Skip to main content
GrowthPath AI

Privacy Policy

Last updated: March 3, 2026

GrowthPath AI ("we", "us", "our") operates the growthpath.work website and the GrowthPath AI platform. This Privacy Policy describes how we collect, use, and share information about you when you use our services.

Information We Collect

Information you provide

  • Account information: Name, email address, company name, and role when you create an account or contact us.
  • Employee data: Information about your employees that you input into the platform for performance reviews, assessments, and other features.
  • Assessment responses: Answers to security culture assessments and pulse surveys.
  • Communication data: Messages you send through our contact forms or to our support email.

Information collected automatically

  • Usage data: Pages visited, features used, time spent, via PostHog analytics (with your consent).
  • Device information: Browser type, operating system, and device type.
  • Cookies: See our Cookie Policy for details.

How We Use Your Information

  • Provide and improve our services
  • Process AI-powered features (review drafts, analysis, recommendations)
  • Communicate with you about your account and our services
  • Ensure security and prevent fraud
  • Comply with legal obligations

AI Data Processing

When you use AI-powered features, your data is processed by our AI providers (Anthropic). This data:

  • Is used solely to generate the requested output (e.g., a review draft)
  • Is not used to train AI models
  • Is subject to the same security controls as all other data
  • Is not shared between organizations

Data Sharing

We do not sell your personal information. We share data only with:

  • Service providers: Hosting, email, payment processing, and AI providers who process data on our behalf.
  • Legal requirements: When required by law, regulation, or legal process.

Data Retention

We retain your data for as long as your account is active or as needed to provide services. Upon account closure, data is retained in read-only mode for 30 days, then permanently deleted.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Opt out of analytics tracking

Security

We use industry-standard security measures including encryption at rest and in transit, tenant isolation, role-based access controls, and audit logging. See our Trust page for details.

Contact

For privacy questions or to exercise your rights:

Email: hello@growthpath.work