Privacy Policy

Last Updated: March 2026

Expose Growth (“we”, “us”, or “our”) operates the website https://exposegrowth.com.

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website, use our services, subscribe to Growth Hub, or interact with our communications.

We are committed to protecting your personal data and complying with applicable data protection laws including:

• UK General Data Protection Regulation (UK GDPR)
• EU General Data Protection Regulation (EU GDPR)

By using our website or services, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We may collect and process several types of personal information depending on how you interact with our website and services.

Information You Provide

You may provide personal data when you:

• contact us
• subscribe to newsletters or resources
• purchase services
• subscribe to Growth Hub
• download guides or playbooks
• submit forms on our website

This may include:

• name
• email address
• company name
• job title
• billing information
• payment details (processed by third-party providers)

Information Collected Automatically

When you visit our website, certain information may be collected automatically through analytics tools and cookies.

This may include:

• IP address
• browser type
• device type
• pages visited
• referring website
• time spent on pages
• interaction with website features

This data helps us understand how visitors use our website and improve our services.

2. How We Use Your Information

We use personal information for the following purposes:

• to provide and deliver our services
• to manage Growth Hub subscriptions
• to respond to enquiries or requests
• to process payments
• to send newsletters or marketing communications
• to improve our website and user experience
• to analyse website performance and usage
• to comply with legal obligations

We will only process your personal data when we have a lawful basis to do so under GDPR.

3. Legal Basis for Processing

Under UK and EU GDPR, we rely on the following lawful bases for processing personal data.

Consent

When you subscribe to email communications or download resources.

You can withdraw consent at any time.

Contract

When processing information required to deliver services, subscriptions, or purchases.

Legitimate Interests

We may process certain information to:

• improve our website
• analyse usage patterns
• provide relevant marketing
• maintain security

We ensure this does not override your data protection rights.

4. Email Marketing

If you subscribe to our newsletter, download resources, or opt into communications, we may send marketing emails.

Email communications may include:

• newsletters
• marketing insights
• product or service updates
• Growth Hub updates
• new resources or guides

Email communications are delivered through our email marketing provider:

Klaviyo

You may unsubscribe from marketing emails at any time by clicking the unsubscribe link included in each message.

5. Payment Processing

Payments for services or subscriptions may be processed by third-party providers including:

• Stripe
• PayPal

These providers securely process payment information on our behalf.

Expose Growth does not store or process full payment card details.

Payment providers process data in accordance with their own privacy policies.

6. CRM and Customer Communication

We use Brevo as a customer relationship management (CRM) and communication platform.

Brevo may store and process customer contact information to help manage communication and support service delivery.

This may include:

• names
• email addresses
• communication history

Brevo processes personal data in accordance with GDPR and applicable data protection laws.

7. Cookies and Tracking Technologies

Our website may use cookies and similar technologies to improve functionality and analyse user behaviour.

Cookies may be used for:

• website analytics
• performance measurement
• improving user experience
• remembering preferences

You may manage or disable cookies through your browser settings.

Further information is available in our Cookie Policy.

8. Data Sharing

We do not sell or rent personal data.

However, we may share personal information with trusted third-party service providers where necessary to operate our business.

These providers may include:

• payment processors (Stripe, PayPal)
• email marketing services (Klaviyo)
• CRM providers (Brevo)
• analytics services
• website hosting providers

These third parties only process personal data where necessary and are required to protect it appropriately.

9. International Data Transfers

Some of our service providers may process data outside the United Kingdom or European Economic Area (EEA).

Where international transfers occur, we ensure appropriate safeguards are in place to protect personal data in accordance with GDPR requirements.

These safeguards may include:

• Standard Contractual Clauses (SCCs)
• adequacy decisions by relevant authorities

10. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy.

Retention periods may depend on:

• legal obligations
• contractual requirements
• legitimate business needs

When personal data is no longer required, it will be securely deleted or anonymised.

11. Your Data Protection Rights

Under UK GDPR and EU GDPR, you have certain rights regarding your personal data.

These may include:

• the right to access your personal data
• the right to correct inaccurate data
• the right to request deletion of your data
• the right to restrict processing
• the right to data portability
• the right to object to processing
• the right to withdraw consent

If you wish to exercise these rights, you may contact us through the website.

12. Data Security

We implement appropriate technical and organisational measures to protect personal data against:

• unauthorised access
• loss
• misuse
• alteration
• disclosure

While we take reasonable steps to protect data, no online system can be guaranteed to be completely secure.

13. Third-Party Links

Our website may contain links to external websites.

We are not responsible for the privacy practices of third-party websites.

Users are encouraged to review the privacy policies of any external websites they visit.

14. Children’s Privacy

Our website and services are intended for individuals aged 18 or older.

We do not knowingly collect personal data from children under the age of 18.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in:

• legal requirements
• services offered
• data processing practices

Updated policies will be published on this page with the revised date.

16. Contact

If you have any questions about this Privacy Policy or how we handle personal data, you may contact us via:

Contact Us