Privacy Policy

Last Updated: May 2, 2026

This Privacy Policy explains how Growth Engine LLC DBA Ravenopus (“Ravenopus,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information when you visit our website https://ravenopus.com (the “Site”) or otherwise interact with us in ways that reference this Privacy Policy.

By using the Site, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Site.

This Privacy Policy is intended to comply with applicable U.S. law, including California privacy concepts, and to be understandable for visitors from other countries (including the EU/UK). However, this is not legal advice.

1. WHO WE ARE AND HOW TO CONTACT US

Controller / business:
Growth Engine LLC DBA Ravenopus
San Jose, California, USA

If you have questions or requests regarding this Privacy Policy or our handling of personal information, you can contact us at:
Email: legal@ravenopus.com

2. WHAT INFORMATION WE COLLECT

We collect information in five main ways: (a) you provide it directly through forms, (b) you provide it as part of a paid engagement, (c) Stripe collects it on our behalf when you purchase, (d) it is collected automatically through cookies and analytics, and (e) we receive it from third parties.

2.1 Information you provide directly via forms. When you submit a form on the Site (Engine Log signup, “Work with us” inquiry, contact), you may provide us with:

  • Contact details – name, email address, company name, job title.
  • Business context – stage / funding raised, monthly revenue band, intended engagement type, biggest growth bottleneck, and any other information you choose to share about your product, market, or challenges.
  • Communication content – the content of messages you send us via email or web forms.
  • Marketing preferences – your preferences for receiving communications from us.

We do not intentionally collect sensitive personal information (such as health data, political opinions, religious beliefs, etc.) via the Site. Please do not submit such information via forms or emails unless we specifically request it for a defined purpose.

2.2 Information you provide as part of the 72-Hour Diagnostic engagement. If you purchase the 72-Hour Growth Diagnostic and complete the post-payment intake form, you may provide us with:

  • Company and website – legal entity, brand, and primary domain.
  • Marketing channel inventory – the channels you operate (paid search, paid social, email, organic, partnerships, etc.) and the platforms involved.
  • Read-only access credentials or grant invitations to ad accounts (Google Ads, Meta Business Manager, LinkedIn Campaign Manager, TikTok Ads), analytics tools (GA4, Mixpanel, Amplitude, Segment), and similar systems — to the extent you choose to grant them.
  • Internal funnel context – your stated bottleneck, internal politics, hard constraints, and other operational notes you provide.

This information is treated as confidential business data. We use it solely to perform the diagnostic and deliver the blueprint. Read-only access grants may be revoked by you at any time directly within the relevant platform; we never store platform passwords.

2.3 Payment information. When you purchase the Diagnostic, payment is processed by Stripe, Inc. (“Stripe”). Stripe collects, stores, and processes your payment card information directly. We do not see, store, or have access to your full card number, security code, or other sensitive cardholder data. We do receive limited transaction metadata from Stripe, including: your name, email address, billing address, the last four digits and brand of the card used, the transaction amount, currency, and Stripe’s session and payment intent identifiers. This information is governed by Stripe’s Privacy Policy in addition to ours.

2.4 Information collected automatically. When you visit or use the Site, we (and our analytics provider) may automatically collect:

  • Usage data – pages visited, links clicked, time spent, referring URLs, navigation paths, conversion events (form submissions, purchases).
  • Device and browser data – IP address (truncated/anonymized where supported), browser type and version, operating system, device type, screen resolution, language settings.
  • Approximate location – city, region, and country inferred from IP address.
  • Cookie identifiers – first-party identifiers used by Google Analytics (see Section 3).

We use this information to understand how visitors use the Site, measure the performance of marketing efforts, improve user experience, and maintain security.

2.5 Information from third parties. We may receive information about you from:

  • Google Analytics 4 – aggregated and individual reports about Site usage and conversion paths.
  • Stripe – transaction status, customer details, and dispute / chargeback notifications related to payments you initiate.
  • Resend (our transactional email provider) – delivery and engagement status of emails we send to you (e.g., delivered, bounced, opened).
  • Public sources such as LinkedIn or company websites, where we research potential business prospects.

3. COOKIES AND SIMILAR TECHNOLOGIES

We use a small number of cookies and similar technologies. We do not currently use advertising or retargeting pixels.

3.1 Essential / functional.

  • ravenopus-cookie-consent (browser localStorage, not a traditional cookie) – records your accept / decline choice on our consent banner so we don’t show the banner on every visit. Stored in your browser only; we cannot read it from our servers.
  • Standard session-management cookies set by our hosting provider (Vercel) and our payment processor (Stripe) when relevant.

3.2 Analytics — loaded only after consent. We use Google Analytics 4 (provided by Google LLC) with Google Consent Mode v2. By default, all analytics, advertising, and personalization storage is set to denied. Google Analytics will not set its cookies (_ga, _ga_<property-id>) or transmit identifiable behavioral data until you explicitly accept on the cookie banner. If you decline, no analytics cookies are set and only privacy-preserving aggregate signals (without identifiers) may be sent. We have IP anonymization enabled on Google Analytics. You can also block analytics globally via your browser settings or extensions, or by disabling cookies entirely.

3.3 Stripe. Stripe sets cookies on its own checkout pages and may set fraud-prevention cookies on our Site for sessions that interact with payment flows. These are governed by Stripe’s cookie policy.

You can typically set your browser to refuse cookies or to alert you when cookies are being used. If you disable cookies, some parts of the Site (notably checkout) may not function properly.

4. HOW WE USE PERSONAL INFORMATION

We use personal information for the following purposes:

  1. Providing and operating the Site
    • To allow you to view pages, submit forms, and interact with content.
  2. Responding to inquiries and providing support
    • To respond to your messages, schedule calls, and discuss potential projects or collaborations.
  3. Performing and improving our services
    • To understand your business context and prepare proposals, strategies, or recommendations.
    • To analyze Site usage and improve our content, design, and user experience.
  4. Marketing and business development
    • To send you emails or messages about insights, updates, events, or services that may be relevant to your business, in accordance with applicable law and your preferences.
    • To personalize or improve the relevance of our communications.
  5. Security and fraud prevention
    • To protect the Site, our systems, our users, and our business from malicious, fraudulent, or illegal activity.
  6. Legal and compliance
    • To comply with applicable laws, regulations, legal processes, and enforce our rights (including Terms of Use), and to defend against claims.

We may combine information collected from you with information we obtain from other sources (e.g., public profiles) for the purposes above.

5. LEGAL BASES FOR PROCESSING (EU/UK VISITORS)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal information where one of the following applies:

  • Contractual necessity – to take steps at your request prior to entering into a contract with you or your company (e.g., to respond to an inquiry, prepare a proposal).
  • Legitimate interests – to operate, secure, and improve the Site; develop our business; communicate with you about our services, where such interests are not overridden by your rights and interests.
  • Consent – where required for certain marketing activities or cookies/analytics. You can withdraw consent at any time.
  • Legal obligation – where we must comply with laws or regulatory requirements.

6. HOW WE SHARE PERSONAL INFORMATION

We do not sell your personal information. We do not share it for cross-context behavioral advertising.

6.1 Sub-processors / service providers. We use the following service providers to operate the Site and deliver our services. Each is contractually required to use personal information only on our behalf and for specified purposes.

  • Vercel Inc. (United States) – website hosting and content delivery. Processes IP addresses, request metadata, and standard server logs. Privacy policy.
  • Supabase Inc. (United States) – database hosting for form submissions, newsletter subscriptions, and diagnostic order records. Privacy policy.
  • Resend, Inc. (United States) – transactional email delivery (confirmations, notifications, auto-replies). Receives recipient email addresses and message content. Privacy policy.
  • Stripe, Inc. (United States) – payment processing for the 72-Hour Diagnostic. Stripe is the controller of cardholder data and is independently certified under PCI DSS. Privacy policy.
  • Google LLC (United States) – Google Analytics 4 for Site usage measurement, loaded only after your consent. Privacy policy.
  • Professional advisors – lawyers, accountants, and tax advisors, where we need to receive professional services and where confidentiality obligations apply.

6.2 Diagnostic engagement — access we ask you to grant. When you complete the Diagnostic intake, you may grant our personnel read-only access to your own third-party platforms (e.g., Google Ads, Meta Business Manager, GA4). That access is administered by those platforms, not by us – you control it directly and may revoke it at any time. We do not transfer those credentials to the sub-processors above.

6.3 Business partners and collaborators. In some cases, we may work jointly on projects or proposals with trusted partners. Where appropriate, and subject to confidentiality obligations, we may share relevant business contact details.

6.4 Corporate transactions. In connection with a merger, acquisition, financing, due diligence, reorganization, or sale of all or part of our business, personal information may be disclosed to advisers, counterparties, or successors, subject to appropriate confidentiality measures.

6.5 Legal and compliance. Where required by law, legal process, or governmental request, or to protect our rights, privacy, safety, or property, and/or that of you or others.

We do not share personal information for third parties’ independent direct marketing purposes.

7. INTERNATIONAL DATA TRANSFERS

We are based in the United States. If you access the Site from outside the United States, your information may be transferred to, stored, and processed in the U.S. and other countries where our service providers are located.

These countries may have data protection laws that are different from those in your country (and, in some cases, may not be as protective). Where required by law, we take steps to ensure appropriate safeguards for such transfers (for example, using standard contractual clauses approved by the European Commission or UK authorities, where applicable).

8. HOW LONG WE KEEP PERSONAL INFORMATION

We retain personal information for as long as reasonably necessary to provide our services, communicate with you, comply with legal obligations, and resolve disputes. Specific default retention periods:

  • Engine Log subscribers – until you unsubscribe, then deleted within 30 days (with the exception of suppression-list records kept to honor your unsubscribe).
  • “Work with us” submissions – up to 24 months from submission, after which deleted unless you have become a client.
  • Diagnostic order records (Stripe + intake data)seven (7) years from the transaction date, to comply with U.S. tax, accounting, and chargeback dispute obligations.
  • Email logs (Resend) – standard provider retention, typically 30–90 days for delivery / engagement metadata.
  • Google Analytics – user- and event-level data retained for the period configured in our GA4 property (default 14 months); aggregated reports may be retained longer.
  • Web server logs – standard hosting retention, typically 30 days.

When information is no longer needed, we will delete or anonymize it, unless we are legally required to keep it for a longer period.

9. YOUR RIGHTS AND CHOICES

Your rights will depend on where you live. We outline key rights below; some may not apply in your jurisdiction.

9.1 Rights under EU/UK data protection law. If you are in the EEA or UK, you may have the right to:

  • Access – request confirmation as to whether we process your personal information and obtain a copy.
  • Rectification – request correction of inaccurate or incomplete personal information.
  • Erasure – request deletion of personal information in certain circumstances (“right to be forgotten”).
  • Restriction – request that we restrict processing in certain circumstances.
  • Data portability – receive personal information you provided to us in a structured, commonly used, machine-readable format, and request that we transmit it to another controller, where technically feasible.
  • Object – object to certain processing, including direct marketing or where we rely on legitimate interests.
  • Withdraw consent – where processing is based on consent, withdraw that consent at any time.

You can exercise these rights by contacting us at legal@ravenopus.com. We may need to verify your identity before responding. We will respond in accordance with applicable law.

You also have the right to lodge a complaint with a supervisory authority in your country or region if you believe our processing of personal information violates applicable law.

9.2 Rights for California residents. If you are a California resident, you may have certain rights under California privacy laws (such as the California Consumer Privacy Act (CCPA), as amended) with respect to “personal information,” which, broadly speaking, is information that identifies, relates to, or could reasonably be linked with a particular consumer or household.

Subject to certain exceptions, California residents may have the right to:

  • Know / access – request that we disclose the categories and specific pieces of personal information we have collected about you, the sources, purposes of use, and categories of third parties with whom we share it.
  • Deletion – request that we delete certain personal information we collected from you.
  • Correction – request correction of inaccurate personal information.
  • Non-discrimination – not be discriminated against for exercising your privacy rights.

We do not sell personal information or share it for cross-context behavioral advertising in the sense defined by California law.

To exercise your California rights, you may contact us at legal@ravenopus.com with “California Privacy Request” in the subject line. We may need to verify your identity and place of residence before responding. You may also authorize an agent to submit requests on your behalf, subject to verification.

9.3 Marketing communications. If you receive marketing emails from us, you can unsubscribe at any time by clicking the “unsubscribe” link in the email or by contacting us at legal@ravenopus.com.

We may still send you non-marketing messages where permitted (for example, service-related or transactional communications).

10. SECURITY

We use reasonable technical and organizational measures designed to protect personal information from unauthorized access, use, alteration, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

If you believe your interaction with us is no longer secure, please contact us immediately at legal@ravenopus.com.

11. CHILDREN’S PRIVACY

The Site is not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 (or a higher age where required by law) without appropriate consent, we will take reasonable steps to delete it.

If you believe we may have collected information from a child inappropriately, please contact us at legal@ravenopus.com.

12. THIRD-PARTY WEBSITES

The Site may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites or services you visit.

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and, where required by law, notify you of material changes (for example, by posting a notice on the Site).

Your continued use of the Site after an updated Privacy Policy becomes effective indicates that you have read and understood the current version.

14. HOW TO CONTACT US

If you have any questions, concerns, or requests related to this Privacy Policy or our handling of personal information, you can contact us at:

Growth Engine LLC DBA Ravenopus
San Jose, California, USA
Email: legal@ravenopus.com