Draft, pending legal review. This document provides baseline safeguards and is not legal advice. Have counsel review before relying on it.

Data Processing Addendum

Version 1.0-draft · Effective June 8, 2026 · Contact privacy@growth.store

This Addendum forms part of the agreement between you (“Controller”) and growth.store (“Processor”) and governs our processing of personal data on your behalf under the GDPR and equivalent laws.

1. Roles

For LinkedIn engagement data you collect through the Service, you are the Controller and we are the Processor. For your account and billing data, we are the Controller.

2. Scope & instructions

We process personal data only on your documented instructions — i.e. to provide the Service — and as required by law. We will inform you if an instruction appears to infringe applicable law.

3. Subject matter & categories

Data subjects: you, and third parties who engage with your content.
Categories: profile identifiers, professional headline, engagement metrics, follower/geographic data.
Duration: for the term of the agreement, subject to the retention policy.

4. Confidentiality & security

Personnel with access are bound by confidentiality. We maintain technical and organizational measures appropriate to the risk: encryption in transit and at rest, per-tenant row-level isolation, least-privilege access, and audit logging.

5. Subprocessors

You authorize the subprocessors listed on our Subprocessors page. We impose data-protection obligations on each and remain liable for their performance, and will give notice of additions so you may object.

6. Data-subject requests & assistance

We assist you in responding to data-subject requests and in meeting your obligations for security, breach notification, and impact assessments. We notify you without undue delay on becoming aware of a personal-data breach.

7. International transfers

Where personal data is transferred outside the EEA/UK, we rely on appropriate safeguards such as the Standard Contractual Clauses.

8. Deletion & audit

On termination, we delete or return personal data per the retention policy. We make available information reasonably necessary to demonstrate compliance and submit to audits subject to reasonable confidentiality and notice.

9. Contact

Data protection contact: privacy@growth.store.