GrowCreate (GrowCreate Limited, GrowCreate GmbH or our affiliates, referred to as "we", "our", or "us" in this text) are committed to data protection and privacy. This notice is provided to inform you how we collect and process any information that we collect from you, or that you provide to us. It sets out the types of personal data that we collect and process, the purposes of the processing, and the rights that you have in connection with it. It covers information that could identify you (“personal information”) and information that could not. In the context of the law and this notice, “process” means collect, store, transfer, use, or otherwise act on information.
We respect the privacy rights of individuals and are committed to handling personal information responsibly and in accordance with applicable law. If you are in any doubt regarding this notice, please contact firstname.lastname@example.org.
Types of personal data we collect
During your contract with us, or when making an enquiry about our service offering, we may process personal data about you, your colleagues, and customers as well as other individuals whose personal data has been provided to us. The types of personal information we may process include, but are not limited to:
- Account profile and contact information
- Communications, such as emails and recordings
- Financial, e.g., invoices and proposals
- Technical data, such as API keys provided
- Marketing data and preferences
We also collect anonymous or aggregated data, such as usage statistics and reports that may be derived from your personal data. Anonymous data is not considered personal information in law because it does not reveal your identity. However, if we combine or connect aggregated data with your personal information so that it can identify you in any way, we treat the combined data as personal information, and it will be used in accordance with this privacy notice.
Purposes for data processing
Our team will process your personal data in order to inform you of our services and provide these services. The purposes for which we process personal information include, but are not limited to:
- Sales and Marketing
- Account Management
- Solution Support and Maintenance
- Project Delivery
We may also collect and use personal information when it is necessary for other legitimate purposes, such as to help us conduct our business more effectively and efficiently – for example, for general IT security management, accounting purposes or financial planning. We may also process your personal information to investigate violations of law or breaches of our own internal policies.
We may also use your personal data where we consider it necessary for complying with laws and regulations, including collecting and disclosing employee personal information as required by law (e.g., for tax, health, and safety, anti-discrimination laws), under the judicial authorisation, or to exercise or defend our legal rights.
Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the way we collect it. We will normally collect personal data from you only where we need it to perform a contract obligation (i.e., to deliver a service and to manage the client/business relationship), where we have your freely given consent to do so, or where the processing is in our legitimate interests and only where this interest is not overridden by your own interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
Sharing your data
We take care to allow access to personal data only to those who require such access to perform their tasks and duties, and to third parties who have a legitimate purpose for accessing it. Whenever we permit a third party to access personal information, we will implement appropriate measures to ensure the data is used in a manner consistent with this notice and that the security and confidentiality of the data is maintained.
In addition, we make certain personal data available to third parties who provide services to us. We do so on a "need to know basis" and in accordance with applicable data protection and data privacy laws. For example, some personal data will be available to our employee benefit plans service providers and third-party companies who provide us with employment law advice, health, and safety support, payroll support services, expenses, tax, and travel management services.
You may exercise the rights available to you under data protection law. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. To exercise any of these rights, please contact email@example.com.
Issues and Complaints
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading, or inappropriate. We would also welcome any suggestions for improving our procedures. If you want to make a complaint about the way we have processed your personal information, you can contact the ICO or raise it with our team at firstname.lastname@example.org.