Privacy Policy

GovGrids (“GovGrids,” “we,” “our,” or “us”) is committed to protecting the privacy, confidentiality, and security of the information entrusted to us. GovGrids provides software, digital infrastructure, data management, workflow automation, and related technology solutions for towns, cities, counties, municipalities, public agencies, and other government organizations throughout the United States.

This Privacy Policy explains how we collect, use, store, disclose, retain, and protect information when individuals, government personnel, municipal staff, contractors, residents, constituents, and other authorized users access or use our websites, applications, portals, cloud-based systems, hosted platforms, implementation services, onboarding services, support services, integrations, and related offerings (collectively, the “Services”).

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy, subject to applicable laws, municipal procurement requirements, contractual obligations, and public-sector data governance rules that may apply to a particular customer engagement.

1. Scope of This Privacy Policy

This Privacy Policy applies to information collected:

  • Through GovGrids websites, portals, and digital applications
  • During implementation, onboarding, migration, and support activities
  • Through communications with customers, users, or prospective clients
  • Through customer use of hosted or cloud-enabled municipal software systems
  • Through integrations with third-party systems authorized by our customers
  • Through records, files, forms, and data submitted to or processed within the Services

This Privacy Policy does not replace any separate agreement, data processing addendum, master services agreement, subscription agreement, procurement contract, or governmental records policy that may govern the relationship between GovGrids and a public-sector customer. Where a contract or applicable law imposes stricter requirements, those requirements will govern.

2. Categories of Information We Collect

Depending on the nature of the Services and the specific municipal or government use case, we may collect, receive, store, host, process, or otherwise handle the following categories of information:

A. Account and Identity Information

  • Full name
  • Business or government email address
  • Phone number
  • Department, agency, municipality, or organization name
  • Job title or role designation
  • Username, login credentials, and authentication-related data
  • Access permissions, user role settings, and administrative controls

B. Government, Municipal, and Operational Data

  • Service requests, case records, permits, inspections, work orders, and application data
  • Constituent or resident-submitted forms and requests
  • Uploaded files, documents, images, attachments, and supporting records
  • Internal municipal workflow records and departmental activity logs
  • Property-related, zoning-related, licensing-related, or public administration records
  • Historical data migrated into the platform during onboarding or implementation
  • Metadata associated with records, including timestamps, status history, and processing actions

C. Technical and Device Information

  • Internet Protocol (IP) address
  • Browser type and browser version
  • Operating system and device identifiers
  • Date and time of access
  • Pages viewed, features used, and interaction logs
  • Session activity and navigation behavior within the Services
  • Diagnostic, performance, crash, and error-reporting information

D. Communications and Support Information

  • Support tickets and help desk submissions
  • Email correspondence and contact form submissions
  • Implementation notes, onboarding records, and training-related communications
  • Feedback, suggestions, surveys, and quality assurance responses

E. Integration and Connected System Data

If a customer authorizes integration with third-party services, we may receive or exchange limited information necessary to enable those integrations, such as account identifiers, transactional records, workflow synchronization data, and API-connected records, subject to the permissions and controls established by the customer.

3. Information We Do Not Intentionally Collect

GovGrids does not intentionally collect personal information beyond what is reasonably necessary to provide the Services, fulfill contractual obligations, support government workflows, maintain security, or comply with legal requirements. We do not sell personal information. We do not intentionally collect information from children under 13 through consumer marketing activities, and our Services are not directed to children as a general audience product.

4. How We Collect Information

We may collect information in the following ways:

  • Directly from users when they create accounts, submit forms, upload records, or communicate with us
  • From municipal or government customers that provide data for implementation, migration, or ongoing use of the platform
  • Automatically through system logs, cookies, analytics technologies, and security monitoring tools
  • From third-party systems, software vendors, or integrations authorized by the customer
  • From training, onboarding, implementation, and support interactions

5. How We Use Information

GovGrids may use collected information for legitimate business, contractual, administrative, legal, and public-sector operational purposes, including to:

  • Provide, host, operate, maintain, and support the Services
  • Authenticate users and manage accounts, permissions, and access controls
  • Process municipal records, requests, applications, workflows, and service transactions
  • Perform onboarding, system configuration, implementation, and data migration services
  • Troubleshoot operational issues and respond to customer support requests
  • Monitor system performance, reliability, usage, and service quality
  • Protect the confidentiality, integrity, and availability of the Services
  • Detect, investigate, prevent, or respond to unauthorized activity, misuse, fraud, or security incidents
  • Improve product functionality, workflow design, accessibility, and user experience
  • Develop new features, modules, integrations, and service enhancements
  • Comply with legal obligations, regulatory requirements, lawful requests, audits, investigations, and enforcement needs
  • Enforce contractual terms, platform rules, and acceptable use requirements
  • Maintain records necessary for governance, accountability, business continuity, disaster recovery, and risk management

6. Legal Bases and Public-Sector Context

Where applicable, GovGrids processes information based on legitimate interests, contractual necessity, compliance with legal obligations, customer instructions, public-sector administrative purposes, and other legally recognized grounds. In many cases, GovGrids acts as a service provider, processor, or contractor on behalf of a municipal or government customer, and that customer determines the purpose and means of processing certain data within the platform.

Because our Services are used by public-sector entities, certain records processed through the Services may be subject to public records laws, retention schedules, freedom of information requirements, governmental audit obligations, litigation holds, procurement rules, or other legal frameworks applicable to the customer. GovGrids processes such information in accordance with customer instructions, applicable law, and contractual commitments.

7. Cookies, Session Tools, and Similar Technologies

We may use cookies, session identifiers, browser storage, log files, analytics tools, and similar technologies to operate the Services, authenticate users, maintain secure sessions, remember preferences, improve usability, monitor performance, and detect abuse or security anomalies. Some features may not function correctly if certain cookies or technical settings are disabled.

Customers and users may manage browser-level cookie settings through their own devices and browser controls, subject to technical limitations and the requirements of specific Service features.

8. Disclosure and Sharing of Information

GovGrids does not sell personal information. We may disclose or share information only in the following circumstances:

  • With Municipal and Government Customers: We may make information available to the town, city, county, municipality, agency, or public body that owns, administers, or authorizes use of the Services.
  • With Authorized Users: Information may be visible to staff, administrators, reviewers, inspectors, managers, officials, or other authorized personnel based on role-based access settings.
  • With Service Providers and Subprocessors: We may share limited information with trusted vendors that support hosting, infrastructure, security, analytics, implementation, communications, backup, or other operational functions, subject to confidentiality and security obligations.
  • For Legal Compliance: We may disclose information where required to comply with applicable law, court order, subpoena, lawful request, regulatory inquiry, audit, or governmental process.
  • To Protect Rights and Security: We may disclose information when necessary to protect our rights, users, customers, the public, or the integrity and security of the Services.
  • In Connection With Corporate Transactions: We may disclose information as part of a merger, acquisition, financing, asset sale, reorganization, or similar transaction, subject to appropriate safeguards and legal requirements.
  • With Customer Direction or Consent: We may share information when directed or authorized by the applicable customer or user.

9. Data Hosting, Storage, and Infrastructure

Information processed through the Services may be stored in secure cloud environments, hosted systems, backup systems, disaster recovery systems, and related infrastructure used to support the availability, integrity, and resilience of the platform. We take reasonable steps to ensure that service environments are configured to support secure access, monitoring, and continuity of operations.

Where required by contract, law, procurement terms, or customer request, GovGrids may support additional data residency, government hosting, or security requirements, subject to service scope and technical feasibility.

10. Data Security

GovGrids maintains administrative, technical, and physical safeguards designed to protect information from unauthorized access, use, disclosure, alteration, loss, or destruction. These safeguards may include, as appropriate, encryption, access restrictions, authentication controls, role-based permissions, secure transmission methods, logging, monitoring, patching, backup procedures, vendor controls, and incident response practices.

While we use commercially reasonable and industry-aligned safeguards, no system, platform, network, transmission method, or storage environment can be guaranteed to be completely secure. Users and customers are also responsible for maintaining the confidentiality of their credentials, limiting unauthorized access to their accounts, and using the Services in accordance with applicable security policies.

11. Data Retention

GovGrids retains information for as long as reasonably necessary to provide the Services, fulfill contractual obligations, maintain business continuity, resolve disputes, enforce agreements, support legitimate operational needs, and comply with applicable laws, regulations, audit obligations, litigation holds, and record retention requirements.

Retention periods may vary depending on the type of information, the applicable customer requirements, the nature of the government function, contractual terms, system logs, security requirements, and relevant legal obligations. In many cases, municipal or government customers control retention schedules for the data they manage through the Services.

12. Data Migration, Conversion, and Onboarding

As part of onboarding, implementation, or modernization projects, GovGrids may assist customers with importing, converting, mapping, validating, and migrating legacy or historical data from prior systems, spreadsheets, databases, paper records, scanned records, or third-party software platforms into the Services.

Such migration activities are performed to support operational continuity, record accessibility, service delivery, reporting, and efficient administration. Customers are responsible for ensuring they have the authority to provide data for migration and for verifying the accuracy, completeness, and appropriateness of the data submitted for onboarding.

13. User Rights and Requests

Subject to applicable law, customer direction, and public-sector legal requirements, individuals may have the right to request access to, correction of, deletion of, or limitation on certain personal information. Because GovGrids often acts on behalf of a municipal or government customer, requests relating to data maintained by that customer may need to be directed to the relevant town, city, county, municipality, agency, or department that controls the data.

Where GovGrids is able to act directly on a verified request, we may do so in accordance with applicable law, contractual commitments, operational requirements, public records obligations, and record retention rules. Requests may be submitted using the contact details provided below.

14. Public Records, Government Transparency, and Customer-Controlled Data

Because GovGrids serves public-sector entities, certain records stored or processed through the Services may be subject to public records requests, transparency laws, open government obligations, records management rules, or other disclosure requirements applicable to the customer. GovGrids does not determine whether a particular record must be disclosed under public records law unless required by law or contract to do so. Those decisions are generally made by the responsible government entity.

Customers are responsible for administering their own legal obligations relating to public records access, classification, retention, and lawful disclosure, unless otherwise expressly agreed in writing.

15. Third-Party Services and Integrations

The Services may interface with or rely on third-party services, infrastructure providers, communications tools, payment providers, mapping providers, identity systems, data export tools, or other software integrations authorized by a customer. GovGrids is not responsible for the privacy practices of third-party platforms except to the extent required by law or contractual commitments directly applicable to our role in the integration. Customers and users should review the privacy terms of relevant third-party services where appropriate.

16. Children’s Privacy

GovGrids’ Services are intended primarily for municipalities, local governments, public agencies, government employees, contractors, and authorized adult users. Our Services are not designed as consumer services directed to children under 13. We do not knowingly collect personal information directly from children under 13 except where such information may be submitted by a municipal or government customer as part of a lawful governmental process, record, or service function.

If you believe that personal information from a child has been provided to us inappropriately or outside the intended scope of the Services, please contact us so that we can review the matter and take appropriate action.

17. Cross-Border Use

GovGrids is designed to support customers in the United States. If the Services are accessed from outside the United States, users acknowledge that information may be transferred to, stored in, and processed in the United States or other jurisdictions involved in supporting the Services, subject to applicable legal, contractual, and security requirements.

18. Changes to This Privacy Policy

We may revise or update this Privacy Policy from time to time to reflect changes in our Services, technology, security practices, legal requirements, operational needs, or customer obligations. When we make material changes, we may update the effective date above and take additional steps to provide notice where required by law or contract.

Continued use of the Services after an updated Privacy Policy becomes effective constitutes acknowledgment of the revised policy, except to the extent a different form of notice or consent is required under applicable law.

19. Contact Information

If you have questions about this Privacy Policy, privacy practices, data handling, or wish to submit a privacy-related request, please contact:

GovGrids

20. Important Notice

This Privacy Policy is provided for general informational purposes and should be reviewed and approved by legal counsel familiar with applicable federal, state, local, and public-sector privacy, procurement, records, accessibility, and data governance requirements before publication or use in production.