Intro
LLC “Growave” (“Growave” or “we”) welcomes you. We provide you with our website, available following the link www.growave.io (“Website”).
This Privacy Notice (“Privacy Notice”) describes how your personal data is collected, stored, and used and what happens when you use the Website.
We describe personal data processing in the Growave App in the Privacy Notice Growave App.
Data subjects
When you visit our Website, you become our user (“User”).
Data subject
Description
Visitor
User, who visits our Website.
Potential Client
User, who fills out the form on the Website.
Partner
User, who fills out the partners program forms on the Website.
Client
User, who logs in to Growave’s account.
Course Subscribers
User, who fills out the form of getting an eCommerce course.
Advice Requesters
User, who fills out the form of getting tips for sales improvement.
Please note! We do not knowingly process the personal data of Users under age 18. If you are such a User or you are the legal representative of such a User, please,
contact us.
Personal data
Roles in the processing
Growave is the controller of the Users' data.
Sources of data
We receive data when you visit our Website and interact with it, depending on your actions on the Website.
We may also (although we do not necessarily do so) receive data from third parties. It depends on your settings and the features you use.
Lawful basis for processing
To process your personal data, we rely on the following lawful basis:
- performance of the contract — for the processing of personal data necessary for the negotiating on, conclusion, and performance of a contract with you;
- legal obligation — for the processing necessary to comply with the law (for example, to comply with tax or KYC/AML regulations);
- legitimate interest — for the processing necessary for the development of our services and reasonable for you;
- consent — for additional processing for specific purposes (read more below).
Visitors’ data
When you use our Website as a Visitor, we collect some data automatically. We need technical data to operate, support, and improve the Website's functionality.
Source of data
Description
Reasons for processing
Legal basis
Necessary technical data.
Information about your visits and use of the Website, including the source of the links, the time and duration of the visit, and navigation.
The smooth operation of the Website.
Legitimate interest.
Necessary cookies.
Information that is necessary for the operation of the Website.
Improving your experience using the Website.
Legitimate interest.
Marketing cookies.
Marketing information used to match relevant advertising to you.
Marketing.
Consent.
Preference cookies.
Information that is necessary for the operation of some services on the Website.
The operation of some services on the Website.
Consent.
Statistics cookies.
Information used to understand how Visitors interact with Website by collecting and reportinginformation.
To monitor Website performance for statistical purposes.
Consent.
Data storage
Necessary technical data
Stored during the use of the Website and for 2 years from the last visit
Cookies
Potential Clients’ data
Source of data
Description
Reasons for processing
Legal basis
Full name.
To personalise our response to your request.
Legitimate interest.
Email.
To respond to your request.
Performance of the contract.
Text of your message.
To propose our services based on your request.
Performance of the contract.
From the “Team Support Chat” form.
Text of your messages.
To provide informational support for our Potential Clients.
Performance of the contract.
Data storage
Data that is processed based on legitimate interest
Stored during the use of the Website and for 2 years from the last visit
Data that is processed based on the performance of the contract
Stored during the use of the Website and for 2 years from the last visit
Partners’ data
Source of data
Description
Reasons for processing
Legal basis
Full name.
Creation of the partner account.
Performance of the contract.
Email.
Creation of the partner account.
Performance of the contract.
Password.
Protecting your account.
Performance of the contract.
Email.
Identifying you when you are logging in your partner's account.
Performance of the contract.
Password.
Protecting your account.
Performance of the contract.
Data storage
Data that is processed based on the performance of the contract
Stored during the use of the Website and for 2 years from the last visit
Clients’ data
Source of data
Description
Reasons for processing
Legal basis
Shopify store Address.
Identifying you when you are logging in your Shopify account.
Performance of the contract.
Data storage
Data that is processed based on the performance of the contract
Stored during the use of the Website and for 2 years from the last visit
Course Subscribers’ data
Source of data
Description
Reasons for processing
Legal basis
From the “Get your eCommerce coursefor free” form.
Email.
Marketing.
Performance of the contract.
Data storage
Data that is processed based on the performance of the contract
Stored during the use of the Website and for 2 years from the last visit
Advice Requesters’ data
Source of data
Description
Reasons for processing
Legal basis
From “Get free advice on improving your store” form.
Name.
To personalise our response to your request.
Legitimate interest.
Email.
To respond to your request.
Performance of the contract.
Shop URL.
To provide analytics regarding Shopify store sales improvement.
Performance of the contract.
Data storage
Data that is processed based on the legitimate interest
Stored during the use of the Website and for 2 years from the last visit
Data that is processed based on the performance of the contract
Stored during the use of the Website and for 2 years from the last visit
Data received from third parties
We may receive some personal data from third parties.
The amount of data collected, the purposes, and the legal basis for processing is determined by the respective privacy documents of these parties:
Third parties
Description
Calendly
We use Calendly for scheduling demo meetings.
Other services
We may use various tools and services for marketing and other purposes. To get a
detailed list of the tools,
contact us.
Data sharing with third parties
We use your personal data on the basis of the performance of the contract to provide services and communicate with the users.
We share your data with the service providers and contractors in the scope we need to provide services and technical and customer support, who, for example, help us
- operate, develop, and improve the features and functionality of our Website;
- provide you with their services;
- complete your payment transactions;
- fulfil your support requests;
- convert your files;
- communicate with you as described elsewhere in this Privacy Notice.
Also, we can share your data on the following grounds: consent, compliance with the law, and legitimate interest.
Details
We share your data on the following grounds:
1. Performance of a contract.
We may transfer your data to our contractors and partners for contractual purposes.
2. Consent.
We may transfer your personal data based on your explicit consent.
3. Compliance with the law.
We may disclose your personal data to third parties to the extent that it is necessary:
- to comply with a government request, court order, or applicable law;
- to prevent unlawful use of our Website or policies;
- to protect against claims of third parties;
- to help prevent or investigate fraud.
4. Transfer to third parties.
We may transfer your personal data to third parties based on a data processing agreement, subject to the application of technical and organisational measures to protect your personal data. We may share data with certain companies, consultants and contractors hired to provide certain services on our behalf.
Data protection
We apply a variety of security measures appropriate to the risks.
Organisational measures
Staff training
Internal policies and instructions
Non-disclosure agreements (NDA)
Transfer protection
Physical measures
Video monitoring
Signalling
Limited access to premises
(biometric identification)
Round the clock security
(security agency)
Technical measures
Two-factor authentication
Backups
Firewalls
Encryption technologies
Data subjects rights
Our Users, as the data subjects, have the following rights:
European Economic Area and United Kingdom residents
You, as a data subject, have the right to interact with your data directly or through a request to us. This section describes these rights and how you can exercise them:
The right
Description
Right to access.
You can request an explanation of the processing of your personal data.
Right to rectification.
You can change the data if it is inaccurate or incomplete.
Right to erasure.
You can send us a request to delete your personal data from our systems. We will remove them unless otherwise provided by law.
Right to restrict the processing.
You may partially or completely prohibit us from processing your personal data.
Right to data portability.
You can request all the data you provided to us and request to transfer data to another controller.
Right to object.
You may object to the processing of your personal data.
Right to withdraw consent.
You can withdraw your consent at any time.
Right to file a complaint.
If your request was not satisfied, you could file a complaint to the regulatory body.
If you are:
European Economic Area residents – you can submit a complaint to your local Data
Protection Authority. You may find it
here.
United States residents
You, as data subjects, have some special privacy rights. To use them, please contact us.
Please note! Depending on the state and legislative requirements, we have from 30 to 60 days to exercise your request, with the right to postpone it for 30 days more.
If your complaint was not satisfied, you can file a complaint with the Federal Trade Commission.
Your rights vary depending on the laws that apply to you, but may include:
Right
Description
The right
Right to access.
You can request an explanation of the processing of your personal data.
- California;
- Virginia;
- Ohio;
- Colorado;
- Nevada;
- Massachusetts;
- Minnesota;
- New York;
- North Carolina;
- Pennsylvania;
- Delaware;
- Utah.
Right to rectification.
You can change the data if it is inaccurate or incomplete.
- California;
- Virginia;
- Colorado;
- Nevada;
- Delaware;
- Minnesota;
- Minnesota;
- New York;
- North Carolina;
Right to deletion.
You can send us a request to delete your personal data from our systems.
- California;
- Virginia;
- Ohio;
- Colorado;
- Massachusetts;
- Minnesota;
- New York;
- North Carolina;
- Pennsylvania;
- Utah.
Right to restriction.
You may partially or completely prohibit us from processing your personal data.
- California;
- Massachusetts;
Right to portability.
You can request all the data you provided to us and request to transfer data to another controller.
- California;
- Virginia;
- Ohio;
- Colorado;
- Massachusetts;
- Utah.
- Minnesota;
- New York;
- North Carolina;
Right to Opt-Out.
The right to prohibit the sharing or selling of your data.
- California;
- Virginia;
- Ohio;
- Colorado;
- Nevada;
- Massachusetts;
- Minnesota;
- New York;
- North Carolina;
- Pennsylvania;
- Delaware;
- Colorado;
- Utah.
Right Against Automated Decision Making.
You have the right not to be subject to a decision based solely on automated means if the decision produces legal effects concerning you or significantly affects you in a similar way.
- California;
- Massachusetts;
- Virginia;
- Colorado;
- Minnesota;
- New York;
- North Carolina;
Right to lodge a complaint.
If your request was not satisfied, you can file a complaint to the regulatory body.
By default.
Note: Some states do not have their own privacy laws. The rights of residents of such states are governed by U.S. federal law. If your state is not on the list, please
contact us.
Do-not-track requests
California residents visiting our websites may request that we do not automatically gather and track information pertaining to their online browsing movements across the Internet.
Such requests are typically made through web browser settings that control signals or other mechanisms that allow consumers to exercise choice regarding collecting personal data about an individual consumer's online activities over time and across third-party websites or online services.
We currently do not have the ability to honour these requests. We may modify this Privacy Notice as our abilities change.
Canada residents
You, as individuals, have privacy rights prescribed by Canada federal and provincial privacy laws.
If you want to get additional information, please contact us by filling a request.
If your complaint was not satisfied, you can file a complaint to the Office of the Privacy Commissioner of Canada.
Cookies
We use cookies that are needed for the Website’s operation. By using cookies, we receive automatically collected data. You can read more in our Cookies Policy.
If you want to disable cookies, you can find instructions for managing your browser settings at these links:
Privacy Notice updating
The Privacy Notice and the relationships falling under its effect are regulated by General Data Protection Regulation for EU citizens, General Data Protection Regulation United Kingdom for UK citizens, Canadian and provincial laws for Canada citizens and United States laws for US citizens.
Existing laws and requirements for processing personal data are subject to change. In this case, we will publish a new version of the Privacy Notice on our Website.
If significant material changes are made to our Website that may affect your privacy and confidentiality, we will notify you by displaying information on the main page of our Website and ask for your consent if necessary.
About us
Name
LLC “Growave”
EIN
38-4336358
Address
8 The Green, STE R, Dover, DE 19901, USA
Email
support@growave.io – for general
issues
privacy@growave.io – for privacy
issues
Phone number