Legal

Privacy Policy

Last updated: 2026-04-19

Glitch Grow is an AI software tool operated by Nuraveda, a sole proprietorship owned by Tejas Karan Agrawal at 77 Huntley St, Toronto, ON M4Y 2P3, Canada. This policy covers personal data collected through grow.glitchexecutor.com and the tools we license to subscribers.

1. Data controller & contact

Nuraveda is the data controller. Contact support@glitchexecutor.com for any access, correction, deletion, or other data-related request. We acknowledge requests within 7 days and respond within 30 days (or the period required by your applicable law).

2. What we collect

  • Contact form submissions — name, email, company, and the message you send us. Stored in encrypted Postgres.
  • Account identifiers — account credentials for access control and billing.
  • Connected-platform tokens — Meta, Amazon, Shopify, and similar OAuth tokens you authorise, used only to operate the tools you've enabled. Encrypted at rest.
  • Billing data — handled by Stripe; we receive customer ID, email, amount, last-4 of card, and plan.
  • Analytics — page views, referrers, device type, and approximate (city-level) location. When Google Analytics 4 is enabled on a site, it sets first-party cookies (_ga, _ga_<ID>) and sends pseudonymous event data to Google (acting as our processor). No device fingerprinting, no cross-site ad retargeting.
  • Turnstile challenge data — processed by Cloudflare; we receive only pass/fail.
  • Server logs — IP, timestamp, path, retained up to 30 days.

3. Legal basis

Depending on which privacy regime applies to you, we rely on one or more of: contract performance (Canada PIPEDA; EU/UK GDPR Art. 6(1)(b); UAE PDPL Art. 5(1)(c); India DPDPA §7(a)), legitimate interests (security, product improvement), legal obligation (tax, accounting, sanctions screening), and consent (optional marketing, withdrawable any time).

4. What we don't do

  • No selling or licensing of personal data to third parties.
  • No enrichment of form submissions against third-party data brokers.
  • No profiling or automated decisions producing legal effects on you.
  • No data collection from anyone we know to be under 18.
  • No device fingerprinting beyond the standard pixel tags listed below.

5. Sub-processors

  • Cloudflare, Inc. — site delivery, WAF, Turnstile, Pages hosting.
  • Stripe, Inc. — payments and subscription billing.
  • Google Ireland Limited / Google LLC — Google Tag Manager (tag orchestration) and Google Analytics 4 (pageview and event telemetry, processed under Google's Ads Data Processing Terms; cookies _ga, _ga_<ID>).
  • Meta Platforms, Inc. — Meta Pixel (browser-side) and Conversions API (server-side) for ad measurement and retargeting. Server-side identifiers are SHA-256 hashed.
  • TikTok Pte. Ltd. — TikTok Pixel for ad measurement and retargeting on TikTok campaigns.
  • Resend, Inc. — transactional and lifecycle email delivery.
  • Meta, Amazon, Shopify (and similar platforms) — where you connect your own accounts for tool operation.
  • Primary database hosting — Postgres-compatible, encrypted at rest, located in Iowa, United States.

6. International transfers

Our primary database is in Iowa, United States. Because the controller (Nuraveda) is based in Province of Ontario, Canada, most personal data is transferred from Canada to the United States and may be subject to U.S. law, including lawful-access regimes that differ from Canadian law. Transfers for users in other regions rely on SCCs (EU), UK IDTA, adequacy decisions, UAE PDPL Art. 22, and India DPDPA §16 where applicable. Separately, when Google Analytics 4 is enabled, pageview and event data flow directly from visitors' browsers to Google servers in the US and EU under Google's own transfer mechanisms (Google's SCCs + Supplementary Measures).

7. Retention

  • Account & tool telemetry — subscription lifetime plus 24 months.
  • Contact-form submissions — 24 months, or sooner on deletion request.
  • Server logs — up to 30 days.
  • Billing records — 6–7 years (CRA tax retention).

8. Your rights

You may have rights to access, rectify, erase, restrict, port, object, or withdraw consent regarding your personal data, and to complain to your data-protection authority — including the Office of the Privacy Commissioner of Canada (priv.gc.ca) and the Information and Privacy Commissioner of Ontario. Submit requests to support@glitchexecutor.com; we verify identity before actioning.

9. Breach notification

Any breach of security safeguards posing real risk of significant harm will be notified to the Office of the Privacy Commissioner of Canada and affected individuals per PIPEDA, and to other supervisory authorities within their statutory timelines where applicable.

10. Client engagements

When we provide tools under a signed Master Services Agreement or Data Processing Addendum with a client, that agreement governs — not this page. Ask your account contact for the applicable agreement.

11. Contact

support@glitchexecutor.com

Nuraveda
Attention: Tejas Karan Agrawal
77 Huntley St, Toronto, ON M4Y 2P3, Canada
Tel: +1 437 539 7958

Free Vibe Coder Kit

Get the kit. Ship like a vibe coder.

Installs into Claude Code, Codex, or OpenClaws in under a minute. Required to deploy our paid agents.

Protected by Cloudflare Turnstile. We never share your details. Unsubscribe any time.