Aligning intelligence…
Aligning intelligence…
Last updated: May 2026
Epic Growth Company Limited ("we", "our", "us"), a company registered in Malta (registration number C 60198), is the data controller responsible for your personal data collected through epicgrowth.com.
For privacy-related enquiries, please use our contact form and select "AI Governance / Data Rights".
Information you provide: name, email address, company name, and message content submitted via our contact form or login page. When you request a consultation, we also collect the business context you choose to share — such as your sector, team size, the service you are interested in, where your data lives today, your timeline, and how you currently use AI — so we can prepare for the call.
Newsletter subscribers: If you opt in to Epic Growth Insights, we store your email address and the date of subscription. We use a confirmed opt-in (double opt-in) flow so a subscription is only active once you click the confirmation link we send. Every email contains a one-click unsubscribe link.
Analytics data (with consent): We use Google Analytics 4 (GA4) to understand how visitors interact with our site. GA4 sets cookies including _ga and _gid to distinguish unique users and sessions. These cookies are only set after you provide consent via our cookie banner. If you decline, no analytics cookies are placed.
Essential cookies: This marketing site does not set authentication cookies. Our Foundation platform (foundation.epicgrowth.com) uses separate authentication cookies governed by its own privacy policy.
We process your personal data under the following legal bases:
We use your data to respond to enquiries, deliver services you have requested, improve our website experience, and comply with legal obligations. We never sell your personal data to third parties.
Our AI-powered funding journey agents (Discovery, Coordination, Preparation, Tracking, Compliance) operate on the Epic Growth Foundation platform (foundation.epicgrowth.com), which has its own privacy policy covering agent data processing, company profile storage, and audit logging.
This marketing site (epicgrowth.com) does not process company profile data or AI chat interactions. It provides information about Malta's grant landscape and links to the Foundation platform for interactive agent use.
Content production with AI. Some blog content on this site is produced with AI assistance (drafting, research) and edited by a named human author who holds editorial responsibility. Blog audio episodes are generated by Google NotebookLM from the published post text; no personal data of yours is used as input to any AI content production tool on this site. Open Graph and hero images are generated by Google Gemini Flash Image to a brief that produces abstract, non-photorealistic compositions.
For details on how our products are governed, including our EU AI Act Article 50 coverage, see our AI & Data Governance page.
We share personal data with the following service providers:
The Foundation platform (foundation.epicgrowth.com) uses additional sub-processors including Anthropic for AI agent functionality. See the Foundation's privacy policy for details.
Some links on our site are affiliate links. If you click one, you're taken to a third-party affiliate network that operates under its own privacy policy and may set a cookie to attribute the referral. These networks are independent third parties — we don't share your personal data with them, and they are not sub-processors of Epic Growth.
All server-side data (database, audit logs, application hosting) is stored in the EU via Google Cloud Platform (region Belgium). Your data does not leave the EU for storage purposes.
Some sub-processors receive data via API calls: Google Analytics (US) for website analytics (with consent only) and Gmail API for transactional emails. These transfers are governed by the EU-US Data Privacy Framework and Standard Contractual Clauses (SCCs) to ensure an adequate level of data protection.
Contact form submissions are retained for up to 24 months unless you request earlier deletion. Consultation booking data is retained for up to 24 months. Newsletter subscriber records are retained for as long as you remain subscribed; unsubscribed addresses are kept for up to 24 months as a suppression list so we do not accidentally email you again. Analytics data is retained in Google Analytics for 14 months (the default GA4 retention period).
Under GDPR, you have the right to:
To exercise these rights, use our contact form and select "AI Governance / Data Rights". We will respond within 30 days.
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Information and Data Protection Commissioner (IDPC), Malta's supervisory authority under GDPR.
For privacy-related questions, please use our contact form and select "AI Governance / Data Rights". For details on how our products are governed, see our AI & Data Governance page.