The GridOPPORTUNITY GRID

Legal

Privacy Policy

Last updated: May 2026

The short version

We're a free tool for UK students. We only collect what's needed to run your account and your tracker. We never sell your data, never share it with employers, and you can delete everything in one click. We comply with the UK GDPR and the Data Protection Act 2018.

Who we are

The Grid (also referred to as "Opportunity Grid", "we", "us") is operated as a student-built service in the United Kingdom. For privacy questions, contact us via the contact form.

What we collect

  • Account data: the email address you sign up with, and (optionally) display name.
  • Your Grid: opportunities and scholarships you favourite or track, the stages you set, deadlines you add, and any private notes.
  • Contact submissions: if you message us via the contact form, your name, email, the message and any optional details you include.
  • Technical data: standard server logs (IP address, browser, timestamp) used to keep the service secure and reliable.

What we don't collect

  • No payment details. The Grid is free for students.
  • No third-party advertising trackers.
  • No selling, renting or trading your personal data, ever.

Why we use it (lawful basis under UK GDPR)

  • Contract: to provide the account and tracker you signed up for.
  • Legitimate interests: to keep the service secure, prevent abuse, and improve the product.
  • Consent: for any optional communications you opt in to.

Where your data lives

Your data is stored on managed cloud infrastructure (Supabase, hosted in the EU/UK region). Server logs and operational data may transit through edge networks for performance. All data is encrypted in transit (TLS) and at rest.

How long we keep it

Account and tracker data is kept for as long as your account is active. If you delete your account, all personal data is removed within 30 days. Anonymised, aggregated statistics (e.g. "how many users tracked X opportunity") may be retained.

Your rights

Under UK GDPR you have the right to access, correct, delete, export or restrict the processing of your personal data, and to object to processing. To exercise any of these rights, message us via the contact form with the subject "Data request". We respond within 30 days.

You can also complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

Cookies

We use a small number of strictly necessary cookies to keep you logged in and secure. We do not use advertising or third-party tracking cookies.

Changes

We'll update this page if our practices change. Material changes will be flagged on the homepage.