Privacy Policy

This Privacy Policy describes how GrowthVista AI collects, uses, stores, and protects information when you use our platform. This page is maintained by GrowthVista AI to answer common privacy questions about our service. It applies to visitors of our marketing site, registered users, and agency administrators who manage client accounts through the platform.

• Account data: email address, name, company name, and authentication credentials when you sign up or log in.
• Client data: business profiles, brand knowledge, marketing assets, campaign details, and client engagement data that you enter or generate through the platform.
• Usage data: feature usage, API requests, and platform interactions to improve performance and reliability.
• Support data: messages and attachments you send when contacting support.

• To provide, operate, and improve the GrowthVista AI platform and its features.
• To generate AI-powered content, campaigns, designs, and proposals tied to your Brand Kit.
• To process payments, send billing notices, and manage subscription plans.
• To send essential service notifications and optional product updates (you can opt out of non-essential emails).
• To detect and prevent abuse, fraud, and security incidents.

GrowthVista AI is built on modern cloud infrastructure. The application and its data are hosted through services that provide automatic scaling, encryption at rest and in transit, and regular security updates. We do not operate our own physical data centers.

Shared responsibility: we are responsible for application-level security, access controls, and data handling practices. The underlying platform provider is responsible for infrastructure security, hardware maintenance, and network-level protections. Both parties maintain responsibilities for encryption, patching, and incident response within their respective domains.

We use select third-party services to operate the platform. Current integrations include:

• Cloud database and authentication provider (data storage and user identity)
• AI model providers (content generation services)
• Payment processor (billing and subscription management)
• Email delivery service (transactional and notification emails)

We only share data with subprocessors as necessary to deliver the service, and we expect them to maintain appropriate security and confidentiality standards.

We use essential cookies to maintain your session and authentication state. We may use analytics cookies to understand how visitors use our marketing site and to improve the user experience. You can control non-essential cookies through your browser settings.

• Active accounts: your data is retained as long as your account is active and for a reasonable period afterward to allow account recovery.
• Deleted accounts: when you delete your account, we begin a deletion process that removes personal data within 30 days. Some data may be retained longer if required by law or for legitimate business purposes (e.g., fraud prevention, financial records).
• Client data: if you remove a client from the platform, associated client data is deleted in accordance with the same timeline.

Access to the platform requires authentication via email and password or supported social login providers. Agency administrators control team access and can invite or remove team members. We encourage the use of strong passwords and enable session management so you can review and revoke active logins.

Depending on your location, you may have rights to access, correct, delete, or export your personal data. To exercise these rights:

• Use the in-app settings to update or delete your account information.
• Contact us at privacy@growthvista.live for data export or deletion requests.
• We will respond to verifiable requests within the timeframe required by applicable law.

We follow security practices appropriate to the nature of the data we handle. These include:

• Encryption of data in transit (TLS) and at rest.
• Row-level access controls to restrict data access to authorized users.
• Regular review of access policies and integration security.
• Monitoring for anomalous activity.

No system is completely secure. We strive to protect your data but cannot guarantee absolute security.

GrowthVista AI is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us so we can delete it.

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the platform after changes constitutes acceptance of the revised policy.

If you have questions about this Privacy Policy or how we handle your data, please contact us at:

privacy@growthvista.live

For security vulnerability reports, please email security@growthvista.live. We appreciate responsible disclosure.