The General Data Protection Regulation (GDPR) and The California Privacy Act (CCPA) is a set of laws designed to protect the personal data of EU citizens and California residents. The onus is on organizations to not only secure this data but get consent for collection of data and delete it upon request. GDPR and CCPA may be in place for the security of EU citizens and California residents alike, but any business that collects data of EU citizens or California residents must comply with these laws.
At GrowthZone, we are working to ensure that our own practices are GDPR/CCPA-compliant. This includes our privacy policy with updates on how we handle your data as a processor, how we will assist our client as the controller of data. We are continually working towards compliance with the GDPR and CCPA.
GrowthZone is committed to protecting the personal data of individuals in the European Union (GDPR) and California (CCPA). This policy explains how we handle personal data, your rights, and how we support our clients in maintaining compliance.
1. Data We Collect
We may process the following categories of personal data on behalf of our clients:
-
Contact information (e.g., name, email, phone number, organization name)
-
Account and membership details
-
Payment and billing information
-
Usage and system data (e.g., login activity, IP address)
-
Communication history
2. How We Use Data
We process personal data only to support our clients in delivering their services, including:
-
Managing memberships and accounts
-
Providing support and communication
-
Facilitating transactions and payments
-
Maintaining platform security and functionality
3. Sharing Data
We do not sell personal data. Data may be shared only with:
-
Authorized service providers and partners who support our platform
-
Our clients, as the data controller, for their operational purposes
-
Legal authorities if required by law
4. Your Rights
Individuals have rights under GDPR and CCPA, including:
-
Access to their personal data
-
Correction or deletion of personal data
-
Restriction of processing or objection to certain uses
-
Data portability (GDPR)
-
Opt-out of the sale of personal data (CCPA)
Requests should be directed to the data controller (our clients) or to GrowthZone via our contact channels.
5. Security & Retention
We implement appropriate technical and organizational measures to protect personal data. Data is retained only as long as necessary to provide services, comply with legal obligations, or fulfill contractual requirements.
6. Supporting Our Clients
GrowthZone acts as a data processor on behalf of our clients, who are the data controllers. We provide tools and guidance to help our clients meet their GDPR and CCPA obligations.
Disclaimer
This policy is intended to provide general information and guidance. It is not legal advice. Clients should consult legal counsel to ensure their own compliance with GDPR, CCPA, or any other applicable privacy laws.
