Log in

Privacy Policy

Last updated 2026-05-08

FounderGrowth ("we") takes the privacy of the people who use the product seriously. This policy explains, in plain language, what data we collect, why, who we share it with and how you can exercise your rights under LGPD (Brazilian law 13.709/2018) and GDPR (EU Regulation 2016/679).

1. Data we collect

We only collect what we need to deliver the product:

  • Identification: name, email, profile photo, timezone and interface language.
  • User content: imported articles, AI-generated drafts, Voice DNA settings, published posts.
  • Social connections: OAuth tokens required to publish on LinkedIn, X (Twitter) and Instagram. Tokens are stored encrypted and never exposed to the client.
  • Billing: Stripe customer ID and subscription status. We do not store card numbers.
  • Minimal telemetry: server error logs (without content body) to diagnose failures.

2. Purpose of processing

We use data exclusively to: authenticate you, generate content in your Voice DNA, publish to your connected social platforms, process billing, improve the product experience and comply with legal obligations. We never use your content to train public AI models.

3. Sub-processors

To run the product we rely on the following sub-processors:

  • Supabase (authentication, database, storage) — USA, with EU standard contractual clauses.
  • Vercel (hosting) — USA/EU.
  • Stripe (billing) — USA/Ireland, PCI-DSS Level 1.
  • Anthropic and OpenAI (text generation API) — USA, data not used for training.
  • LinkedIn, Meta (Instagram) and X — only to publish content you approved.

4. Retention

We keep your data for as long as your account is active. When you delete the account in Settings → Delete my account (or via DELETE /api/me), all personal data and associated content are removed within 30 seconds. Operational logs without PII may be retained for up to 30 days for security auditing. Billing invoices are retained by Stripe for the legally required period.

5. Your rights

You have the right to access, correct, export and delete your data at any time. For access/export use the Settings page. To delete everything, click "Delete my account" — the operation runs within 30 seconds and is irreversible. You can also revoke social connections individually. For any other request or complaint to a supervisory authority (ANPD/EU DPA), write to our DPO at the email below.

6. Cookies and tracking

We always use essential cookies (login session). Analytics and marketing cookies are only activated if you explicitly consent in the banner that appears on your first visit. You can review your choice at any time on the Cookies page.

7. International transfers

Because most of our sub-processors are in the USA, your data may be transferred internationally. We use Standard Contractual Clauses (SCCs) and/or equivalent mechanisms to guarantee an adequate level of protection.

8. DPO contact

For any privacy question, write to privacy@foundergrowth.app. We answer within 15 days.

This document was written as a baseline and reviewed by our product team, but does not replace legal advice for your specific jurisdiction.

Your privacy, your call.

We use essential cookies to make FounderGrowth work and optional cookies to learn what's working. You can change this anytime. Manage cookie preferences.