Privacy Policy

1. Who we are

MarketGrow is an AI-powered analytics platform for ecommerce entrepreneurs, operated by MarketGrow B.V., based in the Netherlands. If you have questions about this policy, contact us at hello@marketgrow.ai.

2. What data we collect

We collect the following data when you use MarketGrow:

• Account data — name, email address, company name, password (hashed)
• Billing data — payment information processed by Stripe (we do not store card details)
• Store data — order data, product data, and revenue data synced from your connected platforms (Shopify, Bol.com, Amazon, Etsy, WooCommerce)
• Advertising data — campaign data, ad creatives, and performance metrics from connected advertising platforms (Meta, Google Ads, Bol.com Ads)
• Usage data — how you use the platform, which features you use, and technical logs
• Communications — emails you send to our support team

3. How we use your data

We use your data to:

• Provide and improve the MarketGrow platform
• Generate AI-powered insights and recommendations based on your store data
• Generate AI-powered advertising creatives and copy on your behalf, with your explicit approval before publishing
• Send you daily briefing emails and platform notifications (you can opt out)
• Process payments and manage your subscription
• Provide customer support
• Comply with legal obligations

We do not sell your data to third parties. We do not use your store data to train AI models that are shared with other customers.

4. Data storage and security

Your data is stored on servers within the European Union (Supabase, hosted on AWS eu-west-1). We use encryption at rest and in transit. All third-party access tokens (Shopify, Bol.com, Meta, Google Ads) are encrypted at rest using AES-256-GCM. Each customer account is strictly isolated at the database level using Row-Level Security — your data is never accessible to other MarketGrow customers.

5. Third-party services

We use the following third-party services to operate MarketGrow:

• Stripe — payment processing (privacy policy)
• Resend — transactional email (privacy policy)
• Anthropic — AI model provider for generating insights (privacy policy)
• Google — AI model provider for image generation (privacy policy)
• Upstash — Redis cache (privacy policy)

6. Meta Platform Integration

MarketGrow integrates with Meta's advertising platform (Facebook and Instagram) through the Meta Marketing API. This section explains what data we access and how we use it.

What we access

When you connect your Meta Business account to MarketGrow, with your explicit consent through Meta's official OAuth flow, we access:

• Basic information about your Meta Business Manager and connected ad accounts
• Information about Facebook Pages you manage
• Advertising campaign data (campaigns, ad sets, ads, creatives) that you have created via MarketGrow or that exists in your account
• Advertising performance metrics (impressions, reach, clicks, spend, conversions, ROAS)

What we do with this data

• Display campaign performance in your MarketGrow dashboard
• Generate AI-powered advertising creatives and copy on your behalf
• Publish advertising campaigns directly to your Meta ad account, with your explicit per-campaign approval
• Provide automated insights and growth recommendations
• Apply optional safeguards such as ROAS-based auto-pause rules

What we do NOT do

• We do not access your personal Facebook profile, friends list, photos, or messages
• We do not access data from Meta accounts other than the one you explicitly connect
• We do not sell, rent, or share your Meta data with any third party
• We do not use your Meta data to train AI models
• We do not retain your data after you disconnect your Meta account, except for aggregated, anonymised performance statistics

How we protect your Meta data

• All Meta access tokens are encrypted at rest using AES-256-GCM encryption
• All API communication is encrypted in transit via HTTPS / TLS 1.2+
• Tokens are stored separately from other account data and are accessible only by authorised backend processes
• Each customer account is isolated at the database level using Row-Level Security

Disconnecting your Meta account

You can disconnect your Meta account from MarketGrow at any time via Settings → Integrations → Meta → Disconnect. Disconnection immediately revokes our access token and removes all Meta-related data from our systems within 24 hours, except for aggregated, anonymised performance statistics that contain no personally identifiable information.

You can also revoke MarketGrow's access directly from Meta at any time via your Meta Business Tools settings.

7. Your rights (GDPR)

As a user in the EU/EEA, you have the right to:

• Access the data we hold about you
• Correct inaccurate data
• Request deletion of your data ("right to be forgotten")
• Object to or restrict processing of your data
• Export your data in a portable format
• Withdraw consent at any time

To exercise any of these rights, email us at hello@marketgrow.ai. We will respond within 30 days.

8. Data Deletion Request

You have the right to request deletion of all personal data we hold about you at any time, in accordance with the EU General Data Protection Regulation (GDPR).

How to request deletion

Send an email to hello@marketgrow.ai with the subject line "Data deletion request". Please include the email address associated with your MarketGrow account so we can locate your data.

What gets deleted

Upon receiving a verified request, we will permanently delete:

• Your MarketGrow account and login credentials
• All connected integration tokens (Shopify, Bol.com, Meta, Google Ads)
• All synchronised data including orders, products, advertising performance, and analytics
• All AI-generated content you have created within the platform
• All audit logs and usage history associated with your account

Timeframe

We process verified deletion requests within 30 days. You will receive an email confirmation once deletion is complete. After deletion, your data cannot be recovered.

Data retained for legal reasons

Certain billing and tax records may be retained for up to 7 years as required by Dutch tax law (Algemene Wet inzake Rijksbelastingen). These records are anonymised where possible and are not used for any other purpose.

Third-party data

Deleting your MarketGrow account does not delete data held by connected third parties (Meta, Shopify, Bol.com, Google). To remove data from those platforms, you must contact them directly. We will, however, immediately revoke our access tokens to those platforms upon deletion of your MarketGrow account.

9. Cookies

We use strictly necessary cookies to keep you logged in and to protect against CSRF attacks. We do not use advertising or tracking cookies. See our Cookie Policy for details.

10. Data retention

We retain your data for as long as your account is active. If you cancel your account, we delete your personal data within 90 days, except where we are required to retain it for legal or accounting purposes.

11. Changes to this policy

We may update this policy from time to time. We will notify you by email of material changes at least 30 days before they take effect.

12. Contact

Questions or concerns? Email us at hello@marketgrow.ai.