Legal
Privacy Notice
Last updated: 14 July 2026
1. Who we are
GrowthGiant is operated by QAMY (Registration No. BN688240626), a business registered in the Republic of Ghana ("QAMY", "we", "us"). QAMY is the data controller for personal data processed through the GrowthGiant website, platform, and related services (the "Service").
2. Personal data we collect
- Account data: name, email address, password (hashed), organization name.
- Profile & brand data: brand assets, tone-of-voice preferences, channels you connect.
- User content: prompts, campaigns, documents, and other content you submit.
- Support communications: messages you send us and our responses.
- Usage & telemetry: pages viewed, features used, actions taken, performance metrics.
- Device & connection data: IP address, browser type, operating system, timestamps.
- Cookies & similar technologies: see section 8.
Payment card details are collected and processed directly by Paddle, our Merchant of Record; we do not receive or store your full card number.
3. How we use your data & legal basis
- To provide the Service (create your account, run the 19 engines, deliver outputs) — performance of a contract.
- To process payments and manage subscriptions — performance of a contract (via Paddle).
- To secure the Service and prevent fraud or abuse — legitimate interests.
- To improve the Service and develop new features — legitimate interests.
- To provide customer support — performance of a contract / legitimate interests.
- To send product updates and marketing — consent, which you can withdraw at any time.
- To comply with legal obligations (tax, accounting, regulatory) — legal obligation.
4. Who we share data with
- Paddle — our Merchant of Record for the sale of subscriptions, payment processing, tax compliance, invoicing, and refund handling.
- Service providers / subprocessors — hosting and cloud infrastructure, database and storage providers, email delivery, error monitoring, product analytics, and customer support tooling.
- AI model providers — the underlying model providers that power the Service's engines, under contractual data protection terms.
- Professional advisers — legal, accounting, and audit advisers under confidentiality obligations.
- Authorities — where we are required by law, court order, or valid legal process.
- Successors — in the event of a merger, acquisition, or reorganization.
We do not sell your personal data.
5. International transfers
QAMY is based in Ghana, and our subprocessors may be located in other countries, including in the European Economic Area, the United Kingdom, and the United States. Where personal data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms recognised under applicable law.
6. Data retention
We keep personal data only as long as needed for the purposes described above. Account and content data is retained while your account is active; after cancellation we keep it for a reasonable window to allow reactivation and then delete or anonymise it, subject to legal retention obligations (for example, tax and accounting records).
7. Your rights
Subject to applicable law, you have the right to:
- access the personal data we hold about you;
- request correction of inaccurate data;
- request deletion of your data ("right to be forgotten");
- request restriction of processing;
- request a portable copy of your data;
- object to processing based on legitimate interests;
- withdraw consent at any time where processing is based on consent;
- lodge a complaint with the data protection authority in your country.
To exercise any of these rights, contact us via our contact page. We will respond within one month.
8. Cookies
We use cookies and similar technologies for three purposes:
- Essential — sign-in, session management, security. These cannot be switched off.
- Analytics — understanding how the Service is used so we can improve it.
- Preferences — remembering your settings such as theme.
You can manage cookies through your browser settings; disabling essential cookies will prevent core features from working.
9. Security
We apply appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, least-privilege access to production systems, and continuous monitoring. No system is perfectly secure, so we also maintain incident response procedures.
10. Children
The Service is not directed to children under 16, and we do not knowingly collect personal data from children.
11. Changes to this notice
We may update this Privacy Notice from time to time. Material changes will be notified through the Service or by email.
12. Contact
For privacy questions or to exercise your rights, contact QAMY via our contact page.