What cookies and similar technologies Gravity uses, what each is for, and how you can control them.
This Cookie Policy explains how XAI Technologies Pvt Ltd, operating as Gravity AI ("Gravity," "we," "us," or "our"), uses cookies and similar tracking technologies on the Gravity website, web application, and APIs (collectively, the "Platform"). It supplements our Privacy Policy.
1.1. A "cookie" is a small text file stored on your device by your browser when you visit a website. We also use "similar technologies" (local storage, session storage, pixels, server logs, and SDK identifiers) that perform the same kinds of jobs as cookies.
1.2. This policy applies to gravity.fast, all sub-domains, the in-app experience, and any API consoles or documentation we publish.
We classify cookies into four categories. Only "Strictly Necessary" cookies are set automatically; the rest are set only when you opt in (in regions that require consent).
| Category | What it does | Can you turn it off? |
|---|---|---|
| Strictly Necessary | Sign-in, session, security, fraud prevention, load balancing, region selection, billing. | No — the Platform won't work without these. |
| Functional | Remembering preferences (theme, language, last-used Agent), draft auto-save, ToC state. | Yes, but the Platform will feel less personal. |
| Analytics | Aggregated usage measurement (pages viewed, feature adoption, error rates) so we can improve the Platform. | Yes. |
| Marketing | Measuring the performance of campaigns and creator referrals; not used for cross-site behavioral advertising. | Yes. |
The following cookies are set directly by gravity.fast.
| Name (or pattern) | Category | Purpose | Duration |
|---|---|---|---|
grv_session | Strictly Necessary | Authenticated session token (HttpOnly, Secure, SameSite=Lax). | Session |
grv_csrf | Strictly Necessary | Cross-site request forgery protection. | Session |
grv_region | Strictly Necessary | Routes you to the nearest data region. | 1 year |
grv_theme | Functional | Stores light/dark preference. | 1 year |
grv_consent | Strictly Necessary | Records your consent choices for non-essential cookies. | 13 months |
grv_locale | Functional | Selected display language and number format. | 1 year |
grv_referral | Marketing | Attributes a Creator referral for up to 90 days. Only set when arriving via a Creator link. | 90 days |
Some pages load resources from trusted third parties. These third parties may set their own cookies under their own privacy policies.
| Provider | Why we use it | Their policy |
|---|---|---|
| Cloudflare (CDN, DDoS protection, Web Analytics) | Edge caching, security, and privacy-respecting analytics that does not use cross-site tracking cookies. | cloudflare.com/privacypolicy |
| Razorpay (payment processor — India) | Cookies set during checkout for fraud prevention and payment session. | razorpay.com/privacy |
| Stripe (payment processor — international) | Cookies for fraud prevention (Stripe Radar) and payment session. | stripe.com/privacy |
| Google Fonts | Serves the Inter and JetBrains Mono web fonts. We preconnect; we do not use Google Analytics on the marketing site. | policies.google.com/privacy |
| Waitlister | Embedded waitlist signup widget on the homepage. Sets a session cookie if you submit the form. | waitlister.me/privacy |
| YouTube / Vimeo (only on pages with embedded videos) | Plays embedded product video. We use privacy-enhanced embeds where supported. | Provider-specific. |
4.1. Gravity does not use cookies for cross-site behavioral advertising, retargeting pixels (Meta, Google Ads, TikTok), or third-party data brokers.
6.1. Strictly Necessary cookies are set on the basis of "legitimate interest" (UK/EU GDPR Art 6(1)(f)) or, where required, the ePrivacy "necessary for the service requested" exception. They do not require consent.
6.2. Functional, Analytics, and Marketing cookies are only set after you give consent through our cookie banner (in regions where consent is required, including the EEA, UK, and Switzerland under ePrivacy + GDPR). Consent can be withdrawn at any time.
6.3. India. Under DPDPA, we obtain notice-based consent through the cookie banner and the Privacy Policy.
6.4. California. We honor Global Privacy Control (GPC) signals as a valid opt-out request under CCPA/CPRA.
You have multiple ways to control cookies and similar technologies:
Blocking Strictly Necessary cookies will break sign-in, billing, and security features.
8.1. EEA / UK / Switzerland. We comply with the ePrivacy Directive and UK PECR. You may lodge a complaint with your local supervisory authority (e.g., the ICO in the UK, the Datenschutzbehörde in Austria).
8.2. India. Cookies that process personal data are governed by the DPDPA. The Grievance Officer for cookie-related complaints is listed in Section 10 below and in our Privacy Policy § 12.
8.3. California. The categories of personal information collected via cookies are described in our Privacy Policy § 1. You may opt out of "sale" or "sharing" using the GPC signal or the cookie banner; Gravity does not sell personal information.
We update this Cookie Policy when we add, remove, or repurpose cookies. The "Last Updated" date at the top of this page reflects the latest revision. Material changes are summarized at the top of the page for thirty (30) days.
XAI Technologies Pvt Ltd (operating as Gravity AI)
Privacy: privacy@gravity.fast
Grievance Officer (DPDPA): dpo@gravity.fast
Registered office: BSR Meghana Residency, 17th B Main Rd, KHB Colony, 6th Block, Koramangala, Bengaluru, Karnataka 560095, India.