Privacy Policy

Changes to our Privacy Policy will be posted on our website and emailed to you. Please review it often. Using our services means agreeing to any updates.

Straight Up Growth Data Protection Policy

Policy brief & purpose

Our Straight Up Growth Data Protection Policy reflects our commitment to treating information of employees, customers, stakeholders, and other involved parties with the utmost care and confidentiality. This policy outlines our pledge to gather, store, and handle data fairly, transparently, and with respect for individual rights.

Applicable Laws

This policy is designed to comply with applicable data protection laws, including but not limited to the California Consumer Privacy Act (CCPA) and other relevant federal and state regulations.


This policy applies to all parties (employees, job candidates, customers, suppliers, etc.) who provide any information to us.

Who is covered under the Data Protection Policy?

Employees of our company and its subsidiaries must adhere to this policy. Contractors, consultants, partners, and any other external entities are also covered. This policy pertains to anyone we collaborate with or who acts on our behalf and may need occasional access to data.

Policy elements

As part of our operations, we need to obtain and process information. This information includes any offline or online data that makes a person identifiable, such as names, addresses, usernames and passwords, digital footprints, photographs, social security numbers, financial data, etc.
Our company collects this information transparently and only with the full cooperation and knowledge of interested parties. Once this information is available to us, the following rules apply.
Our data will be:
  • Accurate and kept up-to-date
  • Collected fairly and for lawful purposes only
  • Processed by the company within its legal and moral boundaries
  • Protected against any unauthorized or illegal access by internal or external parties

Our data will not be:
  • Communicated informally
  • Stored for more than a specified amount of time
  • Transferred to organizations, states, or countries that do not have adequate data protection policies
  • Distributed to any party other than the ones agreed upon by the data's owner (except for legitimate requests from law enforcement authorities)

Data Minimization

We will adhere to the principle of data minimization, collecting only the information necessary for the intended purpose.

Data Security Measures

We will implement robust data security measures, including encryption methods, firewall systems, and security certifications, to protect online data from unauthorized access or cyberattacks.

Data Breach Response Plan

In the event of a data breach, we will promptly notify affected parties, cooperate with authorities, and take corrective actions to prevent future breaches.

Data Subject Rights

Individuals have the right to access, rectify, delete, or restrict the processing of their personal data. Requests for exercising these rights can be directed to the designated contact person or department.

Employee Training

Employees will receive regular training on data protection, covering specific topics, training methods, and updates on data protection practices.

Document Retention

We will specify the duration for which data is stored and the criteria for determining when it should be deleted to ensure compliance with data protection principles.

Monitoring and Auditing

Regular monitoring and auditing processes will be in place to assess compliance with the data protection policy. This may include internal audits and third-party assessments.

Communication with Data Owners

We will communicate any changes to the data protection policy or practices to data owners in a clear and transparent manner.

Disciplinary Consequences

All principles described in this policy must be strictly followed. A breach of data protection guidelines will invoke disciplinary and possibly legal action.
This policy will be regularly reviewed and updated to ensure ongoing compliance with applicable laws and best practices in data protection.