Prowth Logo

Privacy Policy

The website pROwth, https://www.prowth.com/ and its associated website https://app.prowth.com and other websites as may be developed by pROwth (hereinafter collectively referred to as "Website"), is a web application that provides full-stack product growth consultancy services including eCommerce growth strategy, performance marketing, SEO, conversion rate optimisation, UX improvements, and data-led growth experimentation ("Services") for users, including D2C and B2B eCommerce brands, founders, CMOs, and growth heads ("Users" / "you", "yours"). The Website is owned and operated by pROwth ("we", "us", "our").

This Privacy Policy ("Policy") governs the manner in which we collect, use, maintain, and disclose information collected from you, and outlines how you can limit the sharing of information. We are committed to protecting the privacy of our Users and follow appropriate security, administrative measures, and processes to guard your personal data from breach, loss, misuse, or alteration. You can visit our Website to browse without revealing any information about yourself. The Website collects only information voluntarily provided by you; if you do not provide your basic personal information, we may not be able to serve your request.

1. General Information We Collect on the pROwth Website

pROwth collects data about your activities that does not personally or directly identify you when you visit our website. This information may include the content you view, the date and time that you view this content, or your location information associated with your IP address. We use the information we collect to serve you more relevant content and improve our Services.

We collect information about where you saw communications from us and what content you engaged with. We do not link non-personally identifiable information stored using cookies to any personally identifiable information you submit while on our site.

The personal information we may collect includes:

  • Names, phone numbers, email addresses, and mailing addresses
  • Job titles, company names, and professional contact preferences
  • Usernames, passwords, and authentication data
  • Billing addresses and payment data (processed by third-party processors such as Stripe)
  • Social Media Login Data from third-party accounts where you choose to connect

All personal information you provide must be true, complete, and accurate.

Information Automatically Collected

When you visit or use the Services, we automatically collect certain technical and behavioural information. This may include:

  • Log and Usage Data — service-related diagnostic and performance data, IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps
  • Device Data — device and application identifiers, operating system, browser characteristics
  • Location Data — IP-based geolocation; precise location only if you explicitly enable it

We use cookies and similar technologies (web beacons, tags, pixels) to collect this information. See Section 8 for full details on our Cookie Policy.

2. Information We Collect from Client Platforms & Stores

When a client connects their eCommerce store to pROwth's Services (including Shopify, WooCommerce, Magento, or other platforms), we may access certain types of information from those accounts to provide our growth services. This includes:

  • Basic account information: name, email address, phone number associated with the store account
  • Store and product data: product catalogues, inventory data, pricing, and descriptions required to run campaigns or produce growth recommendations
  • Order and transaction data: order IDs, sales volumes, statistical data on purchases and customer behaviour necessary for performance analysis
  • Customer behaviour data: page views, add-to-cart events, purchase events, and other on-site interactions tracked through integration tags

We collect this information through:

  • Direct API integrations authorised by the client
  • Cookies and tracking technologies placed on the client's storefront with their consent
  • Log files that track actions and collect IP addresses, browser types, and session data
  • Web beacons, tags, and pixels embedded on the client's website

We only access client store data to the extent necessary to deliver the Services the client has requested. This data is never used for pROwth's own advertising or shared with third parties for commercial gain.

3. Information We Collect from Client Google Accounts

Where clients authorise pROwth to access their Google accounts, data is obtained through authorised API credentials issued through the official Google API framework. These credentials are stored in a secure location and kept strictly confidential.

We access only the minimum data required to provide seamless, effective growth services. Specifically, we may access the following Google services on behalf of clients:

  • Google Ads — We access the client's Google Ads account (connected to our manager account) to fetch campaign data, create and optimise campaigns, manage ad spend, and generate performance reports.
  • Google Merchant Center — We access the client's Merchant Center to create and manage product feeds, upload products, and ensure listings are optimised for Shopping campaigns.
  • Google Analytics — We access the client's Google Analytics (GA4 or Universal Analytics) to track conversions, page views, user behaviour, and other website performance data used for recommendations and reporting.
  • Google Tag Manager — We access the client's Tag Manager account to fire custom event tags on the website for purchases, add-to-cart actions, product views, and other conversion events.
  • Google Search Console — Where authorised, we access Search Console to monitor organic search performance, keyword rankings, indexing status, and technical SEO data.

We do not access any personal data of the client's end-customers through Google APIs beyond anonymised aggregated behavioural data required for campaign and analytics purposes.

4. Why We Request Google User Data

We request access to Google user data solely to provide the growth services our clients have engaged us for. Specifically, this data enables us to:

  • Create, manage, and optimise paid advertising campaigns across Google Ads and Shopping
  • Track and attribute conversions, revenue, and user actions to the correct channels and campaigns
  • Generate data-backed performance reports and growth recommendations
  • Monitor organic search visibility, identify ranking opportunities, and measure SEO progress
  • Implement and validate event tracking for accurate measurement of key business actions
  • Deliver a seamless, integrated experience across the client's Google marketing ecosystem

pROwth does not use Google user data for any purpose unrelated to the specific service the client has authorised. We do not use this data for advertising to third parties, building audience profiles for resale, or training AI/ML models.

5. Tracking Technologies on Our Website

Google Analytics

To optimise this website, we use Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses cookies — text files placed on your computer — to help analyse how you use this website. The information generated by the cookie about your use of this website (including your IP address) will be transmitted to and stored by Google on servers in the United States.

Where IP anonymisation is activated on this website, your IP address will be truncated by Google within EU/EEA member states before transmission. On behalf of the website operator, Google uses this information to evaluate your use of the website, compile reports on website activity, and provide other services relating to website activity and internet usage. The IP address transmitted by your browser will not be combined by Google with any other data held by Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser; however, please note that doing so may affect your ability to use the full functionality of this website. You may also prevent data collection by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on available at http://tools.google.com/dlpage/gaoptout.

Google Ads (Conversion Tracking)

We use Google Ads Conversion Tracking, a web analytics service provided by Google, Inc. Google Ads places a cookie in your browser ("Conversion Cookie") if you have accessed our website via a Google ad. If you access some of our pages and the cookie is still valid, we and Google can recognise that someone has clicked on the ad and was subsequently directed to our website.

Each Google Ads customer uses a different cookie; therefore, it is not possible to track cookies across the websites of different Google Ads customers. The information obtained via Conversion Cookies is used to compile conversion reports for Google Ads customers. Customers receive the number of users who clicked on their ad and were directed to a page with a Conversion Tracking Tag, but do not receive any information that would allow them to personally identify those users.

You may refuse the use of Conversion Cookies by selecting the appropriate settings on your browser.

LinkedIn

Our website may include social media features such as a LinkedIn button or widget. This feature may collect your IP address, record which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Your interactions with this feature are governed by the privacy policy of LinkedIn. Please refer to the LinkedIn Privacy Policy at https://www.linkedin.com/legal/privacy-policy for further information.

Facebook / Meta Social Plugins

This website may use social plugins from the social network facebook.com, operated by Meta Platforms, Inc. The plugins may be identified by the Facebook logo or the label "Facebook Social Plugin". If you access a page on our website that includes such a plugin, your browser establishes a direct connection to Facebook's servers. Facebook transfers the social plugin content directly to your browser, which then integrates it into the website. We therefore have no influence over the data Facebook collects via its social plugins.

Through the integration of the plugin, Facebook obtains information that you have accessed the respective page on our website, even if you are not a registered Facebook user or are not currently logged in. This information, along with your browser's IP address, is transferred to and stored on a Facebook server in the United States. If you are logged into Facebook, Facebook can associate this visit with your Facebook account. For information on the purpose and extent of data collection by Facebook, please refer to Facebook's privacy policy at http://www.facebook.com/about/privacy.

6. Google API Services User Data Policy Compliance Disclosure

pROwth complies with the Google API Services User Data Policy, including the Limited Use requirements. This policy governs the use and transfer of information received from Google APIs, ensuring that your data is handled responsibly and in accordance with Google's guidelines.

All permission requests made through Google API Services accurately represent the identity of pROwth and the specific data being requested. We do not request access to Google user data beyond what is necessary to deliver the features and services our clients have authorised.

If we ever intend to use Google user data for a new purpose not originally disclosed in this policy, we will update this policy and prompt affected users to review and provide consent before proceeding. We will not use Google user data for any undisclosed purpose without explicit prior consent.

pROwth's use and transfer to any other application of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

7. Limited Use Policy Disclosure

To reinforce our commitment to user privacy and compliance with Google's requirements, pROwth strictly adheres to the Limited Use requirements specified by the Google API Services User Data Policy. Our use and transfer of information obtained from Google APIs is governed by the following principles:

  • Use of data is limited to providing or improving user-facing features that are prominent in pROwth's application and service interface.
  • Transfers of data to third parties are not permitted except: (a) to provide or improve our authorised features with the user's consent; (b) for security purposes such as investigating abuse; (c) to comply with applicable law; or (d) as part of a merger, acquisition, or sale of assets after obtaining explicit prior consent from the user.
  • pROwth personnel are prohibited from reading, viewing, or otherwise accessing the content of Google user data unless: (a) the user has given explicit, affirmative consent for a specific team member to view specific data; (b) access is necessary for a genuine security investigation such as investigating a bug or abuse; (c) access is necessary to comply with applicable law; or (d) the data is aggregated, anonymised, and used for internal operational purposes in accordance with applicable law.

All other uses of Google user data are prohibited, including:

  • Transferring or selling user data to third parties such as advertising platforms, data brokers, or information resellers
  • Using user data for serving ads, including retargeting or interest-based advertising
  • Using user data to determine creditworthiness or for lending purposes
  • Training AI or machine learning models using Google user data

All pROwth employees, agents, contractors, subprocessors, and successors who handle Google user data on our behalf are contractually required to comply with the Google API Services User Data Policy and these Limited Use requirements. pROwth remains responsible for ensuring their compliance.

8. Cookie Policy

"Cookies" are small pieces of information that a website sends to your computer's hard drive while you are viewing that website. We use cookies, local storage, and other technologies to recognise your browser or device, learn more about your preferences, improve security, and provide you with essential features and services.

We may use the following types of cookies:

  • Session Cookies (temporary cookies that expire when you close your browser)
  • Persistent Cookies (which remain on your device until you delete them or they expire)
  • Third-Party Cookies (set by approved partners such as Google, LinkedIn, and Meta to track engagement and serve relevant communications)

Cookies allow you to take advantage of some of our essential features and enable us to deliver a more personalised experience. You can manage browser cookies through your browser settings. If you block or reject our cookies, you may not be able to use all the features and functions available on our Website.

Approved third parties, including search engines, social media networks, and eCommerce platform providers, may also set cookies when you interact with us, in the process of performing services on our behalf. You may access their individual cookie policies on their respective websites.

9. Opting Out from Marketing Communications

You may opt out of our marketing communications at any time by contacting us at info@prowth.com with the subject line "Marketing Opt-Out". Upon receiving your request, we will cease to process the information required to contact you for marketing purposes.

However, information that is necessary to provide you with the Services you have requested will continue to be processed and used. Opting out of marketing communications does not affect the lawfulness of any processing carried out prior to your opt-out.

10. Note for Minors

This Website, its events, promotions, blog content, materials, and other Services as displayed on the Website are not intended for use by anyone under the age of 18 years. We do not knowingly collect personal data relating to anyone under the age of 18 years, unless the same has been provided to us directly by you.

If you believe we have collected personal information from a person under the age of 18, please contact us immediately at info@prowth.com so we can flag and escalate the matter to our data processor for removal and take appropriate action.

11. Outbound Links

The Website may contain links to third-party websites and resources (collectively referred to as "Linked Sites"). These Linked Sites are provided solely as a convenience and as part of our Services, and do not constitute an endorsement by pROwth of the content of such Linked Sites.

We make no representations or warranties regarding the correctness, accuracy, performance, or quality of any content, software, service, or application found at any Linked Site, and are not responsible for the availability of Linked Sites or the content, activities, or functions of such sites.

If you decide to access Linked Sites, you do so at your own risk, understanding that your use of Linked Sites is subject to any applicable policies and terms and conditions of use, including the Linked Site's own privacy policy.

12. Inbound Links

Linking to any page of the Website other than https://www.prowth.com/ through a plain text link is strictly prohibited in the absence of a separate linkage agreement with us. Any website or device that links to https://www.prowth.com/ or any page available therein does so subject to our prior written consent.

13. Your Rights

In accordance with the principles of international privacy laws, you are granted the following rights:

  • The right to access: You may request access to your personal data and enquire about the manner in which it is used, processed, stored, or transferred to third parties. Where required, we may provide an electronic copy of your personal data, free of charge.
  • The right to be informed: You have the right to be informed about the manner of collection and use of your personal data and to give your free, express consent for the same.
  • The right to data portability: You may obtain and reuse your personal data for your own purposes across different services. You may move, copy, or transfer your personal data from one service provider to another at any time, in a commonly used and machine-readable format.
  • The right to be forgotten: If you are no longer a client or wish to withdraw your consent to the use of your personal data, you have the right to request that your data be deleted. We will coordinate with our data processors and platform providers to facilitate this on your behalf.
  • The right to object: If you have any objections to our use or processing of your data, you may request that we stop further processing of that data. Following a valid request, processing will cease.
  • The right to restrict processing: You can ask us to stop processing your data entirely or to stop a certain type of processing.
  • The right to be notified: You have the right to be notified promptly in the event of a personal data breach that compromises your personal data, in accordance with applicable legal timelines.
  • The right to rectification: You may request that your personal data be updated, completed, or corrected. As pROwth operates with read-only access to data held by third-party platforms, we will coordinate rectification requests with the relevant data processors and platform providers on your behalf.

To exercise any of the above rights, please contact us at info@prowth.com.

14. No Discrimination

We provide equal and non-discriminatory services to all Users of the Website and do not discriminate against any User on the grounds of their refusal to provide consent or their exercise of any rights under applicable law.

However, the collection and processing of certain data is necessary for us to provide our Services. If you refuse to grant us the necessary permissions, we may not be able to provide certain features or Services to you.

15. Consent and Legal Basis for Processing

We collect and process personal data based on one or more of the following legal bases under applicable data protection law, including Article 6 of the General Data Protection Regulation (GDPR):

  • Consent — where you have provided explicit, informed, voluntary, and unambiguous consent for a specific purpose
  • Performance of a contract — where processing is necessary to provide Services or perform a contract with you
  • Legitimate interests — where we have a business reason to process your data that does not override your rights (e.g., security, product improvement, fraud prevention)
  • Legal obligations — where we must process data to comply with applicable law
  • Vital interests — to protect life in emergency situations

When you submit any form on our website — such as booking a consultation or subscribing to updates — you provide informed, voluntary, and unambiguous consent for us to process your data for the stated purpose(s). By submitting your information, you confirm that you understand and agree to our Terms of Service and this Privacy Policy, and acknowledge the purpose for which your data will be processed, such as communication, service delivery, or marketing outreach.

If you choose not to provide your consent, or later withdraw it, we may be unable to offer you certain services or respond to specific requests.

16. Withdrawal of Consent

You may withdraw your consent at any time, without affecting the lawfulness of the processing carried out before your withdrawal. If you wish to withdraw your consent to the collection and use of your personal information, please email us at info@prowth.com with the subject line "Consent Withdrawal Request."

Upon receiving your request, we will take steps to facilitate deletion of your data through the relevant data processors (unless retention is required for legal or contractual obligations) and cease any further processing based on that consent. You will be notified once your request has been actioned.

17. Consent Records

To maintain compliance with GDPR and demonstrate accountability, we retain a record of the consent you provide. This record includes:

  • The form or mechanism through which consent was submitted
  • The specific checkboxes or consent declarations selected
  • The date and time consent was given
  • The version of the Terms of Service and Privacy Policy presented at the time of consent

These records are stored securely and used solely for compliance and audit purposes. They are not shared with third parties or used for any commercial purpose.

18. Google User Data Handling

1. Use of AI/ML Models

pROwth does not use Google user data in any AI or machine learning model. Any AI or ML features within our Services are entirely independent and do not access, process, or train on any data obtained through Google Workspace or Google API Services. Google user data is never used to train, improve, or develop any AI/ML model, algorithm, or automated decision-making system.

2. Data Sharing and Disclosure

We do not share, sell, transfer, or disclose any Google user data to third parties. Data accessed via Google APIs is used exclusively to provide the specific functionality requested and authorised by the client and is never used for advertising, audience profiling, or third-party analytics.

The only circumstances under which Google user data may be disclosed are:

  • To service providers acting strictly on our behalf and bound by confidentiality obligations consistent with this policy
  • As required by applicable law or in response to a valid legal process
  • With your explicit, informed, prior consent for a specific additional purpose

3. Data Protection and Security Measures

We follow industry best practices to secure all user data, including sensitive information obtained through Google APIs. Our security measures include:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of data at rest
  • Role-based access controls ensuring only authorised personnel can access relevant data
  • Access logging and real-time monitoring for anomalous activity
  • Least-privilege access principles applied to all systems and integrations
  • Regular security audits, vulnerability assessments, and patch management

Only authorised pROwth personnel may access user data, and strictly only to support the delivery of client-facing Services. This access is logged and reviewed on a regular basis.

4. Sensitive & Restricted Scope Security

If pROwth accesses any Google Restricted Scopes (such as full Gmail access, full Google Drive access, or other restricted API scopes), those integrations are subject to additional Google verification requirements, including annual third-party security assessments and a Letter of Assessment from a Google-designated assessor. Where applicable, pROwth will maintain compliance with all such requirements and make assessment status available to clients upon request.

19. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this Policy, unless a longer retention period is required or permitted by law. Our approach to retention is as follows:

  • Personal data required to deliver active Services is retained for the duration of the client or user relationship
  • Upon termination of the relationship, data is retained for a reasonable period to meet any legal, contractual, or regulatory obligations before being requested for deletion or anonymisation through the relevant data processors
  • Google user data is retained only for as long as necessary to provide the relevant service and is deleted promptly upon revocation of access authorisation, except where retention is required by law
  • Backup copies of data may be retained in secure systems until deletion cycles are completed

When data is no longer needed, it is securely deleted or anonymised so it can no longer be attributed to any individual. We do not retain personal data beyond what is reasonably necessary for legal, tax, or legitimate business purposes.

You may request revocation of pROwth's access to your Google account at any time via your Google Account security settings at myaccount.google.com/permissions. Upon revocation, we will request deletion of stored Google user data in accordance with our secure deletion procedures, except where retention is required by law.

20. Security

We implement reasonable and appropriate technical and organisational measures to protect personal information against unauthorised or unlawful access, use, destruction, loss, alteration, or disclosure. These measures are designed to provide a level of security appropriate to the risk of processing.

However, no system or transmission of data over the internet is completely secure. Transmission of personal information is at your own risk; we encourage you to access our Services from secure environments and to keep your login credentials confidential.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and, where required, the relevant supervisory authority, in accordance with applicable law.

21. International Data Transfers

Our servers and service providers may be located in India, the United States, and other countries. If you access our Services from outside those countries, your data may be transferred to and processed in countries with different data protection laws to your own.

Where such transfers occur, we implement appropriate safeguards to protect your data in accordance with applicable law, which may include:

  • Standard Contractual Clauses approved by the European Commission
  • Data Processing Agreements with third-party service providers
  • Other legally recognised transfer mechanisms appropriate to the jurisdiction

By using our Services, you acknowledge that your data may be transferred internationally as described in this Policy.

22. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, Services, or applicable law. The revised version will be indicated by an updated "Last Updated" date at the top of this document and will be effective when posted.

Where changes are material — meaning they significantly affect how we handle your personal data or your rights — we will communicate those changes by a prominent notice on our website or by direct communication to affected users. We encourage you to review this Policy regularly to stay informed.

If you continue to use our Services after the effective date of a revised Policy, you will be deemed to have accepted the updated terms. If you do not agree with any changes, please discontinue use of our Services and contact us to request that your data be removed.

23. How to Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or the way we handle your personal data, please contact us using the details below. We are committed to addressing your queries promptly and transparently.

Company: pROwth

Website: www.prowth.com

Email: info@prowth.com

Subject: Privacy / Data Request

To review the personal information we hold about you, or to request that it be updated or deleted, please visit your account settings on the Services or contact us at the email address above. As pROwth holds read-only access to data through third-party integrations, any update or deletion requests will be coordinated and facilitated through the relevant data processors and platform providers, subject to applicable legal exceptions and our verification procedures.

If you wish to exercise any rights regarding your Google user data specifically — including access or deletion requests — please email info@prowth.com with the subject line "Google Data Request". You may also revoke pROwth's access to your Google account directly via myaccount.google.com/permissions.