Privacy Policy

1. Introduction

GraniteAi (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information across our two primary offerings:

  • Enterprise Consulting — bespoke AI applications and software solutions built for clients.
  • The Quarry — our community platform at graniteai.co/community, where members connect, share knowledge, and collaborate on AI and software projects.

By using our website or services, you agree to the practices described below.

2. Information We Collect

Enterprise Consulting

  • Client business data required for AI model training or configuration.
  • User interaction data within the custom applications we build.
  • Contact information for project management and support.
  • System logs and performance data for maintenance and optimization.

The Quarry Community

When you sign up or use The Quarry, we collect:

  • Google profile information — your name, email address, and profile picture, provided via Google Sign-In through our authentication provider (Clerk).
  • User-generated content — posts, comments, chat messages, direct messages, profile details, skill tags, build logs, and project board contributions you create within the platform.
  • Community interaction data — membership activity, certification progress, and engagement patterns used to improve the platform experience.
  • Usage and analytics data — page views, feature usage, and session information collected through PostHog to help us understand how the platform is used.

3. How We Use Your Information

Enterprise Consulting

  • Deliver and maintain custom AI and software solutions.
  • Improve system accuracy and performance.
  • Provide technical support and security monitoring.
  • Comply with legal and enterprise security requirements.

The Quarry Community

  • Authenticate your identity and manage your account.
  • Power community features: real-time chat, direct messaging, member profiles, project boards, and certification tracking.
  • Provide AI-powered assistance within the platform (e.g., the chat assistant).
  • Analyze usage patterns to improve features and user experience.
  • Send relevant community notifications and updates.

4. Google Sign-In & Limited Scopes

The Quarry uses Google Sign-In exclusively for authentication. We request only the minimum scopes needed to identify you:

  • email — your Google account email address.
  • profile — your name and profile picture.
  • openid — standard OpenID Connect identifier.

We do not request access to your Google Calendar, Contacts, Drive, Gmail, or any other Google services. Your Google credentials are handled entirely by Clerk and Google — we never see or store your Google password.

5. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, secure API management, and access controls. Our systems are built with security-by-design principles. Community data is stored in a managed PostgreSQL database with encrypted connections, and authentication is handled by a dedicated, SOC 2-compliant provider.

6. Third-Party Services

We use the following third-party services to operate our platform. Each processes data according to their own privacy policies:

The Quarry Community

  • Clerk — authentication and user management, including Google Sign-In.
  • Neon — managed PostgreSQL database for community data storage.
  • Upstash — real-time messaging infrastructure for chat features.
  • PostHog — product analytics and usage tracking.
  • OpenAI — AI chat assistant capabilities within the platform.
  • Vercel — application hosting and deployment.

Enterprise Consulting

Our consulting solutions may integrate with enterprise platforms (e.g., Salesforce, AWS, OpenAI). Data processing by these third parties is governed by their respective privacy policies and our enterprise data processing agreements.

7. Data Retention

Community data is retained for as long as your account remains active. If you wish to delete your account and associated data, contact us at jason@graniteai.co. We will process deletion requests within 30 days.

Enterprise client data is retained according to the terms of each individual engagement and applicable data processing agreements.

8. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us. You may also revoke Google Sign-In access through your Google Account permissions page.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of our services after changes constitutes acceptance of the revised policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at jason@graniteai.co.

Last Updated: April 7, 2026