This policy explains Greywell's beta privacy practices in plain language. Greywell does not sell personal information and does not use programme records for advertising.
Last updated: July 3, 2026.
1. Information Collected
Greywell may collect information submitted during intake, Term Route Assessment, waitlist registration, Greywell App use, Telegram bot use where selected or directed, partner consent, dashboard administration, checklist review, DNS declarations, document generation, fee status checks, requests, appeals, infractions, suspensions, exits, archives, and support contact.
- Contact and routing details, including email address, selected contact route, app access identifiers, and Telegram username where applicable.
- Intake answers about schedule, premises, routines, constraints, living situation, preferences, and selected programme options.
- Messages and reports sent through the Greywell App or approved contact route, including musters, movement notices, requests, appeals, welfare reports, and checklist submissions.
- Checklist evidence, which may include images or files submitted by the participant.
- App session, device notice, admission token, document key, offline submission queue, and sync status needed to operate app access.
- Partner nomination, consent, role, access status, partner-route messages, and revocation records where partner involvement is selected.
- Fee status, Stripe checkout/session identifiers, payment status, and recovery logs. Greywell does not store full card numbers.
- Limited first-party usage events, such as page visits, button clicks, form progress, and submission outcomes.
- Operational logs, including dashboard actions, bot routing events, webhook errors, and access checks.
2. How Information Is Used
Information is used to review intake, administer Terms, route app or approved contact-route access, generate documents, confirm readiness, maintain records, process partner involvement, review requests and appeals, support safety boundaries, prevent unauthorized access, and operate the beta service.
Greywell records limited first-party usage events such as page visits, button clicks, form progress, and submission outcomes to maintain and improve the application process.
Greywell does not use programme records to sell advertising or market unrelated services.
3. Services Used
Greywell relies on third-party services to operate:
- Cloudflare for hosting, Workers, database storage, access control, DNS, and operational security.
- Telegram for participant, House Officer, Governor, and partner bot communication where selected, directed, or used as beta fallback.
- Stripe for fee checkout, fee status, and payment receipts.
- Google Workspace for support email and administrative communication.
Those services process information according to their own terms and privacy practices as well as Greywell's configuration.
4. Access and Disclosure
Programme records are intended for Greywell administration. Governor/dashboard access is restricted. Partner access, when approved, is limited by role and does not include unrelated intake disclosures, fee information, private Governor notes, or general account access.
Greywell may disclose information if required by law, to protect service security, to prevent abuse, or where necessary to address an urgent safety concern.
5. App Access, Device Notices, and Offline Queue
The Greywell App may store a paired session, limited app state, queued submissions, and recent display records on the device so the app can load, submit evidence, and retry submissions if connectivity fails. Queued submissions remain on the device until sent, cleared, or app storage is removed.
If device notices are enabled, Greywell stores the information needed to send operational notices to that device. Device notices may be disabled in the app or through device settings.
6. Retention
Greywell keeps records for operational continuity, audit trail, payment reconciliation, safety boundary review, and beta improvement. Completed, exited, archived, or revoked Terms may retain historical records while blocking active access. Some tokenized document access may expire or be revoked.
Raw first-party usage events are retained for up to 90 days.
Retention periods may be refined as the beta develops.
7. Your Choices
- You may withdraw from participation.
- You may request app account closure or session revocation.
- You may ask for partner access to be revoked.
- You may contact Greywell or use the in-app Account & Rights form to ask about records, access, correction, deletion, or a copy of app-visible records.
- Deletion may be limited where records are needed for payment, security, audit, legal, or operational reasons.
8. Security
Greywell uses Cloudflare Access, Governor key checks, Telegram webhook secrets, tokenized document links, app session checks, route-level authorization, and operational logs to reduce unauthorized access. No online service can guarantee perfect security.
Participants and partners are responsible for the security of their own devices, email accounts, app sessions, and Telegram accounts where applicable.
9. Safety and Welfare Reports
The app includes an official welfare/safety reporting surface. These reports are recorded for Governor review and are not treated as casual chat. Greywell is not an emergency service; if there is immediate danger, contact local emergency services or an appropriate professional service first.
10. No Children
Greywell is for adults only. It is not intended for anyone under 18 years of age.
11. Contact
Privacy questions, record requests, withdrawal requests, account closure requests, or safety/privacy concerns may be sent to [email protected].