Privacy Policy

Effective date: February 16, 2026

growity.ai ("we", "us", or "our") operates the growity.ai website and Telegram ads automation platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Account Information. When you create an account, we collect your name, email address, and authentication credentials through Google SSO, Telegram login, or email magic links.

Channel Data. We collect information about the Telegram channels you connect, including channel name, subscriber counts, and growth metrics. This data is used to power our ads automation and analytics features.

Payment Information. Payments are processed through Stripe. We do not store your full credit card number. Stripe may collect billing details such as your name, card last four digits, and billing address.

Usage Data. We automatically collect information about how you interact with our platform, including pages visited, features used, timestamps, browser type, and device information.

2. How We Use Your Information

  • Provide, operate, and maintain our platform and services
  • Operate and optimize your ad campaigns and channel growth automation
  • Process transactions and send billing-related communications
  • Analyze usage patterns to improve our product and user experience
  • Send service-related notifications, updates, and support messages
  • Detect, prevent, and address fraud or technical issues

3. Legal Basis for Processing

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data under the following legal bases as defined by the General Data Protection Regulation (GDPR):

  • Contract performance — processing your account information, channel data, and campaign data is necessary to provide the service you signed up for (Article 6(1)(b)).
  • Legitimate interest — we process usage data and analytics to improve our product, prevent fraud, and ensure platform security (Article 6(1)(f)). You may object to this processing at any time.
  • Legal obligation — we may process data when required to comply with applicable laws, such as tax or financial regulations (Article 6(1)(c)).
  • Consent — where required, we obtain your explicit consent before processing (e.g., marketing communications). You may withdraw consent at any time (Article 6(1)(a)).

4. Data Sharing & Third Parties

We do not sell your personal information. We share data only with the following third-party services that are essential to operating our platform:

Stripe — for payment processing. Stripe's use of your data is governed by the Stripe Privacy Policy.

Google — for SSO authentication. Google's use of your data is governed by the Google Privacy Policy.

Telegram API — for channel data retrieval, ad placement, and authentication. Telegram's use of your data is governed by the Telegram Privacy Policy.

We may also disclose your information if required by law or to protect our rights, safety, or property.

5. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

What we do NOT store:

  • Telegram account passwords or authentication tokens
  • Session cookies or credentials of any connected accounts
  • Credit card numbers (payments are handled entirely by Stripe)
  • Advertising funds or balances (all ad spend goes directly to Telegram)

Access to your Telegram Ads organization is granted through Telegram's native admin system. You can revoke it at any time by removing our service account from your admin list.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:

  • Account data — retained while your account is active and for 30 days after deletion request, to allow for account recovery.
  • Campaign and analytics data — retained while your account is active. Deleted within 90 days of account closure.
  • Payment records — retained for 7 years as required by tax and financial regulations.
  • Usage logs — retained for up to 12 months for security and product improvement purposes, then anonymized or deleted.

When data is no longer needed, it is securely deleted or anonymized so that it can no longer be linked to you.

7. Your Rights

Depending on your jurisdiction (including under GDPR for EEA/UK residents), you have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you (Article 15).
  • Rectification — request that we correct inaccurate or incomplete information (Article 16).
  • Erasure — request that we delete your personal data ("right to be forgotten"), subject to legal retention obligations (Article 17).
  • Restriction — request that we restrict processing of your data while a dispute or request is being resolved (Article 18).
  • Data portability — request a copy of your data in a structured, machine-readable format (e.g., JSON or CSV) for transfer to another service (Article 20).
  • Objection — object to processing based on legitimate interest. We will stop processing unless we demonstrate compelling legitimate grounds (Article 21).
  • Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
  • Complaint — lodge a complaint with your local data protection supervisory authority if you believe your rights have been violated.

To exercise any of these rights, contact us at privacy@growity.ai. We will respond within 30 days.

8. International Data Transfers

Your data may be processed and stored in countries outside the European Economic Area (EEA), including wherever our infrastructure providers operate. When we transfer data outside the EEA, we ensure appropriate safeguards are in place:

  • Transfers to countries with an EU adequacy decision.
  • Standard Contractual Clauses (SCCs) approved by the European Commission, where applicable.
  • Transfers to providers who participate in recognized data protection frameworks.

You may request information about the specific safeguards applied to your data transfers by contacting us.

9. Cookies & Tracking

We use essential cookies to maintain your session and authentication state. We may also use analytics tools to understand how visitors use our site. You can control cookie preferences through your browser settings.

10. Children's Privacy

Our service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page with a revised effective date. Your continued use of the service after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us at:

privacy@growity.ai

For GDPR-related inquiries, you may also contact your local data protection supervisory authority.