GrowthCode Website Privacy Policy
Last updated: September 25, 2025
GrowthCode, LLC (“GrowthCode,” “we,” “us,” “our”) explains here how we collect, use, and share information when you visit or interact with growthcode.io and our marketing pages, forms, chat, and emails (the “Site”). This policy does not cover customer data handled in GrowthCode products or under a Master Services Agreement, Data Processing Addendum, or other service terms.
1. Who we are and how to contact us
GrowthCode, LLC
47 East 88th Street, #8B
New York, NY 10128
If you are in the EU or UK and contact us about your rights, we will route your request to the appropriate contact and, if applicable, our regional representative.
2. Data we collect on the Site
We collect information in three buckets. Each table shows examples, why we collect it, the typical legal basis, and how long we keep it.
2.1 Website and marketing data
| Category | Examples | Purpose | Legal basis | Retention |
|---|---|---|---|---|
| Device and browsing | IP address, cookie IDs, pages viewed, referring URLs, timestamps | Site operation, analytics, fraud and abuse prevention, security | Legitimate interests, consent where required | Logs 12–24 months, security logs up to 24 months |
| Cookies and similar tech | First-party cookies, third-party analytics and ad tags | Remember choices, measure traffic, improve content, show or measure ads | Legitimate interests, consent where required | Per cookie type. See Cookie Settings for durations |
| Marketing interactions | Email opens/clicks, UTM parameters, form source | Attribution, measure campaign performance | Legitimate interests, consent where required | 24 months of inactivity |
2.2 Account, contact, and support data
| Category | Examples | Purpose | Legal basis | Retention |
|---|---|---|---|---|
| Contact info | Name, email, phone, company, role | Respond to inquiries, send requested materials, manage preferences | Contract, legitimate interests, consent where required | 24 months of inactivity or upon request, plus suppression to honor opt-outs |
| Site forms and chat | Messages, meeting details, notes you submit | Customer care, sales follow-up, quality assurance | Legitimate interests, contract | 24 months, then archive or delete |
| Account and billing | Login email, password hash, subscription status, invoices (via processor) | Provide access you requested, process payments, prevent fraud | Contract, legal obligation | Account lifetime plus 7 years for records |
2.3 Data from third parties
| Category | Examples | Purpose | Legal basis | Retention |
|---|---|---|---|---|
| Lead and ad platforms | Business contact details from B2B providers, ad platforms, social networks, conference lists | B2B outreach, audience matching, campaign measurement | Legitimate interests, consent where required | 24 months of inactivity or upon request, plus suppression |
We do not intend to collect sensitive personal information on the Site. Please do not submit it.
3. Cookies and tracking
We use cookies, pixels, and similar technologies to run the Site, remember choices, measure traffic, and support advertising. In regions that require consent, we will ask for it on your first visit. You can change your choices at any time:
- Cookie Settings: www.growthcode.io/cookies
- Browser controls: manage cookies in your browser settings
We honor Global Privacy Control (GPC) signals where required by law. We do not respond to legacy Do-Not-Track signals.
4. How we use your information
- Operate, secure, and improve the Site
- Respond to inquiries and provide requested materials
- Send administrative messages and marketing you choose to receive
- Measure and improve campaigns and content
- Detect, investigate, and prevent fraud, spam, or security incidents
- Comply with law and enforce our terms
We may create aggregated or de-identified data from Site activity. We use that to improve the Site and for reporting. We do not attempt to re- identify it.
5. How we disclose information
- Service providers. Hosting, analytics, security, email delivery, CRM, payment processing.
- Affiliates. Only as needed for Site operations and support.
- Advertising and analytics partners. To measure visits and, where allowed, to offer or measure advertising.
- Legal and safety. To comply with law, court orders, or to protect rights, safety, and security.
- Business transfers. In connection with a merger, acquisition, financing, or sale of assets.
6. Sale or sharing for targeted advertising
Under certain US state laws, using ad cookies or audience tools may be considered a “sale” or “sharing” of personal information or “targeted advertising.” You can opt out at any time:
- Do Not Sell or Share My Personal Information: [link]
- Honor GPC signals received by your browser
We do not knowingly sell or share personal information about users under 16.
7. Your choices and rights
7.1 Marketing choices
- Unsubscribe using the link in our emails
- Manage cookie preferences in Cookie Settings
- Use GPC to send a universal opt-out signal
7.2 US state privacy rights
Depending on your state, you may have rights to:
- Access or a copy of your personal information
- Correction of inaccurate information
- Deletion
- Opt out of sale, sharing, or targeted advertising
- Portability
- Limit the use/disclosure of sensitive personal information
- Appeal a decision if we decline your request
Submit a request at privacy@growthcode.io. We will verify your identity and respond within required timelines. You may use an authorized agent with documentation.
7.3 EU/UK data rights
If EU or UK law applies, you may request access, correction, deletion, restriction, portability, or object to processing. Where we rely on consent, you can withdraw it at any time. You can also contact your data protection authority.
8. Security
We use administrative, technical, and physical safeguards appropriate to the data we hold, including access controls, encryption in transit, and logging. No system is perfectly secure. If we identify a security incident, we will investigate and notify you and regulators as required.
9. International data transfers
We are based in the United States. If your information is transferred from the EU, EEA, UK, or Switzerland to the US or another country, we rely on valid transfer tools, such as Standard Contractual Clauses and, where applicable, the EU–US Data Privacy Framework and UK or Swiss extensions.
10. Children
The Site is not directed to children under 16. We do not knowingly collect their personal information. If you believe a child provided personal information, contact us and we will delete it.
11. Retention
We keep personal information only as long as needed for the purposes described above and to meet legal, tax, or accounting requirements. Typical periods are listed in Section 2. When we delete data, we may keep minimal suppression records. Backups age out on a set schedule.
12. Accessibility
If you need this policy in a different format, email
privacy@growthcode.io.
13. Changes to this policy
We will update this page when we change how we handle Site data. If a change materially affects you, we will provide additional notice (for example, by email or banner).
14. Contact
Questions or requests: privacy@growthcode.io
Mail: GrowthCode, LLC, 47 East 88th Street, #8B, New York, NY 10128
State-specific notices (summary)
California. Rights to know, access, correct, delete, opt out of sale or sharing, limit sensitive personal information, and non-discrimination.
Colorado, Connecticut, Virginia. Rights to access, correct, delete, portability, and opt out of targeted advertising, sale, and certain profiling. Appeal rights included.
Utah, Oregon, Texas, Delaware, Iowa, Tennessee. Similar rights with variations. Use the same request methods.
Definitions (plain English)
- Personal information: data that identifies or can reasonably be linked to a person or household.
- Sale, share, targeted advertising: terms defined by state privacy laws, covering some cookie/ad tech uses.
- Service provider/processor: a company that processes data for us under contract and cannot use it for its own purposes.
Scope note
This policy covers website activity only. Customer data processed in GrowthCode products or services is governed by our service terms and DPA, not this policy.
