Privacy Policy

Contact information: email address, name, institution affiliation.

Document data: resumes, essays, personal statements, and user-generated content.

Scholarship matching data: academic background, demographics, interests, and achievements voluntarily shared by users.

Technical data: IP addresses, device/browser information collected for security and operational purposes.

We do NOT collect genetic, biometric, behaviometric (e.g., facial recognition or fingerprints), or other sensitive personal data.

Enhancing and generating documents (resumes, essays, applications).

Matching users with relevant scholarship opportunities.

Facilitating optional, explicit sharing of user data with authorized institutional administrators.

Internal analytics provided in aggregate to institutional partners.

Gradly does not use or disclose data for automated decision-making without human review.

Gradly complies with the Family Educational Rights and Privacy Act (FERPA).

We adhere to applicable state privacy laws (such as CCPA), complying with user rights and providing appropriate notices and disclosures.

Gradly will comply fully with applicable breach notification laws and promptly notify affected individuals and institutions in case of a data breach.

With explicit user consent for institutional administrator review.

With secure subprocessors under strict confidentiality agreements for the purpose of service delivery only.

In response to a valid, legally enforceable warrant or court order.

No third-party analytics or advertising networks receive user data.

Users retain ownership and complete control over their personal information and documents.

Users may review, update, delete, or withdraw consent to their data at any time. Gradly promptly complies with deletion or stop-processing requests.

Gradly maintains accurate, complete, and relevant personal information strictly for the stated purposes.

Certain user inputs are retained for purposes of delivering high quality services for our users.

Users may not opt-out of AI-driven functionality.

Privacy considerations are embedded into Gradly’s software development lifecycle (SDLC), with routine code reviews to identify privacy and ethical risks.

Third-party subprocessors are evaluated to ensure compliance with data privacy regulations. Agreements require subprocessors to maintain appropriate privacy and security standards.

Gradly encrypts all user data (TLS 1.2+ in transit, AES-256 at rest).

We limit data access strictly to authorized internal team members necessary for service delivery.

Gradly follows established protocols for patching, risk mitigation, and incident response.

Gradly team members maintain active, ongoing privacy and security awareness practices.

All future team members will receive mandatory privacy and data ethics training during onboarding.

Gradly regularly evaluates privacy impacts associated with our data processing practices, including assessments of third-party subprocessors.

We proactively manage privacy risks and document our privacy management processes.

User personal data is retained only for the duration necessary to fulfill its stated purpose, comply with agreements, or as required by law.

Data is securely disposed of after the retention period concludes.

We commit to addressing privacy complaints promptly and transparently.

Email: info@gogradly.com

Mailing Address: 1016 Lois Ln., Bowling Green, KY 42104