Privacy Policy

Last updated: April 12, 2026

GrowthAmp ("we", "our", or "us") operates the GrowthAmp platform, an autonomous AI growth agent for performance marketing. This Privacy Policy explains how we collect, use, and protect information when you use our services at growthamp.ai and app.growthamp.ai.

1. Information We Collect

Account information: When you register, we collect your email address. We do not collect passwords — authentication is handled via magic links only.

Client marketing data: To provide our services, clients share access to their marketing data through Appsflyer API tokens and Google Ads / Meta API authorisations. This data includes campaign performance metrics, install data, and attribution data.

Usage data: We collect standard server logs including IP addresses, access timestamps, and API endpoint usage for security and operational purposes.

2. How We Use Your Information

• To provide attribution auditing, capital allocation recommendations, and campaign intelligence services
• To send login links and service notifications via email
• To maintain audit logs and service records
• To improve our AI models and analytical frameworks

3. Data Isolation and Client Sovereignty

Each client's data is stored in a completely isolated environment. Client data is never shared with, compared against, or used to generate recommendations for any other client. Only anonymised, aggregated benchmark statistics — never raw client data — may contribute to cross-client learning.

Raw marketing data uploaded or accessed by GrowthAmp is processed in memory and is not permanently stored on our servers. Only derived findings — risk ratings, signal classifications, and recommendations — are retained in our database.

4. Data Sharing

We do not sell your data. We do not share your data with third parties except:

• Infrastructure providers (Google Cloud Platform) who process data on our behalf under strict data processing agreements
• SendGrid for transactional email delivery
• As required by law or to protect our legal rights

5. Data Security

All data is transmitted over HTTPS with TLS encryption. API credentials are stored encrypted. Access is controlled via JWT tokens with 7-day expiry. We conduct regular security reviews of our infrastructure.

6. Data Retention

Derived audit findings and recommendations are retained for the duration of your active engagement with GrowthAmp and for 12 months after termination to support dispute resolution. Raw marketing data is not retained. Account information is retained until you request deletion.

7. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us at [email protected]. We will respond within 30 days.

8. Cookies

We use session cookies solely for authentication purposes. We do not use tracking cookies or third-party advertising cookies.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify registered users of material changes via email. Continued use of our services after changes constitutes acceptance.

10. Contact

For privacy-related questions or requests, contact us at [email protected] or write to GrowthAmp, India.