Legal

Privacy Policy

Last updated: April 2026

At GrowthSpark CRM ("GrowthSpark," "we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website, application, and services (collectively, the "Service"). By using GrowthSpark, you agree to the practices described in this policy.

1. Information We Collect

We collect information that you provide directly and information generated through your use of the Service:

Account Information: Name, email address, phone number, business name, and billing address when you create an account.
Business Data: Customer contacts, deal information, invoices, communication logs, and other data you enter into the Service.
Payment Information: Payment method details processed securely through our payment partners (Razorpay, Stripe). We do not store your full card number on our servers.
Usage Data: Device information, IP address, browser type, pages visited, feature usage patterns, and interaction timestamps.
Communication Data: Messages you send through the Service, support tickets, and feedback you provide.
Third-Party Integrations: If you connect WhatsApp, email, or other third-party services, we may receive data from those platforms as authorized by you.

2. How We Use Your Information

We use your information for the following purposes:

To provide, maintain, and improve the GrowthSpark Service.
To process transactions and send related billing notifications.
To send you product updates, feature announcements, and marketing communications (you can opt out at any time).
To provide customer support and respond to your inquiries.
To generate aggregated, anonymized analytics that help us improve the product.
To detect and prevent fraud, abuse, or security incidents.
To comply with legal obligations under Indian law and applicable regulations.

3. Data Storage and Security

Your data is stored on secure cloud servers with industry-standard encryption at rest (AES-256) and in transit (TLS 1.2+). We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Our infrastructure is hosted on reputable cloud platforms with data centers that maintain SOC 2 and ISO 27001 certifications. We perform regular security audits and vulnerability assessments. While no method of transmission over the Internet is completely secure, we strive to use commercially acceptable means to protect your data.

4. Third-Party Services

We use trusted third-party services to operate GrowthSpark. These partners have access to your information only as needed to perform their services and are obligated to protect it:

Payment Processing: Razorpay and Stripe for secure payment handling.
Cloud Hosting: Vercel, AWS, and Supabase for application hosting and database management.
Analytics: PostHog and Vercel Analytics for understanding product usage (anonymized data only).
Email: Resend for transactional emails and notifications.
Error Monitoring: Sentry for detecting and resolving technical issues.

We do not sell, rent, or trade your personal information to any third party for advertising or marketing purposes.

5. Cookies

GrowthSpark uses cookies and similar technologies to enhance your experience:

Essential Cookies: Required for authentication, security, and core functionality. These cannot be disabled.
Analytics Cookies: Help us understand how you use the Service so we can improve it. You can opt out through your browser settings.
Preference Cookies: Remember your settings such as language and theme preferences.

We do not use advertising or tracking cookies. You can manage cookie preferences through your browser settings at any time.

6. Your Rights

As a user of GrowthSpark, you have the following rights regarding your personal data:

Access: Request a copy of the personal information we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data, subject to legal retention requirements.
Data Portability: Export your business data in standard formats (CSV, JSON) at any time from your account settings.
Opt-Out: Unsubscribe from marketing communications at any time via the unsubscribe link in our emails.
Account Closure: Close your account and request permanent deletion of your data.

To exercise any of these rights, contact us at hello@growthspark7.com. We will respond within 30 days.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. If you close your account, we will delete your data within 90 days, except where we are required to retain it for legal, accounting, or regulatory purposes (such as GST invoicing records, which must be retained for a minimum of 6 years under Indian tax law).

Anonymized and aggregated data that cannot identify you may be retained indefinitely for analytical and product improvement purposes.

8. Children's Privacy

GrowthSpark is designed for business use and is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a person under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us at hello@growthspark7.com.

9. Compliance with Indian Law

GrowthSpark is committed to complying with the Information Technology Act, 2000 (IT Act), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDPA) as applicable. We implement reasonable security practices as prescribed under these laws to protect sensitive personal data.

If you have concerns about how your data is being processed, you may file a complaint with the Data Protection Board of India as established under the DPDPA.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you by email or through a prominent notice within the Service at least 15 days before the changes take effect. Your continued use of GrowthSpark after the effective date constitutes acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out to us:

Email: hello@growthspark7.com
Address: GrowthSpark Technologies, Tirupati, Andhra Pradesh, India
Response Time: Within 30 business days of receiving your request.