Privacy Policy
Last updated: June 4, 2026.
Operator: GrowthCrank ("we," "us," "our"). Contact: support@growthcrank.com.
This Privacy Policy explains what personal information GrowthCrank collects, why we collect it, and what we do with it. Plain language, no dark patterns.
1. Who This Policy Covers
This policy applies to:
- Clients — businesses that subscribe to GrowthCrank's services;
- Prospects — individuals or businesses we contact on behalf of our clients;
- Visitors — anyone who visits growthcrank.com.
2. Information We Collect
2.1 From Clients (when you subscribe)
- Name (first and last name of account holder);
- Email address;
- Phone number;
- Business name;
- Billing address (collected via Stripe at checkout);
- Service area, target market details, and onboarding information you provide;
- Exclusion lists you upload (existing customers you don't want contacted);
- Communications you send to GrowthCrank (emails, support requests).
2.2 From Prospects (people we contact on a client's behalf)
- Publicly available business contact data (name, role, business email, business phone, company name, location) sourced from data vendors and public sources;
- Responses to outreach (replies, opt-outs, engagement events);
- Appointment scheduling information (date, time, contact details).
2.3 From Visitors to growthcrank.com
- Standard server logs (IP address, user agent, page requested, timestamp);
- We do not use third-party advertising trackers, Facebook Pixel, or similar surveillance tools on this site;
- We may use privacy-friendly analytics (e.g., Plausible) that does not set cookies and does not track individuals across sites.
2.4 Payment Information
Payment card data is collected and stored only by Stripe, our PCI-DSS compliant payment processor. GrowthCrank never sees, stores, or transmits raw card numbers.
3. How We Use Information
3.1 To deliver the service
- Run AI-powered outreach campaigns on your behalf;
- Identify, qualify, and schedule appointments with prospects;
- Deliver qualified appointment details to you;
- Bill, process credits, and reconcile accounts via Stripe;
- Provide support and improve service quality.
3.2 Exclusion list usage
If you upload an exclusion list (existing customers), we use it only to exclude those contacts from outreach. We do not use that list for any other purpose, do not share it, and delete it within 30 days of subscription cancellation.
3.3 Appointment exclusivity
A prospect contacted on behalf of Client A is never marketed to or shared with Client B. Every qualified appointment is exclusive to the single GrowthCrank client whose campaign generated it.
3.4 Internal improvement
We use anonymized, aggregated metrics (response rates, appointment-volume statistics, channel performance) to improve the service. We do not use individual prospect or client identities for this purpose.
4. Who We Share Information With
We share information only with the following categories of recipients, and only as needed to operate the service:
- Stripe — payment processing and billing;
- Email and messaging infrastructure providers — to transmit outreach messages;
- Calendar and scheduling providers — to book appointments;
- Hosting providers — infrastructure to run the service;
- Law enforcement or regulators — only when legally required (subpoena, court order, valid legal process).
We do not sell personal information to anyone, ever. We do not share data for cross-context behavioral advertising.
5. Data Retention
| Data type | Retention |
|---|---|
| Active client account data | While subscription is active + 24 months for tax/accounting |
| Prospect contact data (active campaigns) | While client subscription is active |
| Prospect data after client cancels | 90 days, then deleted |
| Appointment delivery logs | 24 months (for dispute defense) |
| Client-uploaded exclusion lists | Deleted within 30 days of cancellation |
| Server logs | 30 days |
| Stripe transaction records | Per Stripe's retention (typically 7 years for tax) |
You can request earlier deletion of your data — see Section 8.
6. How We Protect Information
- All data in transit uses TLS encryption;
- Cloud-stored data is encrypted at rest by our infrastructure providers;
- Access is limited to authorized GrowthCrank personnel who need it to operate the service;
- Stripe handles all payment-card data under PCI-DSS Level 1;
- We log administrative access to client data for audit purposes.
No system is perfectly secure. If a breach affects your data, we will notify affected individuals and applicable regulators within the timeframes required by law.
7. Your Rights
7.1 California Residents (CCPA / CPRA)
You have the right to:
- Know what personal information we have about you;
- Request a copy of that information;
- Request deletion (subject to legal exceptions);
- Opt out of "sale" or "sharing" of personal information (we do neither);
- Not be discriminated against for exercising these rights.
7.2 EU/EEA/UK Residents (GDPR / UK GDPR)
You have the rights to access, rectify, erase, restrict processing, object to processing, and data portability. Our lawful basis for processing prospect data in outreach is legitimate interest in B2B lead generation, weighed against the prospect's interest in privacy. We honor opt-out requests immediately.
7.3 Everyone
Regardless of jurisdiction, you can:
- Request a copy of your data;
- Request deletion;
- Opt out of receiving outreach (one-click unsubscribe in every email; reply "stop" to any SMS).
8. How to Exercise Your Rights
Email: support@growthcrank.com
Subject line: Privacy Request — {your request type}
We respond within 30 days of a verified request. We may need to verify your identity before fulfilling the request.
To opt out of outreach immediately, click the unsubscribe link in any email we've sent you. Opt-outs propagate across our system within 24 hours.
9. Children's Privacy
GrowthCrank's services are intended for businesses, not children. We do not knowingly collect personal information from anyone under 16. If we discover such data, we delete it.
10. International Transfers
GrowthCrank is operated from the United States. If you are accessing the service from outside the US, your information will be transferred to and processed in the US under the protections described in this Policy. Where required, we rely on Standard Contractual Clauses or equivalent mechanisms for cross-border transfers.
11. Cookies and Tracking
growthcrank.com uses only strictly necessary cookies for site functionality. We do not use advertising cookies, social-media trackers, or cross-site behavioral tracking.
12. Changes to This Policy
Material changes will be posted here with an updated "Last updated" date and, where appropriate, communicated by email. Continued use of the service after the effective date constitutes acceptance.
13. Contact
Privacy questions: support@growthcrank.com
Website: growthcrank.com