Privacy Policy

Last updated: 15 January 2026

1. Introduction

truegrowthio AG ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you visit our website or use our services. This policy applies to all personal data we collect from individuals within the European Union and is designed to comply with the General Data Protection Regulation (GDPR) and Austrian data protection laws.

2. Data Controller Information

The data controller responsible for your personal information is:

  • Company: truegrowthio AG
  • Address: Rotenturmstraße 66, 4018 Linz, Upper Austria, Austria
  • Registration Number: FN482376a
  • VAT Number: ATU48346792
  • Contact Email: privacy@truegrowthio.world
  • Phone: +43 7324945213

3. Data We Collect

The data we collect depends on how you interact with our website and services. We may collect the following types of personal information:

3.1 Information You Provide Directly

When you contact us through our website forms, email, or phone, we collect:

  • Name and contact details (email address, phone number)
  • Company information and job title
  • Messages and enquiry details
  • Any other information you choose to provide

3.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical information:

  • IP address and location data
  • Browser type and version
  • Device information and operating system
  • Pages visited and time spent on our website
  • Referral source and website navigation patterns

4. How We Use Your Information

We use your personal data for the following purposes, based on legitimate legal grounds under GDPR:

4.1 Service Provision (Legal Basis: Contract Performance)

How we use your information to provide our financial internal control framework services:

  • Responding to your enquiries and providing consultation
  • Delivering our professional services
  • Managing client relationships and project communications
  • Processing payments and maintaining financial records

4.2 Business Operations (Legal Basis: Legitimate Interest)

We use your data to operate and improve our business:

  • Website analytics and performance improvement
  • Marketing communications about our services
  • Business development and relationship management
  • Legal compliance and risk management

4.3 Legal Compliance (Legal Basis: Legal Obligation)

We may process your data to comply with legal requirements:

  • Austrian and EU regulatory compliance
  • Financial record keeping and tax obligations
  • Professional standards and industry regulations

5. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our Cookie Policy.

6. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following limited circumstances:

6.1 Service Providers

We work with trusted third-party service providers who assist us in operating our business:

  • Website hosting and technical support services
  • Email communication and marketing platforms
  • Analytics and website performance tools
  • Professional advisors (lawyers, accountants, consultants)

6.2 Legal Requirements

We may disclose your information if required by law or to protect our legal rights:

  • Compliance with court orders or legal processes
  • Cooperation with regulatory authorities
  • Protection of our rights, property, or safety

7. Your Rights

Under GDPR and Austrian data protection law, you have the following rights regarding your personal data:

7.1 Access and Information

You have the right to request information about how we process your data and to obtain a copy of your personal information.

7.2 Correction and Updates

You can request correction of inaccurate or incomplete personal data we hold about you.

7.3 Deletion

You can request deletion of your personal data in certain circumstances, such as when it's no longer necessary for the original purpose.

7.4 Restriction and Objection

You can request restriction of processing or object to certain types of data processing, including direct marketing.

7.5 Data Portability

You have the right to receive your personal data in a structured, commonly used format and to transfer it to another service provider.

7.6 Withdrawal of Consent

Where processing is based on consent, you can withdraw your consent at any time.

To exercise any of these rights, please contact us at privacy@truegrowthio.world or +43 7324945213. We will respond to your request within one month.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this privacy policy:

8.1 Client Data

Client information and project data are retained for the duration of our business relationship plus seven years for legal and regulatory compliance purposes.

8.2 Marketing Data

Marketing communications data is retained until you unsubscribe or withdraw consent, or for a maximum of three years from last contact.

8.3 Website Analytics

Website analytics data is typically retained for 26 months, in accordance with Google Analytics default settings.

8.4 Legal Requirements

Some data may be retained longer to comply with Austrian and EU legal obligations, such as financial records and tax documentation.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Secure data transmission using SSL encryption
  • Access controls and authentication systems
  • Regular security assessments and updates
  • Staff training on data protection and security
  • Secure data storage and backup procedures

10. International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions
  • Standard contractual clauses
  • Binding corporate rules
  • Certification schemes or codes of conduct

11. Contact Information

If you have any questions about this privacy policy or how we handle your personal data, please contact us:

12. Complaints

If you believe we have not handled your personal data in accordance with this policy or applicable law, you have the right to lodge a complaint with the relevant supervisory authority:

  • Austrian Data Protection Authority (Datenschutzbehörde)
  • Website: www.dsb.gv.at
  • Email: dsb@dsb.gv.at
  • Phone: +43 1 531 15 202525

13. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will notify you by posting the updated policy on our website with a new "last updated" date. We encourage you to review this policy periodically to stay informed about how we protect your privacy.

14. Governing Law

This privacy policy is governed by Austrian law and the General Data Protection Regulation (GDPR). Any disputes arising from this policy will be subject to the jurisdiction of Austrian courts.