Privacy Policy

Last updated: March 2026 · GrowPixels Inc., New York, NY

This Privacy Policy explains how GrowPixels Inc. ("GrowPixels", "we", "us") collects, uses, and protects information when you use our fraud detection service and website. By using GrowPixels, you agree to this policy.

1. Information We Collect

  • Account information: When you register or request a demo, we collect your name, work email address, company name, and details about your payment stack.
  • Transaction data: When you use the GrowPixels API, we process transaction signals you send us — including card BIN, device fingerprint, IP address, order amount, and behavioral signals. We use this data solely to generate fraud risk scores and improve detection accuracy for your account.
  • Usage data: We collect logs of API calls, response times, and dashboard activity to operate and improve our service.
  • Communications: If you contact us by email, we retain that correspondence to respond and improve our support.

2. How We Use Your Information

  • To provide the fraud detection service and return risk scores via API.
  • To train and improve detection models. Merchant transaction data is used only within that merchant's own model — we do not share your transaction patterns with other merchants.
  • To send product updates, security notices, and service communications. You can opt out of marketing emails at any time.
  • To comply with legal obligations.

3. Data Sharing

  • We do not sell your data to third parties.
  • We do not share transaction data between merchants.
  • We may share data with infrastructure providers (cloud hosting, monitoring) under strict data processing agreements.
  • We will disclose data if required by law, court order, or to protect the rights and safety of GrowPixels and its users.

4. Data Retention

  • Account data is retained for the duration of your subscription and for 90 days after cancellation, after which it is deleted.
  • Transaction data used for model training is retained for up to 24 months to maintain detection accuracy. You may request deletion at any time.
  • We honour data subject access and deletion requests within 30 days.

5. Security

  • All data is encrypted in transit using TLS 1.3 and at rest using AES-256.
  • We operate on SOC 2-aligned infrastructure with access controls, audit logging, and regular security reviews.
  • We will notify affected merchants within 72 hours of becoming aware of a data breach.

6. Your Rights

  • You have the right to access, correct, or delete personal data we hold about you.
  • If you are in the EU or UK, you have rights under GDPR including the right to data portability and to lodge a complaint with your local supervisory authority.
  • If you are a California resident, you have rights under CCPA including the right to know what personal information we collect and the right to opt out of its sale (we do not sell personal information).
  • To exercise any of these rights, email hi@growpixels.io.

7. Cookies

  • Our marketing website uses essential cookies for session management and analytics cookies (such as Plausible or PostHog) to understand how visitors use the site. No advertising cookies are used.
  • You can opt out of analytics cookies via your browser settings.

8. Changes to This Policy

  • We may update this policy from time to time. We will notify you of material changes by email and will always display the date this policy was last updated at the top of this page.

9. Contact

  • Questions about this policy? Email us at hi@growpixels.io. We aim to respond within 5 business days.