Privacy Policy

Last updated: April 2, 2026

TrailGrid (“we,” “us,” or “our”) operates the trailgrid.app website, the customer portal at portal.trailgrid.app, and personalized websites hosted on behalf of our customers. This Privacy Policy explains how we collect, use, and protect information when you interact with our services.

Information We Collect

Information You Provide

When you become a customer or interact with our services, we collect:

  • Business name, address, phone number, and email address
  • Business photos, logos, and content you upload through the customer portal
  • Contact information you provide via our contact form
  • Payment information processed through Stripe (we do not store card details directly)

Information We Gather From Public Sources

To build your personalized website, we gather publicly available business information from sources including:

  • Google Places API (business details, ratings, reviews, photos)
  • Google PageSpeed Insights (website performance scores)
  • Your existing website (content, headings, service descriptions)
  • Apollo.io (publicly listed business contact information for initial outreach)

Information Collected Automatically

We use minimal cookies required for authentication (Supabase session cookies). We do not use marketing trackers, analytics pixels, or third-party advertising cookies on the marketing site or customer portal.

How We Use Your Information

  • To build and host your personalized business website
  • To process payments and manage your subscription
  • To communicate with you about your account and service updates
  • To improve our services and website performance
  • To forward leads from your website’s contact form to your designated email

Cold Outreach Disclosure

We may contact local businesses via email to introduce our services. We discover business contact information through publicly available sources including Apollo.io. If you receive an outreach email from us and wish to opt out, you can reply to the email or contact us at [email protected] and we will remove your information from our outreach lists within 48 hours.

Third-Party Services

We use the following third-party services to operate our platform:

  • Stripe — Payment processing. Stripe is PCI DSS Level 1 certified. We never store your full credit card number.
  • Supabase — Database hosting and authentication. Your data is stored in a secure Postgres database with row-level security policies.
  • Cloudflare — Website hosting (Cloudflare Pages), file storage (Cloudflare R2), and CDN services. All traffic is encrypted via HTTPS.
  • Google APIs — Google Places for business data and PageSpeed Insights for performance scoring.

Data Retention

We retain your business information and website content for the duration of your active subscription. After cancellation, your website goes offline within 7 days of the end of your billing period. We retain your content for 30 days after cancellation to allow for data export, after which it is permanently deleted.

Your Rights

You have the right to:

  • Access and update your business information through the customer portal
  • Request export of your content and photos
  • Request deletion of your account and all associated data
  • Opt out of outreach communications at any time

To exercise any of these rights, contact us at [email protected].

Data Security

We protect your information through HTTPS encryption on all services, row-level security policies on our database, PCI-compliant payment processing through Stripe, and access controls that limit data access to authorized personnel only.

Children’s Privacy

Our services are designed for businesses and are not directed at individuals under 18. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active customers of material changes via email at least 30 days before they take effect.

Contact Us

If you have questions about this Privacy Policy, contact us at [email protected].