Privacy Policy

Effective Date: January 5, 2026
Last Updated: January 5, 2026

GrabLoco (“GrabLoco,” “we,” “us,” or “our”) respects your privacy and is committed to protecting personal information. This Privacy Policy explains how we collect, use, disclose, store, and protect information when you access or use the GrabLoco website, mobile applications, and related services (collectively, the “Services”).

GrabLoco is based in the United States. By using the Services, you acknowledge that your information may be processed in the United States and other locations where we or our service providers operate.

1. Scope

This Privacy Policy applies to information collected through:

  • The GrabLoco website and apps
  • Your account registration and profile
  • Purchases, subscriptions, or redemptions (if applicable)
  • Support requests and communications
  • Analytics, cookies, and similar technologies

This policy does not apply to third-party sites or services that may be linked from the Services (including Partner sites). Their practices are governed by their own policies.

2. Information We Collect

2.1 Information You Provide

Depending on how you use the Services, we may collect:

  • Identifiers and contact details (e.g., name, email address, phone number)
  • Account details (e.g., username, password, authentication information)
  • Profile information you choose to provide
  • Communications (e.g., messages to support, feedback, form submissions)
  • Transaction-related information (e.g., purchase history, subscription status)

Payment information: If you make purchases, payment processing is typically handled by third-party payment processors or app stores. We generally receive limited payment-related details (such as confirmation and transaction metadata), not full card numbers.

2.2 Information Collected Automatically

When you use the Services, we may automatically collect:

  • Device and technical data (e.g., device type, browser, operating system)
  • Log data (e.g., IP address, access times, pages viewed, clicks, referring URLs)
  • Approximate location (e.g., city/region based on IP)
  • Performance and diagnostic data (e.g., crash logs)

2.3 Cookies and Similar Technologies

We use cookies, SDKs, pixels, and similar technologies to enable core functionality, remember preferences, enhance security, analyze usage, and improve the Services. You can control cookies through your browser settings and, where available, through cookie preference tools. Disabling certain cookies may affect functionality.

3. How We Use Information

We use information for purposes such as:

  • Providing, operating, maintaining, and improving the Services
  • Creating and managing accounts
  • Processing transactions, subscriptions, or access entitlements (if applicable)
  • Customer support and responding to inquiries
  • Personalizing content and experiences
  • Analytics, product development, and troubleshooting
  • Security, fraud prevention, and abuse monitoring
  • Complying with legal obligations and enforcing our Terms

4. How We Share Information

We may share information in the following circumstances:

  • Service Providers: With vendors who help us run the Services (e.g., hosting, analytics, email delivery, customer support tools, payment processing). They are authorized to use information only as necessary to provide services to us.
  • Partners and Redemptions: If you redeem or interact with an offer or Partner feature, we may share limited information necessary to support redemption, verification, customer support, or fraud prevention. Partners’ handling of information is governed by their policies.
  • Legal and Safety: If required by law, subpoena, court order, or if we believe disclosure is necessary to protect rights, safety, prevent fraud, or respond to lawful requests.
  • Business Transfers: In connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate safeguards.

We do not sell personal information.

5. Aggregated and De-Identified Data

We may create aggregated or de-identified data from information collected through the Services. This data does not identify you and may be used for analytics, reporting, product improvement, security, and business operations. Aggregated and de-identified data is owned by GrabLoco.

6. Data Retention

We retain personal information only for as long as reasonably necessary to fulfill the purposes described in this policy, including to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. When information is no longer needed, we delete, anonymize, or securely dispose of it.

7. Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information against loss, misuse, unauthorized access, disclosure, or alteration. However, no system can be guaranteed 100% secure, and we cannot guarantee absolute security.

8. International Users and Cross-Border Transfers

Because we are based in the United States, your information may be processed and stored in the United States and other jurisdictions where we or our service providers operate. These jurisdictions may have data protection laws that differ from those in your location. Where required by applicable law, we implement appropriate safeguards for cross-border transfers.

9. Your Choices and Rights

Depending on where you live and applicable law, you may have rights such as:

  • Request access to the personal information we hold about you
  • Request correction of inaccurate or incomplete information
  • Request deletion of your personal information (subject to legal exceptions)
  • Object to or restrict certain processing (where applicable)
  • Request a copy of your information (data portability, where applicable)
  • Withdraw consent where processing is based on consent

To exercise these rights, contact us using the details in the “Contact Us” section. We may need to verify your identity before responding.

10. United States Privacy Disclosures

If you are a U.S. resident, you may have additional rights under certain state privacy laws. Where applicable, these may include the right to request access, correction, deletion, and to opt out of certain data uses defined by law.

10.1 California (CCPA/CPRA) Notice

This section applies to California residents where the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) applies.

  • Categories collected: Identifiers (e.g., email), internet/network activity (e.g., usage data), approximate location (via IP), and transaction information (if applicable).
  • Business purposes: Operating the Services, security, analytics, customer support, and improving our offerings.
  • Selling/sharing: We do not sell personal information. We do not “share” personal information for cross-context behavioral advertising in a way intended to trigger opt-out requirements unless explicitly stated in our cookie/advertising settings.
  • Sensitive personal information: We do not intentionally collect “sensitive personal information” as defined by CPRA for the purpose of inferring characteristics.
  • Non-discrimination: We will not discriminate against you for exercising your privacy rights.

California residents may designate an authorized agent to make requests on their behalf, subject to verification requirements.

11. European Economic Area (EEA), United Kingdom, and Switzerland (GDPR/UK GDPR)

If you are located in the EEA, the UK, or Switzerland, GrabLoco typically acts as a “controller” of your personal information for purposes of the Services. We process personal information on the following legal bases, as applicable:

  • Contract: To provide the Services you request
  • Legitimate interests: To secure, improve, and operate the Services (balanced against your rights)
  • Consent: For certain cookies/marketing where required
  • Legal obligation: To comply with laws and lawful requests

You also have the right to lodge a complaint with your local data protection authority. Where required for international transfers, we use appropriate safeguards.

12. Canada (PIPEDA)

If you are in Canada, you may have rights under applicable Canadian privacy laws, including PIPEDA, such as requesting access to and correction of personal information, subject to limited exceptions permitted by law.

13. Asia-Pacific and Other Regions

If you are located in Asia-Pacific or another region (including, for example, Japan, Singapore, Australia, South Korea, India, or elsewhere), we process personal information in accordance with applicable local privacy laws. This generally includes providing notice, limiting use to stated purposes, using reasonable security safeguards, and enabling access/correction where required.

14. Children’s Privacy

The Services are not intended for children under 13 (or the minimum age required by local law). We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us and we will take appropriate steps to delete it.

15. Third-Party Links and Services

The Services may include links to third-party websites or services. We are not responsible for the privacy practices of third parties. We encourage you to review their privacy policies before providing information.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last Updated” date and provide notice as required by law. Your continued use of the Services after changes means you accept the updated policy.

17. Contact Us

If you have questions about this Privacy Policy or want to exercise your rights, contact us at:

Email: contact@grabloco.com
Company: GrabLoco
Address: 680 S Cache Street Suite 100-7403 Jackson, WY 83001
Country: United States