Privacy Policy - Growium Agents

Privacy at a Glance

Here's how we protect your privacy:

✅ What We Do

Encrypt all data in transit and at rest
Follow GDPR and privacy regulations
Give you full control over your data
Provide transparent data practices
Offer easy data deletion options

❌ What We Don't Do

Use your data to train AI models
Sell your personal information
Share data without your consent
Track you across other websites
Store unnecessary personal data

1. Introduction

SOFTWARE MIRACLES S.R.L. ("we," "us," or "our") operates the Growium Agents platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered assistant services.

We are committed to protecting your privacy and ensuring transparency about our data practices. This policy applies to all users of our platform, website, and related services.

Data Controller Information

SOFTWARE MIRACLES S.R.L.

Registration: J19/235/2011

Tax ID: 28399956

Address: Str. Victoriei 30/4, Odorheiu Secuiesc, 535600, Harghita, Romania

Privacy Contact: support@growiumagent.com

2. Information We Collect

2.1 Information You Provide Directly

Data Type	Examples	Purpose
Account Information	Name, email, username, password	Account creation and authentication
Profile Data	Organization name, job title, preferences	Service personalization
Content Data	AI conversations, uploaded files, created content	Providing AI services
Payment Information	Billing address, payment method (processed by third parties)	Subscription management
Communication Data	Support messages, feedback, survey responses	Customer support and service improvement

2.2 Information We Collect Automatically

Usage Data: Features used, time spent, interaction patterns
Technical Data: IP address, browser type, device information
Performance Data: Error logs, response times, system performance
Analytics Data: Aggregated and anonymized usage statistics

2.3 Information We Don't Collect

                            Sensitive personal data (health, biometric, genetic information)
Financial account details (handled by payment processors)
Location data beyond general geographic region
Data from other websites or applications

                        

3. How We Use Your Information

3.1 Primary Uses

Service Delivery: Providing AI assistant functionality and features
Account Management: Creating, maintaining, and securing user accounts
Payment Processing: Managing subscriptions and billing
Customer Support: Responding to inquiries and resolving issues
Service Improvement: Analyzing usage patterns to enhance our platform

3.2 Legal Bases for Processing (GDPR)

Processing Activity	Legal Basis
Providing AI services	Contract performance
Account creation and management	Contract performance
Payment processing	Contract performance
Customer support	Legitimate interest
Service improvement	Legitimate interest
Marketing communications	Consent (opt-in)
Legal compliance	Legal obligation

Important: AI Training Policy

We do NOT use your personal data, conversations, or content to train our AI models. Your data remains private and is only used to provide you with personalized AI assistance.

4. Data Sharing and Disclosure

4.1 When We Share Data

We only share your data in these limited circumstances:

Service Providers: Third-party vendors who help us operate our platform (hosting, payment processing, analytics)
Legal Requirements: When required by law, court order, or government request
Business Transfers: In case of merger, acquisition, or sale of assets (with notice)
Safety and Security: To protect our users, platform, or public safety
With Your Consent: When you explicitly agree to data sharing

4.2 Third-Party Service Providers

Service Type	Purpose	Data Shared	Safeguards
Cloud Hosting	Platform infrastructure	All platform data (encrypted)	Enterprise-grade security, data processing agreements
Payment Processing	Subscription billing	Billing information only	PCI DSS compliance, encrypted transactions
Email Services	Transactional emails	Email addresses, names	GDPR compliance, limited data access
Analytics	Usage insights	Anonymized usage data	Data anonymization, privacy-focused tools

4.3 What We Don't Share

                            We never sell your personal information
We don't share data for advertising purposes
We don't provide data to data brokers
We don't share AI conversation content without consent

                        

5. Data Security

5.1 Technical Safeguards

Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls: Role-based access with multi-factor authentication
Network Security: Firewalls, intrusion detection, and monitoring
Regular Audits: Security assessments and vulnerability testing
Secure Infrastructure: Enterprise-grade cloud hosting with security certifications

5.2 Organizational Safeguards

Staff Training: Regular privacy and security training for all employees
Data Minimization: We only collect and retain necessary data
Incident Response: Procedures for handling security breaches
Vendor Management: Security requirements for all third-party providers

5.3 Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours via email and provide details about the incident and steps we're taking to address it.

6. Data Retention

Data Type	Retention Period	Reason
Account Information	Duration of account + 30 days	Service provision and account recovery
AI Conversations	Duration of account + 30 days	Service continuity and user experience
Payment Records	7 years after last transaction	Legal and tax compliance
Support Communications	3 years after resolution	Service improvement and legal protection
Usage Analytics	2 years (anonymized)	Service improvement and business analytics

Early Deletion

You can request deletion of your data at any time by emailing support@growiumagent.com. We will process your request within 30 days, except where retention is required by law.

7. Your Privacy Rights

7.1 GDPR Rights (EU Users)

Access & Control

Right to Access: Request copies of your personal data
Right to Rectification: Correct inaccurate information
Right to Erasure: Request deletion of your data
Right to Portability: Export your data in a standard format

Processing Control

Right to Restrict: Limit how we process your data
Right to Object: Opt out of certain processing activities
Right to Withdraw Consent: Revoke consent for marketing
Right to Complain: File complaints with supervisory authorities

7.2 How to Exercise Your Rights

Contact us at: support@growiumagent.com

Response time: We will respond within 30 days

Verification: We may need to verify your identity before processing requests

7.3 Account Controls

You can also manage your data directly through your account:

Update profile information and preferences
Delete individual conversations or content
Export your data and conversation history
Manage email communication preferences
Delete your account and all associated data

8. International Data Transfers

Our primary data processing occurs within the European Union. However, some of our service providers may process data in other countries. When we transfer data internationally, we ensure adequate protection through:

Adequacy Decisions: Transfers to countries with EU-approved data protection
Standard Contractual Clauses: EU-approved contracts for data protection
Certification Schemes: Providers with recognized privacy certifications
Binding Corporate Rules: Internal policies ensuring consistent protection

We regularly review our international transfer mechanisms to ensure they meet current legal requirements.

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

Cookie Type	Purpose	Duration	Required
Essential	Platform functionality, security, authentication	Session/1 year	Yes
Functional	User preferences, settings, language	1 year	No
Analytics	Usage statistics, performance monitoring	2 years	No

9.2 Cookie Management

You can control cookies through:

Browser settings (block, delete, or restrict cookies)
Our cookie consent banner (manage preferences)
Account settings (disable optional tracking)

Note: Disabling essential cookies may affect platform functionality. We don't use third-party advertising cookies or cross-site tracking.

10. Children's Privacy

Our service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10.1 Educational Use

For educational institutions using our platform with students under 18:

The institution must obtain appropriate parental consent
Student data is processed under the institution's instructions
Additional safeguards apply to protect student privacy
Parents can request access to or deletion of their child's data

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

Email notification to your registered address
Prominent notice on our website and platform
In-app notification for significant changes

We encourage you to review this Privacy Policy periodically. Your continued use of our service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

General Inquiries

📧 support@growiumagent.com

📍 SOFTWARE MIRACLES S.R.L.

Str. Victoriei 30/4, Odorheiu Secuiesc, 535600, Harghita, Romania

Data Protection Officer

📧 support@growiumagent.com

Subject: "Data Protection Inquiry"

Response time: Within 30 days

12.1 Supervisory Authority

If you're not satisfied with our response to your privacy concerns, you have the right to file a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) or your local data protection authority.

This Privacy Policy is effective as of January 12, 2025.

Previous versions are available upon request.