GrowthPilot
Sign inStart free

Legal

Privacy Policy

Last updated: June 10, 2026

1. The short version

We collect the minimum we need to run GrowthPilot: your account info, your organization's product data, and billing metadata. We don't sell your data. You can export or delete it.

2. What we collect

  • Account data — name, email and authentication identifiers, managed by Clerk (our auth provider).
  • Product data — the loops, metrics, tests, missions and posts your organization creates in the app.
  • Billing data — plan, subscription status and invoices, processed by Stripe. We never see or store your card number.
  • Usage data — anonymous page analytics via Google Analytics 4 on the public site, and basic product events used to improve onboarding.

3. Where it lives

Application data is stored in a Postgres database hosted by Supabase in the EU (eu-west-1), with row-level security enabled. Integration tokens you connect (GA4, Sheets…) are encrypted at rest with AES-256-GCM. The app is hosted on Vercel.

4. Who we share it with

Only the processors needed to operate the Service: Clerk (auth), Stripe (payments), Supabase (database), Vercel (hosting), Resend (transactional email), Google (analytics, if enabled) and Sentry (error monitoring). Each is bound by its own data-processing agreement. We never sell personal data and we don't run third-party advertising trackers.

5. Public content

If you publish a loop (/p/your-slug) or a blog post, that content — including the workspace name attached to it — becomes publicly visible and indexable. Unpublishing removes it from the public site.

6. Your rights (GDPR)

You can access, correct, export or delete your personal data, and object to or restrict certain processing. Deleting your account removes your personal data and your organization's data (when you are the last OWNER) within 30 days, except what we must keep for accounting. To exercise any right, email naceri.medi@gmail.com.

7. Cookies

We use strictly necessary cookies: the Clerk session, and a gp_locale cookie that remembers your language choice. Referral visits to public loops set a short-lived attribution cookie. No cross-site advertising cookies.

8. Changes & contact

If we materially change this policy we will notify you in the app or by email. See also our Terms of Service. Questions: naceri.medi@gmail.com.