Last updated: 01 December 2025
Effective date: 01 December 2025

Welcome to UpGro Media (“UpGro”, “we”, “us”, “our”). We are a performance-marketing agency that helps healthcare and other businesses grow using websites, SEO, ads, analytics and automations.

This Privacy Policy explains how we collect, use, share and protect your personal information when you visit upgromedia.com (the “Website”), contact us, or use our services. It also explains your rights and how you can exercise them.

If you do not agree with this Policy, please do not use the Website or provide personal data to us.

---

1) Who we are (Data Controller)

UpGro Media
3rd Floor, 6/77, Vineet Khand 6, Gomti Nagar, Lucknow, Uttar Pradesh 226010, India
Phone: +91 75174 35693
Email: infoupgro@gmail.com
Grievance Officer (India DPDP Act): Dhiraj Jaiswal – privacy@upgromedia.com (🔧 or your preferred email)

For most activities on this Website we act as the Data Controller. For client projects (e.g., running ads, processing leads on your behalf) we may act as your Data Processor; in such cases a separate Data Processing Addendum (DPA) can be executed on request.

---

2) What data we collect

We collect the following categories of information:

a) Information you provide

• Contact details – name, email, phone/WhatsApp number, company, designation.
• Inquiry details – your requirements, budgets, files you upload, meeting notes.
• Billing details – GST, address and payment references if you become a customer.
• Testimonials / case study permissions – if you choose to share them.

b) Information collected automatically

• Usage & device data – IP address, browser type, device IDs, pages viewed, time on page, referring URLs.
• Cookies & similar technologies – see Section 7.

c) Third-party sources

• Leads from ad platforms (Google, Meta, LinkedIn), event registrations, webinar tools, referral partners, and publicly available business data (e.g., your clinic name, website URL).

Sensitive personal data: We do not intentionally collect health records or other sensitive personal data through this Website. If you are a healthcare client and need us to process patient information, we will do so only under a written agreement/DPA and process strictly as per your instructions.

---

3) Why we use your data (Purposes & Legal Bases)

We process data for the following purposes:

• Respond to inquiries & provide proposals (Contract/Legitimate Interests).
• Provide and manage services (Contract).
• Marketing communications such as newsletters, product updates, webinar invites (Consent/Legitimate Interests; you can unsubscribe anytime).
• Improve our Website and services using analytics and A/B testing (Legitimate Interests).
• Security & fraud prevention (Legitimate Interests/Legal Obligation).
• Compliance with applicable law, taxation, accounting and to enforce our agreements (Legal Obligation/Legitimate Interests).

Where required by law, we will obtain your consent (e.g., marketing emails, cookies).

---

4) Cookies & tracking technologies

We use cookies and similar technologies to run this site and measure performance. Typical tools may include:

• Google Analytics 4 (GA4) – usage analytics
• Google Ads, Meta Pixel, LinkedIn Insight Tag – ad measurement & remarketing
• Cloud/CDN & security tools (e.g., Cloudflare) – performance and protection

You can manage cookies using your browser settings and (where available) our [Cookie Settings] banner. Opting out may impact some features.

Interest-based advertising: You can also opt out via:

• Google Ads Preferences: https://adssettings.google.com
• Your Online Choices (EU): https://www.youronlinechoices.eu
• Network Advertising Initiative (US): https://optout.networkadvertising.org

---

5) How we share information

We never sell your personal information. We share data only with:

• Service providers / processors who help us operate (hosting, analytics, email, CRM, cloud storage, payment gateways).
• Ad platforms (Google, Meta, LinkedIn, etc.) for campaign delivery & measurement.
• Professional advisors (accountants, auditors, legal counsel).
• Authorities when required by law or to protect rights, safety, or property.
• Business transfers – in a merger, acquisition, or asset sale, your data may transfer subject to this Policy.

All processors are bound by confidentiality and data-protection obligations.

---

6) International data transfers

Our service providers may be located outside India (e.g., the EU/EEA or US). When we transfer data internationally, we rely on appropriate safeguards (such as Standard Contractual Clauses, DPDP-compliant contracts, or equivalent mechanisms).

---

7) Data retention

We keep data only as long as necessary for the purposes set out in this Policy:

• Marketing inquiries & analytics: up to 24 months from last interaction.
• Client records, contracts, invoices: up to 7 years (or as required by law).
• Security logs: typically 30–180 days.

When retention expires, data is securely deleted or anonymized.

---

8) Security

We implement reasonable technical and organizational measures such as HTTPS, access controls, least-privilege principles, encryption at rest/in transit where supported by our vendors, regular updates and staff confidentiality obligations. However, no method of transmission or storage is 100% secure.

---

9) Your rights

Your rights depend on your location’s laws (India DPDP Act, GDPR, etc.). Subject to verification and applicable exemptions, you may request:

• Access to your personal data
• Correction/rectification of inaccurate data
• Deletion/erasure of your data
• Restriction or objection to processing (e.g., direct marketing)
• Data portability (where applicable)
• Withdraw consent at any time (does not affect prior lawful processing)

How to exercise your rights

Email privacy@upgromedia.com (🔧 or infoupgro@gmail.com) with the subject “Privacy Request”. We will respond within timelines required by law.

---

10) Communications via WhatsApp, SMS, email & calls

By submitting your number or clicking WhatsApp/Call buttons, you consent to receiving service and marketing messages from UpGro Media. You can withdraw consent anytime by replying STOP on WhatsApp/SMS or clicking Unsubscribe in emails.

---

11) Children’s data

Our Website and services are not intended for individuals under 18. We do not knowingly collect children’s data. If you believe a minor has provided data, contact us and we will delete it.

---

12) Third-party websites

Our Website may link to third-party sites (e.g., client websites, tools). We are not responsible for their privacy practices. Please review their policies.

---

13) Payments

If you pay us online (e.g., Razorpay/Stripe 🔧), your payment is processed directly by the gateway. We receive limited payment metadata (e.g., success/failure, transaction ID) and do not store full card details.

---

14) Changes to this Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top indicates the latest version. Material changes will be notified on this page (and/or by email where appropriate).

---

15) Contact & Grievance Redressal

If you have questions, requests, or complaints about this Policy or your data, contact:

Grievance Officer (India):
Dhiraj Jaiswal
UpGro Media, 3rd Floor, 6/77, Vineet Khand 6, Gomti Nagar, Lucknow, UP 226010, India
Email: privacy@upgromedia.com (🔧) | Alt: infoupgro@gmail.com
Phone: +91 75174 35693

If you are located in the EU/UK and believe we have not resolved your concern, you may have the right to lodge a complaint with your local supervisory authority.

---

16) Role as Processor for Client Projects

When we manage campaigns, forms, landing pages, CRM syncs, or analytics on behalf of a client, we act as a Data Processor and process personal data strictly per the client’s instructions and the signed Service Agreement/DPA. The client remains the Data Controller responsible for notices and consents to their end-users.