Privacy Policy of GrowAI

Last Updated: July 29, 2025

At GrowAI, we believe it’s important for you to understand what personal data we collect, how we collect it, and how you can manage or control it. This Privacy Policy explains our approach and helps you make informed choices about your data when you use our Services.

We do not publish or publicly share content created by users. Anything you create through the platform stays private and is only visible to you when you’re logged into your personal account.

When you visit or use the GrowAI website (even just for browsing) we may collect some basic technical information. This may include your IP address, the type of device or browser you’re using, and your general location. If you choose to sign up and create an account, you may provide us with additional personal information, which we explain in detail below.

We also offer tools that let you control how much data we collect and how we use it.

If you ever have questions about this Privacy Policy, the data we collect, or how you can manage your settings, feel free to contact us at support@thegrow.ai

Definitions

Personal Data refers to any information that relates to a person who is identified or can be identified. This includes things like your name, email address, location, device ID, IP address, or other details that could be used (on their own or with other data) to identify you directly or indirectly. It also includes information tied to your physical, mental, economic, cultural, or social identity.

Sensitive Personal Data is a special category of personal data that includes more private or protected information. This may include details about your racial or ethnic background, political views, religious or philosophical beliefs, trade union membership, genetic or biometric data (when used to identify someone), health status, or information about your sexual life or orientation.

Personal Data You Share With Us

• Account Information: When you sign up for an account, we collect data related to your registration. This may include your name, email address, contact details, account login information, payment method, and records of your purchases or subscription activity.
• User Content: When you use the GrowAI platform, we may collect personal data that appears in the content you input, upload (such as files), or submit as feedback. This applies to anything you actively enter into our Services.
• Communication Information: If you reach out to us for support or other reasons, we may collect your name, contact details, and the content of your messages or inquiries.
• Other Information You Provide: We may also collect other data you choose to share – for example, when you respond to surveys, participate in community events, or provide verification documents to confirm your identity.

Additional Personal Data We Receive From You

• Log Information: When you visit the website, your browser or device may automatically send us certain details. This can include your IP address, browser type and settings, the date and time of your visit, and how you interact with the site.
• Usage Information: We may collect data about how you use the Services, such as which features you access, the type of content you view or interact with, and what actions you take. We may also collect information like your time zone, country, access times and dates, user agent and version, type of device or computer, and your internet connection details.
• Device Information: This includes the name and type of your device, operating system, browser, and unique device identifiers. What we collect may depend on your device type and privacy settings.
• Analytics: We may use third-party analytics tools that rely on cookies or similar technologies to help us understand how people use the GrowAI website or application. This helps us improve performance and enhance your experience.

Use of Cookies

We may also collect some personal data using cookies and similar technologies. Cookies help us understand how you use the GrowAI website or application, recognize patterns in your behavior, and improve or personalize your experience. They also help us offer content and features that are more relevant to you.

We may use both session cookies and persistent cookies:

• Session cookies are temporary and only last while your browser is open. They are deleted automatically when you close your browser.
• Persistent cookies stay on your computer or device even after you close your browser. These cookies remain stored until they expire or you delete them. They can be read by the website that placed them when you return.

For example, we may use persistent cookies in connection with services like Google Analytics or other analytics providers. These tools help us understand where our website visitors are coming from and how they use the GrowAI site.

Analytics and Third-Party Integrations

We may partner with external analytics and measurement providers, such as AppsFlyer, or other similar platforms, to assess website and application performance, monitor usage patterns, and evaluate the origin and behaviour of user traffic. These providers may use persistent cookies and similar tracking tools to collect aggregated statistics and device-level information for analytical purposes.

In addition, we may receive certain categories of Personal Data from third-party partners (including advertising networks and analytics firms) such as Google, Apple, Facebook (Meta), and others. These third parties may provide us with audience insights, ad engagement metrics, or behavioural segmentation data that help us deliver more effective advertising and content personalization.

As the behavior of third-party cookies and tracking technologies is governed by the policies of the respective providers, we strongly encourage you to review the privacy and cookie policies of any third parties whose services are integrated into our platform. These include, but are not limited to:

• AppsFlyer – https://www.appsflyer.com/legal/services-privacy-policy/

These resources explain how each provider handles cookie data, the retention periods involved, and the choices available to users for managing their preferences.

Marketing Communications

We may send you marketing messages if you’ve requested information about our Services or agreed to receive updates and promotions. You can choose to stop receiving these messages at any time.

To opt out, you can:

• Update your marketing preferences in your account settings; or
• Click the unsubscribe link in any marketing email we send you.

If you’ve agreed to receive marketing text messages from us, you can unsubscribe at any time by replying with the word STOP to any message you receive from GrowAI.

Your Rights

Depending on where you live, you may have certain legal rights regarding your personal data. These rights may include the ability to:

• Access your personal data and learn how we use it.
• Delete your personal data from our systems.
• Correct or update any inaccurate or incomplete data.
• Transfer your data to another service provider (also known as data portability).
• Limit how we process your data in certain situations.
• Withdraw your consent at any time, if we are processing your data based on consent.
• Object to how we process your data, including for marketing purposes.
• File a complaint with your local data protection authority.

Some of these rights can be managed directly from your GrowAI account settings. If you can't make changes through your account or need help, you can contact us at support@thegrow.ai

Disclosure of Personal Data

We only share or sell your personal data in limited situations, and only when we believe it’s necessary or appropriate.

We may share or sell your personal data in the following cases:

• With your consent or direction: If you give us permission or ask us to share your data, we’ll do so according to your instructions.
• With service providers: We may share your data with trusted third parties who help us run the GrowAI platform. These may include analytics providers, hosting services, cloud infrastructure, customer support platforms, email systems, and IT providers. These companies only access your data to carry out their duties on our behalf, and they must follow our instructions.
• With professional advisors: We may share your data with our lawyers, accountants, auditors, or insurance providers if it’s necessary to protect our business, employees, contractors, or legal interests, or to comply with laws and regulations.
• With government or law enforcement: We may disclose your data if required to do so by law, court order, subpoena, or valid request from government agencies. We may also do so in emergency situations or to protect the rights and safety of users, employees, third parties, or property.
• With our affiliates: We may share your data with companies that are part of the same corporate group as GrowAI (entities that own, are owned by, or are under common control with us). These affiliates will use your data in line with this Privacy Policy.
• In case of a business transfer: If GrowAI is involved in a merger, sale, acquisition, or transfer of business or assets, your personal data may be transferred to the new owner. In that case, this Privacy Policy will continue to apply to how your data is used.

Management, Protection, and Retention of Your Personal Data

Your California Privacy Rights

If you are a resident of California, you may have specific rights under California law regarding your personal and sensitive personal data. These rights include the ability to:

• Request a summary of what personal or sensitive data we collect about you.
• Ask how we use, share, or sell your personal or sensitive data.
• Request that we correct or delete any personal or sensitive data we have collected about you.
• Opt out of the sale or sharing of your personal or sensitive data.
• Opt out of the use or disclosure of sensitive data for marketing or advertising purposes. This includes things like your precise location or the contents of your messages (unless we’re the intended recipient).

We only keep your personal or sensitive data for as long as needed to fulfill the purposes described in this Privacy Policy, or as required by law for legal, accounting, or reporting reasons.

To request access to your personal data, ask us to correct or delete it, or opt out of the sale or sharing of your information, you can contact us in one of the following ways:

• Email: support@thegrow.ai
• By mail:
  GrowAI Privacy Request
  c/o Revision Legal, PLLC
  444 Cass St., Suite D
  Traverse City, MI 49684
  United States of America

To protect your privacy, we may need to verify your identity before processing your request. This may include confirming details such as your phone number, email address, username, city, or state.

You may also appoint someone else (an “authorized agent”) to make a request on your behalf. To do so, we’ll need legal proof (such as a signed power of attorney) and that person may also need to answer verification questions about your account.

We will never deny you access to the Services or treat you unfairly because you exercised any of your rights under California law.

Category	Examples	Collected	Period of Retention
A. Identifiers	Real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.	YES	As long as necessary to fulfill the purposes for which it is collected under this Privacy Policy or for the purposes of satisfying any legal, accounting, or reporting requirements.
B. Personal information categories listed in the California Consumer Records statute (Cal. Civ. Code § 1798.80(e))	Name, signature, address, telephone number, bank account number, credit card number, debit card number, or any other financial information.	YES	As long as necessary to fulfill the purposes for which it is collected under this Privacy Policy or for the purposes of satisfying any legal, accounting, or reporting requirements.
D. Commercial	Records of products purchased.	YES	As long as necessary to fulfill the purposes for which it is collected under this Privacy Policy or for the purposes of satisfying any legal, accounting, or reporting requirements.
E. Biometric Information	Fingerprints or footprints.	NO	N/A
F. Internet or other similar network activity	Browsing history, search history, information on a consumer’s interaction with a website.	YES	As long as necessary to fulfill the purposes for which it is collected under this Privacy Policy or for the purposes of satisfying any legal, accounting, or reporting requirements.
G. Geolocation data	Physical location or movements.	NO	N/A

Contact Information

If you have any questions about this Privacy Policy, need help updating your personal information, or want to share a suggestion, you can contact our Data Protection Officer at:

Funcorp Limited
Email: support@thegrow.ai

Your Colorado, Connecticut, and Virginia Privacy Rights

If you live in Colorado, Connecticut, or Virginia, you may have certain privacy rights under your state’s law. These rights may include the ability to:

• Request details about the personal and sensitive data we collect from you.
• Ask how we use, share, or sell that data.
• Request that we correct inaccurate information or delete the personal or sensitive data we have about you.

If you would like to exercise any of these rights, you can contact us at support@thegrow.ai. We may need to verify your identity before processing your request.

European Union (GDPR)

We participate in the IAB Europe Transparency & Consent Framework and follow its policies and technical standards. We also use a private Consent Management Platform (CMP) that is registered with IAB Europe.

If we transfer or store the personal data of EU citizens outside the European Union, we follow the EU-U.S. Data Privacy Framework (DPF). This includes complying with its core principles and supplemental rules when handling your data. Our data handling practices may be subject to enforcement by the U.S. Federal Trade Commission (FTC).

As a resident of the European Union, you have certain rights under the General Data Protection Regulation (GDPR), subject to legal limitations. These rights include:

• The right to access the personal data we hold about you and request corrections.
• The right to data portability, meaning you can request your data be transferred to another provider, where technically possible.
• The right to request deletion of your data, unless we are legally required to keep it.
• The right to object to how your data is processed, for example if you believe the data is inaccurate, the processing is unlawful, or you object for personal reasons.
• The right to withdraw consent, where our processing is based on your consent.
• The right to object to marketing, including direct marketing or other types of data use based on your personal situation.
• The right to file a complaint with your local data protection authority.

To exercise any of these rights, you can contact our Data Protection Officer:
Funcorp Limited
Email: support@thegrow.ai

You will not need to pay a fee to access your personal data or to exercise any of your rights. However, GrowAI may charge a reasonable fee if your request is clearly unfounded or excessive. To protect your data, we may ask for verification (such as your email, username, or other identifying details) before responding. We aim to respond to all valid requests within 30 days.

For more information about your rights under the DPF, visit:
U.S. Department of Commerce – https://www.commerce.gov/
DPF Program Overview – https://www.dataprivacyframework.gov/s/program-overview
List of DPF-Certified Companies – https://www.dataprivacyframework.gov/s/

For further information regarding your privacy rights as a citizen of the EU, please visit the U.S. Department of Commerce’s Website at https://www.commerce.gov/ and the DPF overview webpage at https://www.dataprivacyframework.gov/s/program-overview.
You can find a list of DPF certified organizations here: https://www.dataprivacyframework.gov/s/.

If you're not satisfied with how we handle your complaint, you may also contact a neutral, third-party dispute resolution service at no cost. One option is JAMS, a U.S.-based arbitration provider: https://www.jamsadr.com/eu-us-data-privacy-framework. You are not required to use JAMS.

In some cases, you may have the right to seek binding arbitration under the DPF. We may also be held responsible if your personal data is improperly shared with a third party. Additionally, we may be required to disclose your personal or sensitive data in response to lawful requests from public authorities, including for law enforcement or national security purposes.

Third Party Links

Our Services may include links to third-party websites, apps, or services. If you click on these links, those third parties may collect or share personal data about you. We do not control the content, policies, or data practices of those third-party sites. We recommend reviewing their privacy policies before interacting with them.

Data Deletion Requests

If you would like to request deletion of the personal data connected to your GrowAI account, you can do so by sending a request to support@thegrow.ai

Verification and Processing

When you submit a deletion request, we’ll verify that the email address provided matches the one used to create the account. If verified, we’ll send further instructions to that email address. Requests are usually completed within 30 days, and we’ll keep you informed of the status by email.

If you have questions or need help during the process, feel free to contact us at support@thegrow.ai.

Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in technology, legal requirements, or business practices. If we make any changes, we will update the “Last Updated” date at the top of this page and, where appropriate, notify you in other ways. Please check this page regularly to stay informed about how we protect your data.

Children Prohibited

Our Services are not intended for, or directed to, individuals under the age of 18. By using the GrowAI website or app, you confirm that you are at least 18 years old. If you are under 18, please do not use the Services or submit any personal data.

International Data Transfers

By using our Services, you agree that your personal data may be stored and processed on servers located outside of your country of residence, including in the United States, the European Union, and other countries. If you are located in Brazil, this means your data may be processed outside Brazilian territory, in accordance with this Privacy Policy.

Contact Information

If you have any questions about this Privacy Policy, need help correcting your personal information, or have privacy-related concerns, please contact our Data Protection Officer:

Funcorp Limited
support@thegrow.ai