> ## Documentation Index
> Fetch the complete documentation index at: https://docs.gravitygtm.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Privacy Policy

> How Horizon collects, uses, and protects data

<Warning>
  **Draft — pending legal review.** This page has not been reviewed or
  approved by counsel, and contains placeholder text (shown in brackets)
  that has not yet been filled in. Do not rely on this document as final
  until it has been reviewed and finalized.
</Warning>

*Last updated: July 14, 2026*

## 1. Introduction and Scope

Horizon ("Horizon," "the Service") is a hosted, multi-tenant REST API, MCP (Model Context Protocol) server, and Slack app for LinkedIn person and company enrichment, email finding and verification, job search, and web search. Horizon is operated by Gravity GTM, Inc. ("Gravity GTM," "we," "us," "our"), a sub-product of gravitygtm.com, live at horizon.gravitygtm.com with documentation at docs.gravitygtm.com/horizon.

This Privacy Policy covers two distinct categories of data, and it is important to understand the difference between them:

**(a) Your account data.** This is information about you or your organization as a Horizon customer — your email address, billing information, API key records, and, if you use our Slack app, your Slack workspace information. For this data, Gravity GTM is the **data controller**: we decide why and how this data is processed, and this Policy describes our obligations to you directly.

**(b) Third-party lookup data.** Horizon's core function is helping customers look up information about *other* people and companies — for example, a salesperson enriching a list of prospects. The names, emails, LinkedIn profile data, and company data returned by the Service are personal data about those third parties, not about you. For this category of data, Gravity GTM generally acts as a **processor** (or sub-processor, one level removed) — we process this data only as instructed by, and on behalf of, the customer who submitted the lookup request. The customer acts as the **controller** for that data and is responsible for having a lawful basis to look it up. If you are a data subject whose information was looked up through Horizon by one of our customers, please direct data rights requests to that customer in the first instance, though we will assist where we are able to.

## 2. Information We Collect

**Account and billing data.** When you sign up, we collect your email address and, via our payment processor Stripe, billing and payment details. Gravity GTM never directly handles or stores raw card numbers — Stripe processes and stores this data.

**API keys.** When an API key is issued, it is shown to you once at creation and is stored on our systems only as a one-way SHA-256 hash. We cannot retrieve a plaintext key after issuance; a lost key can only be rotated or revoked.

**Slack workspace data.** If you install the Horizon Slack app, we store: the Slack bot token and the workspace's Horizon API key, both in reversibly-encrypted form (AES-256-GCM), because they are needed to make live calls on the workspace's behalf; and, in plain (unencrypted) form, the Slack workspace ID, workspace name, the ID of the Slack user who installed the app, install/uninstall timestamps, and plan tier.

**Cached lookup results.** To reduce cost and latency, certain lookup results are temporarily cached and may be shared across customers — meaning a lookup already performed by one customer may, within the cache window, be served to another customer who requests the same lookup, rather than making a fresh vendor call. See Section 5 for cache durations by endpoint type.

**Operational logs.** Our systems log metadata only: request ID, tenant/account ID, API key ID, which endpoint was called, credits charged, cache hit/miss status, and timestamps. Logs never contain the substantive content of a lookup — no names, email addresses, LinkedIn URLs, search queries, or vendor response bodies are ever written to logs.

## 3. How We Use Information

We use the information described above to: operate, provide, and bill for the Service, including tracking and deducting prepaid credits; serve cached results to reduce vendor costs and improve response times; detect and prevent fraud, abuse, and security incidents; enforce our rate limits (currently 10 requests per minute for free-trial keys and 60 requests per minute for any paid pack, higher limits available on request for larger accounts); and respond to support and account requests.

## 4. Subprocessors

We use the following subprocessors to provide the Service. Each receives only the data necessary to perform its function:

| Subprocessor                               | Purpose                                                                        | Data Received                                                                                                           |
| ------------------------------------------ | ------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------- |
| HarvestAPI                                 | Backs most enrichment endpoints (LinkedIn profile/company/job/post data)       | LinkedIn URLs, names, company names/domains, search terms                                                               |
| Findymail                                  | Email finding and verification                                                 | A LinkedIn URL or name+domain (to find an email), or an email address (to verify it)                                    |
| You.com                                    | Web search                                                                     | Search queries                                                                                                          |
| Stripe                                     | Payment processing, including free-trial card verification                     | Card and billing data (Gravity GTM does not receive raw card numbers)                                                   |
| Resend                                     | Transactional email (e.g., signup confirmation, credit-purchase notifications) | Customer email address and relevant account notifications                                                               |
| Upstash (managed Redis)                    | Application state storage                                                      | Hashed API keys, credit balances, cached lookup results, Slack workspace connection records                             |
| Vercel                                     | Hosting and infrastructure                                                     | All application data, as the underlying hosting provider                                                                |
| Slack                                      | Slack app integration                                                          | Workspace messages the Horizon bot participates in, and Slack account tokens, as an inherent part of the Slack platform |
| Anthropic (Claude, via Managed Agents API) | Conversational processing for the Slack app                                    | Messages sent to the Horizon Slack bot, used to generate responses and determine which lookups to perform               |

This table is the authoritative, current list of our subprocessors. We may update it as our vendors change; material changes will be reflected here, with the "Last updated" date revised accordingly (see Section 11), and, where required by our Data Processing Agreement, by direct notice to affected customers.

## 5. Data Retention

* **Cached lookup results:** Person enrichment, company enrichment, company people-search, company search, person search, and person-email-find results are cached for up to 24 hours. Email verification results are cached for up to 60 days. Job search, LinkedIn posts, LinkedIn engagement, and web search results are never cached — each request results in a fresh live vendor call.
* **Operational logs:** Retained for no longer than 30 days.
* **Account data:** Retained for the life of your account, and for a reasonable additional period afterward as needed for legal, tax, and accounting purposes.
* **Credit balances:** As of the date of this policy, purchased credits do not expire. We reserve the right to introduce an expiry policy for future purchases; any such change will be reflected in an update to this Policy and, where required, in our terms of service.

## 6. Data Security

We apply technical safeguards appropriate to the sensitivity of each data type: API keys are stored only as one-way SHA-256 hashes and cannot be recovered in plaintext; Slack bot tokens and workspace API keys are stored using AES-256-GCM encryption; and all data in transit to and from the Service is encrypted using TLS. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

## 7. Data Subject Rights

Depending on your jurisdiction, you may have rights under GDPR, CCPA, or similar laws to access, correct, delete, or receive a portable copy of your personal data.

**Account data:** To exercise these rights over your own Horizon account data, contact us at **[help@gravitygtm.com](mailto:help@gravitygtm.com)**. We do not currently offer a self-service or API-based tool for deleting account data itself. Account-data deletion requests are handled manually by our team on request (an operator-assisted process) — we ask for your patience as we do not yet have automated tooling for this.

**Cached lookup data:** Unlike account data, a specific cached lookup result CAN be deleted ahead of its natural expiry via a self-service API call (`DELETE /v1/cache`, authenticated with your own API key) — this lets you force a specific person, company, or email lookup to be freshly re-fetched from the vendor rather than served from cache, without waiting out the retention windows in Section 5. Note that our cache is shared across customers (Section 2), so this deletes the one shared cached entry for those exact lookup parameters, not a customer-specific copy — it does not, and cannot, remove data another customer separately holds outside our cache (e.g., in their own CRM or spreadsheet from an earlier lookup). See [Errors & Rate Limits](/horizon/errors-and-rate-limits) for the exact request shape.

**Third-party lookup data:** If your information was looked up by one of our customers through Horizon, we recommend contacting that customer directly, as they control the purpose and lawful basis of the lookup. We will support such requests as appropriate given our role as a processor.

## 8. International Data Transfers

Horizon's infrastructure and subprocessors may process and store data in countries other than your own, including the United States. Where we transfer personal data across borders, we aim to use appropriate safeguards consistent with applicable law. We are continuing to formalize our specific transfer mechanisms as part of ongoing compliance work.

## 9. Children's Privacy

Horizon is a business-to-business service not directed at, marketed to, or knowingly used by children. We do not knowingly collect personal data from individuals under the age of 16 (or the applicable age of consent in their jurisdiction). If you believe a child has provided us with personal data, please contact us so we can address it.

## 10. California Residents / CCPA

Certain aspects of Horizon's data-enrichment functionality may be relevant to California's data-broker-related regulations and similar laws in other jurisdictions, depending on how the Service is used. We are evaluating our obligations, including any applicable registration requirements, as part of our ongoing compliance program. This Policy will be updated to reflect the outcome of that evaluation, including confirmation of any registration status, once determined. California residents otherwise have rights consistent with those described in Section 7, and may exercise them using the contact information provided there.

## 11. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, the Service, or applicable law. We will update the "Last updated" date above when we do, and for material changes we will make reasonable efforts to notify active customers (e.g., via email or in-app notice).

## 12. Contact Us

Questions about this Policy or requests regarding your data can be sent to:

**[help@gravitygtm.com](mailto:help@gravitygtm.com)**

Gravity GTM, Inc.
2995 55th Street, Unit 17033, Boulder, CO 80308
