Privacy Policy

Name: Epic Growth
Address: MT
Price range: €€€

Last updated: March 2026

1. Data Controller

Epic Growth Company Limited ("we", "our", "us"), a company registered in Malta, is the data controller responsible for your personal data collected through epicgrowth.com.

For privacy-related enquiries, contact us at marketing@epicgrowth.com.

2. Data We Collect

Information you provide: name, email address, company name, and message content submitted via our contact form or login page.

Analytics data (with consent): We use Google Analytics 4 (GA4) to understand how visitors interact with our site. GA4 sets cookies including _ga and _gid to distinguish unique users and sessions. These cookies are only set after you provide consent via our cookie banner. If you decline, no analytics cookies are placed.

Essential cookies: If you log in to our dashboard, we set an epic-session httpOnly cookie for authentication. This is strictly necessary and does not require consent.

3. Legal Basis for Processing

We process your personal data under the following legal bases:

Consent — for analytics cookies (GDPR Art. 6(1)(a))
Legitimate interest — to respond to contact form enquiries and improve our services (GDPR Art. 6(1)(f))
Contract performance — to provide dashboard access and services you have requested (GDPR Art. 6(1)(b))

4. How We Use Your Data

We use your data to respond to enquiries, deliver services you have requested, improve our website experience, and comply with legal obligations. We never sell your personal data to third parties.

5. Sub-processors & Third Parties

We share personal data with the following service providers:

Google Analytics (Google LLC, US) — website analytics, only with your consent
Google Cloud Platform (Google LLC, EU region europe-west1) — hosting and database
Gmail API (Google LLC) — sending transactional emails (magic links, contact form responses)

6. International Data Transfers

Some of our sub-processors (notably Google LLC) process data in the United States. These transfers are governed by the EU-US Data Privacy Framework and Standard Contractual Clauses (SCCs) to ensure an adequate level of data protection.

7. Data Retention

Contact form submissions are retained for up to 24 months unless you request earlier deletion. Authentication tokens expire after 7 days. Analytics data is retained in Google Analytics for 14 months (the default GA4 retention period).

8. Your Rights

Under GDPR, you have the right to:

Access the personal data we hold about you
Rectify inaccurate data
Request erasure of your data
Restrict or object to processing
Data portability — receive your data in a structured, machine-readable format
Withdraw consent at any time (e.g. via the Cookie Settings link in our footer)

To exercise these rights, email marketing@epicgrowth.com.

9. Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Information and Data Protection Commissioner (IDPC), Malta's supervisory authority under GDPR.

10. Contact

For privacy-related questions, please email marketing@epicgrowth.com or use our contact page.