What are the institutional and regulatory implications of this document?

1) REGULATORY LANDSCAPE: This policy engages GDPR (EU and UK), CCPA/CPRA (California), and references compliance obligations for other international users. The FTC Act is implicated through targeted advertising and data broker-adjacent third-party sharing practices. The policy's assertion that de-identified data 'is not subject to any restrictions under this Policy' and may be disclosed 'for any purpose' may require evaluation under CCPA's definitions of de-identification and GDPR's standards f…

How does Groq's Groq Privacy Policy affect users?

The policy establishes that Groq collects identifiers, device information, browsing behavior, and usage metadata from users and shares this information with advertising networks, analytics providers, and other third-party partners. Users may authorize third-party identity verification services to receive biometric-adjacent data (photo IDs, selfies) directly, with those services processing such data under their own privacy policies. Users in applicable jurisdictions may exercise data access, del…

How often is Groq's Groq Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Groq updates this document?

Yes. Monitor subscribers ($19/month) can add Groq to their watchlist and receive same-day email alerts whenever this document or any other Groq document changes.

CA-D-000492

Groq Privacy Policy

Groq

Last change detected April 29, 2026 Privacy policy

SHA-256: 0fba13b18a358068b01… 1 version captured 0 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Groq ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

8 Total

1 High severity

5 Medium severity

2 Low severity

Summary

This document establishes Groq's data collection, use, and sharing practices for users of its websites, developer console, and chat interface. The policy authorizes Groq to collect personal information including names, email addresses, IP addresses, and usage behavior, and to share this data with third-party advertising and analytics partners. The policy also permits the use of cookies and similar tracking technologies for targeted advertising purposes, and establishes specific data rights and opt-out mechanisms for California residents and users in certain other jurisdictions.

Technical / Legal Breakdown

This Privacy Policy, effective November 12, 2025, governs how Groq, Inc. processes personal information collected from users of its websites (groq.com, community.groq.com, console.groq.com, chat.groq.com), with Groq acting as data controller for these activities; it explicitly excludes Customer Data processed on behalf of business customers through GroqCloud, GroqChat, and APIs, which is governed separately by the Groq Services Agreement and Data Processing Addendum. The policy states that Groq collects identifiers (name, email, phone, IP address), payment information, device data, usage metadata, browsing history, and inferred location, and the terms authorize use of this information for service delivery, performance analytics, advertising and marketing, and sharing with third-party vendors, partners, social media platforms, and advertising networks. A notable provision states that de-identified, anonymized, or aggregated information 'is not subject to any restrictions under this Policy' and may be used and disclosed 'to others for any purpose,' which is a broad carve-out that could encompass commercial data sharing not otherwise constrained by the policy's disclosure framework; additionally, third-party identity verification services receive biometric-adjacent data (photo IDs, selfies) directly from users and process it under their own privacy notices rather than Groq's. The policy references GDPR, CCPA/CPRA, and other international frameworks, providing specific rights disclosures for California residents and international users; EU and UK users are directed to supplemental notices, and the policy's legal basis assertions for processing under GDPR may require independent verification against applicable regulatory guidance. Compliance teams should evaluate data flows involving third-party advertising partners (including cookie-based targeting and cross-site tracking), the scope of the de-identification carve-out, and whether consent mechanisms for targeted advertising meet applicable jurisdictional standards.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

High — 1 provision

Third-Party Identity Verification Under Separate Privacy Notices Compare →

If Groq asks you to verify your identity, you will submit your government-issued ID and a selfie directly to a third-party verification company, which handles that sensitive data under its own privacy policy, not Groq's.

Added April 30, 2026 Standard Seen across 284 platforms

Medium — 5 provisions

De-identified Data Unrestricted Use Carve-Out Compare →

Once Groq converts your data into a de-identified or anonymized form, the company considers itself free to use or share that data with anyone for any reason, without the restrictions in the rest of the privacy policy applying.

Added May 10, 2026 Standard Seen across 284 platforms
Customer Data Exclusion from Policy Scope Compare →

If you are a business or developer using Groq's API or GroqCloud, the data you process through those services is governed by a separate services agreement, not this privacy policy.

Added May 10, 2026 Standard Seen across 284 platforms
Targeted Advertising and Online Analytics Compare →

Groq automatically collects your IP address, browsing history on its sites, how long you use features, what you click on, and details about your device, and uses some of this information for targeted advertising.

Added May 10, 2026 Standard Seen across 284 platforms
Third-Party Data Collection and Supplementation Compare →

Groq may purchase or receive information about you from outside data sources, including public records, social media, and partner companies, and combine that data with what it already knows about you.

Added May 10, 2026 Standard Seen across 284 platforms
California Residents Privacy Rights Disclosure Compare →

California residents have specific rights under CCPA/CPRA, including the right to know what personal information is collected, the right to delete it, and the right to opt out of its sale or sharing for targeted advertising.

Added May 10, 2026 Standard Seen across 284 platforms

Low — 2 provisions

Customer Service Recording and Storage Compare →

When you contact Groq's customer service by phone or chat, those conversations may be recorded and kept for training and quality review.

Added May 10, 2026 Standard Seen across 284 platforms
Children's Privacy Restriction Compare →

Groq's services are not intended for children under 13, and the company states it does not knowingly collect personal data from that age group.

Added May 10, 2026 Standard Seen across 284 platforms