GrubiGrubi

Privacy Policy

Last updated: 16/06/2026

Grubi (“we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Notice explains how we collect, use, store and share your information when you use our website and services.

1. Who we are

Grubi is the data controller for the personal data collected through this website. If you have questions about this notice or how we handle your data, please contact us at the details shown on our site.

2. What data we collect

We may collect the following categories of personal data:

  • Account data: name, email address, password (hashed), and phone number when you register or subscribe.
  • Location data: suburb or GPS-derived location (with your consent) to show nearby deals.
  • Usage data: pages visited, search queries, clicks, and device identifiers to improve our service.
  • Communications: support messages and feedback you send us.
  • Deal submissions: information you provide when submitting a deal or venue listing.

3. How we use your data

We use your personal data for the following purposes:

  • To create and manage your account and provide our services (contract performance).
  • To send SMS deal alerts and email notifications you have requested (consent, which you can withdraw at any time).
  • To personalise content, such as showing deals near your location (legitimate interest — you may opt out).
  • To analyse usage trends and fix issues (legitimate interest in service improvement).
  • To comply with legal obligations and prevent fraud.

4. Legal basis for processing

We process personal data on the basis of: (a) performance of a contract with you; (b) our legitimate interests, balanced against your privacy rights; (c) your explicit consent; and (d) compliance with legal obligations.

5. Who we share data with

We share personal data only with the following categories of recipients:

  • Service providers: hosting, analytics, email delivery, and customer-support tooling.
  • Paddle.com: our Merchant of Record for payments, subscription management, tax compliance and invoicing. Paddle processes payment-related data as an independent controller for its own purposes. You can read Paddle’s privacy policy at paddle.com/legal/privacy.
  • Professional advisers: legal and accounting professionals where required.
  • Authorities: regulators or law-enforcement bodies where required by law.

6. Data retention

We keep your personal data only for as long as necessary to fulfil the purposes we collected it for, including to satisfy legal, accounting or reporting requirements. When data is no longer needed, we securely delete or anonymise it.

7. Your rights

Depending on your location, you may have the right to:

  • Access, correct or delete your personal data.
  • Restrict or object to certain processing.
  • Request data portability.
  • Withdraw consent at any time (without affecting lawful processing before withdrawal).
  • Lodge a complaint with a supervisory authority.

To exercise any of these rights, please contact us using the details on our site. We aim to respond within one month.

8. Security

We use appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS/SSL), access controls, and regular security reviews.

9. Cookies

We use essential cookies to operate the site and analytics cookies to understand how visitors interact with it. You can manage cookie preferences through your browser settings.

10. Changes to this notice

We may update this Privacy Notice from time to time. The latest version will always be posted on this page with the updated date.