Privacy Policy
This Privacy Policy explains how GrowthStrike Pte. Ltd. (“GrowthStrike”, “we”, “us” or “our”) collects, uses, discloses and protects personal data in connection with the website growthstrike.life and related business communications. We design our practices to align with the Personal Data Protection Act 2012 of Singapore (“PDPA”) and its subsidiary regulations, as amended from time to time. This Policy is written for visitors, prospective clients, clients’ authorised contacts and other individuals who interact with our studio.
We are a growth marketing and experiments studio, not a consumer social network or a mass data broker. We aim to collect only what we need to operate responsibly, respond to enquiries, deliver contracted services and improve our site experience where consent allows. If you have questions after reading this Policy, contact us using the details in Section 12.
1. Who is responsible for your personal data
The organisation responsible for personal data described in this Policy is GrowthStrike Pte. Ltd., with its registered office at 380 Jalan Besar, #09-01, Singapore 209000. You may reach us by telephone at +65 6664 7193 or by email at [email protected]. For operational triage of website forms, messages may be routed through secure email systems used by our team.
When we process personal data solely on behalf of a client under a services agreement — for example, analysing campaign audiences using client-controlled advertising accounts — the client typically remains the primary organisation determining purposes. In those cases, our role and instructions are defined in the relevant contract, data processing terms or statement of work. This Policy focuses on data we control in our own business operations and website.
2. Personal data we may collect
The categories of personal data we collect depend on how you interact with us. They may include:
- Identity and contact data — name, job title, company name, business email address, telephone number and preferred contact method.
- Enquiry and correspondence data — messages you send through our contact form or email, meeting notes from discovery calls, and attachments you choose to share (such as funnel screenshots or briefing decks).
- Contract and billing data — billing entity details, invoice contacts, payment references and records reasonably required for accounting and tax compliance in Singapore.
- Technical and usage data — IP address, browser type, device type, referring URL, pages viewed, approximate location derived from IP, and cookie identifiers as described in our Cookie Policy.
- Marketing preferences — records of consent for optional analytics cookies, newsletter or event invitations where offered, and unsubscribe requests.
- Recruitment data — if you apply for a role, the CV, portfolio links and interview notes you provide.
We do not knowingly seek sensitive personal data (such as health information or religious beliefs) through this website. Please do not submit such information via the contact form. If a project requires special categories of data, we will address lawful handling in a separate agreement.
We do not intentionally collect personal data from children. Our services are directed at businesses and professional adults. If you believe a minor has provided data to us, contact [email protected] so we can delete it where appropriate.
3. How we collect personal data
We collect personal data in the following ways:
- Directly from you when you submit forms, email us, call us, attend meetings, or visit our studio by appointment at Jalan Besar.
- Automatically when you browse growthstrike.life, through server logs and cookies or similar technologies described in the Cookie Policy.
- From your organisation when a colleague nominates you as a project contact, stakeholder or billing recipient.
- From publicly available professional sources such as company websites or business registries, where reasonably necessary to verify a business enquiry and only to the extent appropriate.
Our website contact form includes a consent checkbox referring to this Policy and the PDPA. Submissions also include anti-spam measures such as a honeypot field that humans should leave blank. Failed or automated submissions may be discarded without further processing.
4. Purposes of use
We use personal data for purposes that a reasonable person would consider appropriate in the circumstances, including to:
- respond to growth enquiries, experiment briefings, funnel reviews and general inquiries;
- schedule calls, prepare proposals and negotiate statements of work;
- deliver growth marketing services, report progress and manage client relationships;
- issue invoices, process payments and maintain financial records;
- operate, secure and improve our website and communications;
- measure aggregated site performance where analytics consent has been given;
- comply with legal obligations, respond to lawful requests and protect our rights;
- send service-related notices that are not marketing (for example, contract renewals); and
- with appropriate consent or other lawful basis, send occasional studio updates about programmes or events.
We will not use personal data for incompatible purposes without notifying you where required and obtaining fresh consent when the PDPA requires it. We do not sell personal data.
5. Legal bases and consent under the PDPA
Depending on the activity, our collection and use of personal data may rely on one or more of the following: your consent (for example, the contact form PDPA checkbox or analytics cookies); necessity for entering into or performing a contract with you or your organisation; legitimate interests that are not outweighed by your rights (for example, securing our systems or improving service quality); or legal obligations applicable in Singapore.
Where we rely on consent, you may withdraw it by contacting us. Withdrawal does not affect processing already lawfully completed, and may limit our ability to continue certain optional activities (such as non-essential analytics). If consent withdrawal affects a live marketing campaign we run on your behalf as a processor, we will coordinate with the instructing organisation.
6. Disclosure to third parties
We may disclose personal data to trusted third parties who assist our operations, under confidentiality and data protection obligations appropriate to the service, including:
- email and productivity providers used to receive and manage enquiries;
- hosting, DNS and security providers supporting growthstrike.life;
- professional advisers such as accountants, auditors or lawyers when necessary;
- payment and invoicing tools used for business transactions;
- analytics providers, only if you have accepted optional analytics cookies; and
- regulators, courts or law enforcement when disclosure is required or permitted by law.
Some providers may process data in countries outside Singapore. Where we transfer personal data overseas, we take steps to ensure a standard of protection comparable to the PDPA, such as appropriate contractual clauses, vendor assessments or other transfer mechanisms available at the time. Exact vendor lists evolve with our stack; you may request current categories by contacting us.
If we undergo a corporate reorganisation, merger or sale of assets, personal data may be transferred to successor entities subject to continued privacy protections consistent with this Policy.
7. Cookies and similar technologies
We use essential cookies to operate the site and remember basic preferences such as cookie consent choices stored in local storage. Optional analytics cookies are used only after you accept them via our cookie banner. For detailed descriptions, retention and controls, please read our Cookie Policy. You can change your browser settings to block cookies, though essential site functions may be affected.
8. Retention
We retain personal data only for as long as necessary to fulfil the purposes described above, including:
- enquiry records — typically up to twenty-four months after the last meaningful interaction, unless a longer period is needed for ongoing discussions;
- client project files — for the duration of the engagement and a reasonable period thereafter for continuity, dispute management and professional standards;
- billing and tax records — for periods required under Singapore law and accounting practice; and
- security logs — for shorter operational windows unless investigation needs extend retention.
When data is no longer required, we securely delete or anonymise it where feasible. Residual copies in encrypted backups may persist until those backups recycle according to our infrastructure schedule.
9. Security measures
We implement administrative, technical and physical safeguards reasonably appropriate to the nature of the data we hold. These may include access controls, least-privilege practices, encrypted transport (HTTPS) for our website, staff confidentiality expectations and vendor due diligence. No method of transmission or storage is perfectly secure; we cannot guarantee absolute security, but we work to reduce risk and to respond promptly to incidents.
If we become aware of a data breach that is likely to result in significant harm or that meets notification thresholds under applicable guidance, we will assess and notify affected individuals and/or the Personal Data Protection Commission as required.
10. Your rights and choices
Subject to the PDPA and applicable exceptions, you may request to:
- access personal data we hold about you;
- correct inaccurate or incomplete personal data;
- withdraw consent for optional processing;
- ask questions about our data practices; and
- lodge a complaint with us and, if unresolved, with the Personal Data Protection Commission of Singapore.
To exercise access or correction rights, email [email protected] with sufficient detail to identify you and your request. We may need to verify your identity before responding. We aim to respond within a reasonable period consistent with PDPA timelines. We may refuse requests that are frivolous, vexatious, or that would reveal another individual’s personal data without authorisation, or that fall within recognised exceptions.
11. Client marketing programmes and end-user data
When GrowthStrike assists clients with advertising platforms, analytics configuration, CRM journeys or experimentation tools, we typically access those systems under client credentials or invited roles. End-customer personal data in those systems remains governed primarily by the client’s privacy notices and platform terms. We instruct our team not to download bulk personal datasets onto unmanaged devices without authorisation, and to use personal data only for the contracted growth activities.
Clients are responsible for ensuring they have appropriate notices, consents and lawful bases for marketing to their customers, including compliance with the PDPA, Spam Control Act where relevant, and platform advertising policies. GrowthStrike can advise on consent copy and preference-centre patterns as part of a services engagement, but legal compliance for the client’s customer base remains the client’s responsibility unless expressly agreed otherwise in writing.
12. Contact, complaints and updates
For privacy requests or complaints, contact:
GrowthStrike Pte. Ltd.
380 Jalan Besar, #09-01
Singapore 209000
Email: [email protected]
Telephone: +65 6664 7193
Please include “Privacy request” in the subject line. If you are unsatisfied with our response, you may contact the Personal Data Protection Commission (PDPC) of Singapore through its official channels.
We may update this Privacy Policy from time to time to reflect operational, legal or regulatory changes. The “Last updated” date at the top of this page will change when revisions are published. Material changes that affect consent-based processing may be communicated through the website banner, email or other reasonable means. Continued use of the site after updates constitutes awareness of the revised Policy to the extent permitted by law; where fresh consent is required, we will seek it.
13. Marketing outcomes disclaimer (privacy context)
Separately from privacy, please note that growth and experiment results vary by offer, traffic quality, budget, creative and platform rules. Engaging GrowthStrike or submitting personal data through this website does not create any guarantee of leads, revenue multiples, conversion rates or ROI. Privacy compliance and marketing performance are distinct topics; excellence in one does not automatically produce the other.
14. Related documents
Please also review our Cookie Policy, Terms of Use and Legal notice for complementary information about this website and GrowthStrike Pte. Ltd.
Thank you for trusting GrowthStrike with your enquiry. We take that trust seriously as we help Singapore teams build clearer growth loops in 2026 and beyond.