Home
Take a Free Assessment
Privacy Policy for GrowthUplift.com
GrowthUpLift.com (hereinafter referred to as "the Website") is committed to protecting the privacy and security of user data in compliance with applicable laws, including India's Information Technology Act, 2000, the proposed Personal Data Protection Bill, and the European Union's General Data Protection Regulation (GDPR). This Privacy Policy outlines how we collect, use, store, and protect personal information, and explains user rights regarding their data. By using the Website, you consent to the practices described herein.
  1. Scope and Applicability This Privacy Policy applies to all visitors, registered users, and subscribers of GrowthUpLift.com, regardless of geographic location. The Website processes personal data as a data controller under GDPR when serving EU-based users and adheres to principles of lawfulness, transparency, and accountability. For Indian users, compliance with Section 43A of the IT Act and SPDI Rules (2011) is maintained.
  1. Types of Data Collected
2.1 Information Provided Directly by Users Registration Data: Name, email address, username, and password when creating an account.
  • Profile Information: Optional details such as age, gender, and professional background.
  • Communications: Messages sent via contact forms, customer support inquiries, or survey responses.
2.2 Automatically Collected Information Usage Data: IP address, device type, browser version, pages visited, and session duration, collected via cookies and analytics tools.
  • Location Data: Approximate geographic details derived from IP addresses.
  • Technical Logs: Timestamps, error reports, and system activity for troubleshooting.
2.3 Third-Party Data Social Media Integration: If users log in via platforms like Google or Facebook, we receive profile details as permitted by those services.
  • Payment Processors: Transaction records from platforms like PayPal or Stripe for premium subscriptions, though credit card details are not stored on our servers.
3. Purposes of Data Processing Personal data is processed to:
  • Provide personalized content recommendations and improve user experience.
  • Facilitate account management, newsletters, and community forum participation.
  • Analyze traffic patterns to optimize website performance.
  • Detect and prevent fraudulent activities or security breaches.
  • Comply with legal obligations, including tax reporting and law enforcement requests.
Under GDPR, processing is justified under Article 6(1) lawful bases: consent, contractual necessity, legal obligations, legitimate interests, or vital interests.
4. Data Sharing and Transfers
4.1 Third-Party Service Providers Data may be shared with:
  • Hosting Providers: AWS or similar services for server infrastructure.
  • Analytics Tools: Google Analytics (with anonymized IPs) to monitor engagement metrics.
  • Marketing Platforms: Email service providers like Mailchimp for newsletter distribution.
4.2 Cross-Border Transfers For EU users, data transfers outside the European Economic Area (EEA) rely on adequacy decisions (e.g., Privacy Shield-certified providers) or Standard Contractual Clauses (SCCs). Indian users' data is stored on servers within India unless explicitly stated.
5. User Rights and Choices
5.1 Access and Rectification Users may request a copy of their personal data or update inaccuracies via the account dashboard or by contacting our Data Protection Officer (DPO).
5.2 Erasure and Restriction Under GDPR Article 17, users can demand deletion of their data unless retention is necessary for legal compliance. Processing restrictions may apply during disputes.
5.3 Data Portability A structured, machine-readable copy of data provided voluntarily or through consent can be requested for transfer to another service.
5.4 Consent Withdrawal Opt-out of marketing communications by clicking unsubscribe links or adjusting preferences in account settings.
5.5 Objection to Processing Users may object to data processing based on legitimate interests, including profiling for targeted advertising.
6. GDPR-Specific Provisions
6.1 Data Protection Officer (DPO) A designated DPO oversees GDPR compliance and can be contacted at hello@impactfocusedsolutions.com.
6.2 Breach Notification In the event of a data breach posing risks to user rights, EU authorities and affected individuals will be notified within 72 hours under GDPR Article 33.
6.3 Automated Decision-Making The Website does not engage in fully automated decision-making with legal effects, though anonymized analytics may influence content recommendations.
7. Data Security Measures Encryption: SSL/TLS protocols for data in transit; AES-256 encryption for stored data.
  • Access Controls: Role-based permissions limit employee access to sensitive information.
  • Audits: Regular penetration testing and vulnerability assessments.
  • Employee Training: Annual workshops on data handling best practices.
8. Retention Periods Personal data is retained only as long as necessary:
  • Account data: Until deletion is requested.
  • Transaction records: 7 years for tax compliance.
Cookies: Session cookies expire upon browser closure; persistent cookies remain for up to 12 months.
  1. Children's Privacy The Website does not knowingly collect data from individuals under 16 (or 13 under India's proposed PDP Bill). Parents or guardians may request deletion of inadvertently collected minor data.
  1. Updates to This Policy The Privacy Policy may be revised to reflect regulatory changes or operational needs. Users will be notified via email or website banners at least 30 days before updates take effect. Continued use constitutes acceptance of amendments.
  1. Contact Information For data-related inquiries, contact: Data Protection Officer GrowthUpLift.com at phil@growthuplift.com
Effective Date: April 30, 2025
By using GrowthUpLift.com, you acknowledge that you have read and understood this Privacy Policy and consent to the lawful processing of your personal data as described.