Privacy Policy

Effective date: 12 April 2026

This Privacy Policy explains how Groop Labs Ltd (company number 16930324) collects, uses, stores, shares, and protects personal data when you use Grooop, including its group-planning features, messaging features, and Gia, the AI assistant in the Grooop app.

In this policy, “Grooop”, “we”, “us”, and “our” mean Groop Labs Ltd.

Groop Labs Ltd is the company responsible for Grooop.

Data controller: Groop Labs Ltd, company number 16930324
Contact email: hello@groop-labs.com
Registered office: 29 Balmoral Drive, Grantham, NG31 8SY, United Kingdom

If you have questions about this Privacy Policy or how we handle personal data, please contact us using the details above.

This policy applies to personal data we process when you:

• create or use a Grooop account;
• join or interact with groups in Grooop;
• send or receive messages through Grooop;
• use Gia, the AI assistant in the Grooop app;
• connect optional third-party services or integrations;
• contact us for support; or
• otherwise interact with Grooop.

Depending on how you use Grooop, we may collect and process the following categories of personal data:

a. Account and profile information

• name or display name;
• username;
• email address;
• phone number, if you provide it;
• profile photo or avatar;
• login and authentication details.

b. Group, planning, and communication data

• group memberships;
• messages, replies, reactions, and other content you share in Grooop;
• planning details such as availability, proposed times, attendance intentions, preferences, and scheduling responses;
• information you provide to Gia, including prompts, questions, and follow-up messages;
• content generated by Gia in response to your or your group’s inputs.

c. Calendar, contacts, and integration data

If you choose to connect optional services, we may process data from those services, such as:

• calendar availability and event metadata;
• contact or invite information;
• integration identifiers and tokens.

We only process this kind of data where you choose to connect or enable the relevant feature.

d. Device and technical data

• IP address;
• device type, operating system, app version, language, and time zone;
• identifiers needed to keep the service secure and working properly;
• log data, crash data, diagnostics, and performance information.

e. Approximate location data

Grooop may process approximate location-related information where it is inferred from information users provide in the app, including messages processed by Gia, or where users otherwise provide location context for planning.

f. Support and feedback data

• messages you send to us;
• survey responses;
• feedback, bug reports, and related correspondence.

We collect personal data:

• directly from you, when you sign up, use Grooop, message in the app, contact support, or use Gia;
• from other users, for example when they add you to a group, mention you, invite you, or share planning information involving you;
• from connected services, where you choose to link an account or enable an integration; and
• automatically, through the operation of the app and related systems, such as logs, diagnostics, and security monitoring.

Under UK data protection law, we need a lawful basis for processing personal data. Depending on the context, we rely on one or more of the following:

• Contract: where processing is necessary to provide Grooop and its features to you.
• Legitimate interests: where processing is necessary for our legitimate interests or those of our users, and those interests are not overridden by your rights and freedoms.
• Consent: where the law requires consent, or where we ask for it for a specific optional feature.
• Legal obligation: where we need to process data to comply with the law.

We use personal data for the following purposes:

a. To provide and operate Grooop

This includes creating accounts, supporting group planning, showing availability-related information, delivering messaging features, and operating Gia.

Lawful basis: Contract

b. To help groups coordinate and make planning easier

This includes reconciling scheduling inputs, surfacing suggested times, identifying conflicts, and helping users communicate in context.

Lawful basis: Contract and, where appropriate, Legitimate interests

c. To provide Gia, the AI assistant in the Grooop app

This includes processing prompts, messages, planning context, and related content so Gia can generate responses, summaries, suggestions, and assistance within the app.

Lawful basis: Contract and, where appropriate, Legitimate interests

d. To maintain, improve, and troubleshoot the service

This includes debugging, testing, analytics, performance monitoring, quality assurance, and product improvement.

Lawful basis: Legitimate interests

e. To keep Grooop safe and secure

This includes detecting abuse, fraud, harmful activity, misuse of the service, unauthorised access, and security incidents.

Lawful basis: Legitimate interests and Legal obligation where applicable

f. To communicate with you

This includes sending service-related notices, security alerts, support updates, and administrative messages. Grooop does not send marketing emails.

Lawful basis: Contract, Legitimate interests, or Consent, depending on the message

g. To comply with legal and regulatory obligations

This includes responding to valid legal requests, exercising or defending legal claims, and meeting accounting, corporate, tax, or regulatory requirements.

Lawful basis: Legal obligation and Legitimate interests

Gia is the AI assistant in the Grooop app. When you use Gia, we may process:

• your prompts and messages;
• relevant group context and planning information;
• related account, device, and usage information needed to provide the feature; and
• outputs generated by Gia.

We use this information to operate Gia, provide context-aware assistance, improve reliability and safety, and investigate misuse or failures.

Where needed to provide AI-assisted features, we may use carefully selected third-party service providers acting on our behalf, including infrastructure, hosting, and AI-processing providers.

Gia does not use user messages to train AI models.

Unless we tell you otherwise in a feature-specific notice, we do not currently use Gia to make decisions about you that produce legal effects or similarly significant effects based solely on automated processing.

You should avoid sharing information with Gia that you do not want processed for the purpose of generating a response or assisting with planning.

We may share personal data in the following circumstances:

a. With other users of Grooop

Information you share in groups, chats, scheduling flows, invites, or collaborative features may be visible to other relevant users in those contexts.

b. With service providers and processors

We may share data with trusted providers who help us run Grooop, such as providers of:

• cloud hosting and storage;
• authentication;
• analytics and diagnostics;
• customer support tools;
• communications infrastructure;
• security and fraud-prevention services;
• AI and machine-learning infrastructure used to power Gia.

These providers are authorised to process personal data only on our instructions and for the purposes described in this policy.

c. With connected third-party services

If you choose to connect an external service, we may exchange data with that service as needed to enable the feature you requested.

d. For legal reasons

We may disclose data where required by law, regulation, legal process, or a valid request from a public authority, or where necessary to protect rights, safety, property, users, or the integrity of Grooop.

e. In a business transaction

If Groop Labs Ltd is involved in a merger, acquisition, financing, reorganisation, sale of assets, or similar transaction, personal data may be shared as part of that process, subject to appropriate safeguards where required.

Some of our service providers may process personal data outside the UK. Where we make a restricted transfer of personal data, we will use a lawful transfer mechanism and appropriate safeguards required by applicable law.

Depending on the circumstances, this may include transfer to a country recognised as providing adequate protection, or the use of contractual safeguards and related risk assessments.

We keep personal data only for as long as reasonably necessary for the purposes described in this policy, including to provide the service, maintain security, resolve disputes, enforce our terms, and meet legal obligations.

Retention periods vary depending on the type of data and how you use Grooop. For example:

• account data is generally kept while your account remains active and for a limited period afterwards where needed for legal, security, backup, or fraud-prevention reasons;
• group content, messages, and planning records may be retained while needed to provide the relevant group history and service functionality. Users cannot currently delete messages themselves in the app;
• support records may be retained for as long as needed to handle the issue and maintain an audit trail;
• technical logs and diagnostics are usually kept for shorter periods unless needed for investigations or security purposes.

Where possible, we may delete, aggregate, or anonymise data so it can no longer identify you.

Depending on your location and the circumstances, you may have the right to:

• be informed about how your personal data is used;
• access a copy of your personal data;
• correct inaccurate or incomplete personal data;
• request deletion of your personal data;
• restrict certain processing;
• object to certain processing, including some processing based on legitimate interests;
• receive certain personal data in a portable format;
• withdraw consent where we rely on consent.

To exercise your rights, please contact us at hello@groop-labs.com.

You also have the right to complain to the Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed.

Grooop is intended for users aged 16 and over.

If you believe someone under this age has provided personal data to us in a way that is not appropriate or lawful, please contact us and we will review the issue.

Where required, we will apply additional protections for younger users’ personal data and present privacy information in clear language appropriate to the audience.

We use appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.

No service can guarantee absolute security, but we work to protect personal data in a way that is appropriate to the nature of the information and the risks involved.

Grooop may interact with or link to third-party services. Their privacy practices are governed by their own policies, not this one. We encourage you to review those policies where relevant.

We may update this Privacy Policy from time to time. When we do, we will update the effective date above and, where required, provide additional notice within the app or by other appropriate means.

Groop Labs Ltd
Company number: 16930324
Email: hello@groop-labs.com
Address: 29 Balmoral Drive, Grantham, NG31 8SY, United Kingdom