storage

The Grocelie web app (app.grocelie.com) does not use cookies or third-party analytics. It stores an authentication session token in your browser's local storage to keep you signed in, along with small amounts of data such as feedback event counters and onboarding wizard state. This data stays on your device and is not shared with third parties.

The Grocelie mobile app (iOS and Android) stores your login session securely on your device using Expo SecureStore, the platform-native encrypted storage provided by iOS Keychain and Android Keystore. This session token is used to keep you signed in between app launches and is not shared with third parties.

Third-party services

We use the following third-party services to run the app:

• Supabase — authentication and database services. Processes your email for sign-in and stores your grocery data on secure infrastructure.
• Resend — delivers transactional and product update emails on our behalf.
• Vercel — hosts and serves both the website and the app.

Account deletion

You can delete your account at any time from the Profile page. Deletion permanently removes all of your data, including stock items, lists, shops, units, your suburb and search radius preferences, and any deals you have submitted. This action cannot be undone.

Suburb and location data

During initial app setup, you select a suburb to personalise your deals feed. We store the geographic centre of your selected suburb (a suburb-level centroid — not your street address) along with your preferred search radius in kilometres. This data is used only to calculate which stores and deals are nearby.

We do not use or request your device's GPS location. All location calculations are based on the suburb centroid you choose, which is pre-seeded into our database from public geographic data. You can update your suburb and radius at any time from the app settings.

Your suburb centroid and search radius are deleted when you delete your account.

If you join the waitlist

This section applies if you submitted the waitlist form on grocelie.com. Joining the waitlist does not create a Grocelie app account.

What we collect

• Email address — so we can let you know when Grocelie launches in your suburb.
• Selected suburb— chosen from our launch-suburb list, or the free-text “Other” field if your suburb isn't listed.
• Optional answer to “would you share local deals you spot?” — used to gauge community supply-side intent.
• Submission timestamp — when you submitted the form.
• UTM parameters from the link you arrived via (utm_source, utm_medium, utm_campaign, utm_content, utm_term).
• Referring page — the page or platform you clicked through from, when your browser shares it.
• Browser user-agent string — to spot abusive bot signups.
• Landing page path — which page you joined from.

Why we collect it

• To email you when Grocelie launches in your suburb.
• To measure which suburbs and ad sources convert.
• To improve our launch plan and prioritise suburbs.

Where it's stored

In our Supabase database (our hosting provider for both the app and the waitlist). Waitlist signups are not sold or shared with third parties.

Who can see it

The founder, via Supabase admin tools. Anonymous browsers cannot read the waitlist — the table is protected by row-level security and the public website never exposes a way to query it.

How long we keep it

Indefinitely until you ask us to delete it. Email deals@grocelie.com from the address you signed up with and we will delete your row.

Your rights

You can request deletion, access, or correction of your waitlist data at any time by emailing deals@grocelie.com. No account is required to make the request.

What we don't collect

From waitlist signups we do not store: physical address, phone number, payment information, or precise location. We do not store your IP address; however, third-party services (PostHog and Meta Pixel) receive it as a standard byproduct of loading their scripts in your browser.

If you send us a deal

This section covers email you choose to send us at deals@grocelie.com. There is no in-form upload at v3 launch — submissions are by email only.

Anything you send by email — text, photos, screenshots — may be added to the deals database.

• Photo metadata (EXIF, including embedded location) is stripped before any public use.
• Your email address is never published alongside a deal.
• We do not run facial recognition on submissions. Please do not send photos with people in them.
• We may ignore or remove submissions at our discretion.

Security, changes, contact

Cookies, analytics, and advertising

The marketing site (grocelie.com) uses PostHog, an open-source analytics platform, to understand how visitors browse the site. PostHog stores a single anonymous identifier in your browser's localStorage (not a cookie).

What we collect via PostHog:

• Page URLs visited on grocelie.com
• Referring URL (where you came from)
• Approximate time on page
• Browser, device type, operating system, and screen size (from your browser's standard headers)
• Approximate location (city and country) — derived by PostHog from your IP address for geographic analytics. Your raw IP address is not stored.
• Waitlist funnel events — when you start the form and whether submission succeeded or failed (error type only, no personal data)
• Session recordings — mouse movements, clicks, scrolling, and page interactions are recorded so we can understand how visitors use the site All form field values (including free-text inputs) are masked in the session recording — we never see what you type or select in any field.

What we do not collect via PostHog:

• Your raw IP address (used only to derive approximate location, then discarded)
• The content of any form fields (all inputs and dropdowns are masked)
• Fingerprinting data

Session recordings are retained by PostHog for up to 30 days and are accessible only to the Grocelie team. They are used solely for product improvement. PostHog processes this data on servers in the United States.

Meta Pixel and advertising measurement

The marketing site (grocelie.com) uses the Meta Pixel (also known as the Facebook Pixel) to measure how our advertising campaigns perform. The Pixel is used for advertising measurement only — not for targeting, profiling, or personalisation of content on grocelie.com.

What the Meta Pixel does:

• Fires a PageView event on every page of grocelie.com, so Meta can attribute ad traffic to our campaigns.
• Fires a Lead event after a successful waitlist form submission, so Meta knows a signup occurred.

Cookies set by the Meta Pixel:

• _fbp — a browser identifier set by Meta to recognise your browser across visits to grocelie.com. Expiry: 90 days. This cookie can be used by Meta to link your activity across websites that use the Meta Pixel.
• _fbc — an ad-click identifier set when you arrive via a Meta ad link. Expiry: 90 days.

Server-side conversion signal (CAPI)

When you join the waitlist, we also send a server-side Leadevent directly from our servers to Meta's Conversions API (CAPI). This ensures Meta receives a reliable conversion signal even when the browser Pixel is blocked by an ad blocker or browser privacy setting.

Data sent via CAPI:

• Hashed email address — your email is converted into a one-way mathematical fingerprint (SHA-256 hash) before leaving our servers. The hash cannot be converted back into your email address, however Meta may match it against hashes of email addresses already on its platform to measure reach.
• Browser and device type (client_user_agent) — your browser's standard identification string (e.g. “Chrome 124 on macOS”).
• Page URL (event_source_url) — the URL of the page where you submitted the form.
• Event ID — a randomly generated UUID that has no user-derived components. It is used by Meta to deduplicate the browser Pixel event and the server-side CAPI event, ensuring a signup is counted only once.

Raw email is never sent to Meta. Your IP address is not sent to Meta via CAPI. Meta processes CAPI data on servers in the United States.

Opt-out and further information:

• Meta Data Policy — how Meta uses data it receives via its Pixel and CAPI.
• Meta Ad Preferences — review and adjust the advertising preferences Meta has inferred about you.
• Facebook Off-Facebook Activity tool — see and manage the data businesses have shared with Meta about your activity outside Facebook.

Opt out of Meta Pixel tracking on this browser

Note: opting out suppresses the browser Pixel on this device. The server-side CAPI event fires only when you actively submit the waitlist form and cannot be blocked by a browser opt-out.

Data security

All data is transmitted over HTTPS. Database access is restricted by row-level security so that only you can access your own data.

Changes to this policy

We may update this policy as the product evolves. The “Last updated” date at the top will reflect the most recent revision. Continued use of Grocelie after changes means you accept the updated policy.

Contact

For privacy questions or data requests, email us at deals@grocelie.com.