Last updated: April 2026
GridFlow ("we", "us", "our") is a Malaysian tax planning service operated by Grid Co. We help Malaysian residents estimate and reduce their personal income tax through our web application at gridflow.my.
We collect: • Account information: email address, name (via Clerk authentication) • Income and tax data: salary, relief amounts, PCB, zakat — entered by you in the calculator • Usage data: pages visited, features used, actions taken (via PostHog analytics) • Payment data: subscription status (via Stripe — we never store card numbers) • Device data: browser type, operating system, IP address
Your data is used to: • Calculate your estimated tax payable • Generate your personalised tax-saving plan • Process subscription payments • Improve our product through anonymised analytics • Send product updates (only if you opt in)
Your data is stored in Supabase (EU region) and processed by Clerk (authentication) and Stripe (payments). All data is encrypted in transit (TLS) and at rest. We do not sell your data to third parties.
We comply with the Personal Data Protection Act 2010 (Malaysia). You have the right to access, correct, or delete your personal data at any time. To exercise these rights, contact us at privacy@gridflow.my or use the Delete Account feature in Settings.
We retain your data for as long as your account is active. When you delete your account, all personal data is permanently deleted within 30 days. Anonymised, aggregated data may be retained for product improvement.
We use: • Clerk (clerk.com) — authentication and session management • Supabase (supabase.com) — database storage • Stripe (stripe.com) — payment processing • PostHog (posthog.com) — product analytics • Sentry (sentry.io) — error monitoring • Vercel (vercel.com) — hosting
We use essential cookies for authentication (Clerk session). We use analytics cookies (PostHog) to understand how you use our product. You can disable analytics cookies in your browser settings.
GridFlow is not intended for users under 18. We do not knowingly collect data from minors.
We may update this policy. We will notify you by email or in-app notification for material changes.
For privacy questions: privacy@gridflow.my
GridFlow is not a licensed tax agent. All information is for planning purposes only and does not constitute professional tax advice. Please consult a licensed tax professional for specific advice.