Skip to main content

Privacy Policy

How we collect, use, and protect your data.

Last updated: February 2026

MuniGrowth (“we,” “our,” or “us”) is committed to protecting the privacy and security of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at www.munigrowth.com.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, phone number, organization name, job title, and password when you register an account.
  • Organization Data: Municipality or organization details, department structures, staff information, and role assignments.
  • Project Data: LED plans, project proposals, budgets, timelines, KPIs, SWOT analyses, and other planning content you create on the platform.
  • Documents: Files you upload including proposals, contracts, reports, and other attachments.
  • Payment Information: Billing details processed securely through Stripe. We do not store full credit card numbers on our servers.
  • Communications: Messages, support tickets, and correspondence you send to us.

1.2 Information Collected Automatically

  • Usage Data: Pages viewed, features used, time spent on the platform, and interaction patterns.
  • Device Information: Browser type, operating system, IP address, and device identifiers.
  • Cookies: Session cookies, authentication tokens, and analytics cookies (see Section 7).
  • Log Data: Server logs, error reports, and performance metrics.

2. How We Use Your Information

We use the collected information for the following purposes:

  • Providing and maintaining the MuniGrowth platform and its features
  • Processing your account registration and authentication
  • Managing subscriptions, billing, and payment processing
  • Sending service notifications, updates, and security alerts
  • Providing customer support and responding to inquiries
  • Improving platform performance, features, and user experience
  • Generating anonymized analytics and aggregate statistics
  • Complying with legal obligations and enforcing our terms
  • Detecting and preventing fraud, abuse, and security threats

3. Data Storage and Security

Your data is stored on secure servers with the following protections:

  • Encrypted data transmission using TLS/HTTPS
  • Encrypted data at rest in PostgreSQL databases
  • Multi-tenant data isolation — each organization's data is logically separated
  • Role-based access control (RBAC) within organizations
  • Regular automated backups with encryption
  • Virus scanning on all uploaded files (ClamAV)
  • Audit logging of all data access and modifications
  • Two-factor authentication (2FA) support
  • Regular security assessments and penetration testing

4. Data Sharing and Disclosure

We do not sell your data. We may share information in these limited circumstances:

  • With Your Consent: When you explicitly authorize sharing with donor organizations or partner municipalities through platform features.
  • Service Providers: With trusted third-party providers (Stripe for payments, email delivery services) under strict data processing agreements.
  • Legal Requirements: When required by law, regulation, or legal process.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with prior notice to affected users.

5. Your Rights

Under GDPR and applicable data protection laws, you have the right to:

  • Access: Request a copy of all personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data (“right to be forgotten”).
  • Portability: Receive your data in a structured, machine-readable format.
  • Restriction: Request limitation of processing of your personal data.
  • Objection: Object to processing of your personal data for certain purposes.
  • Withdraw Consent: Withdraw previously given consent at any time.

To exercise any of these rights, contact us at contact@munigrowth.com. We will respond within 30 days.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account cancellation:

  • Account data is retained for 30 days for data export purposes
  • After the grace period, personal data is permanently deleted
  • Anonymized aggregate data may be retained for analytics
  • Backup copies are deleted within 90 days of account closure
  • Legal and compliance records are retained as required by law

7. Cookies

We use the following types of cookies:

  • Essential Cookies: Required for authentication, session management, and CSRF protection. Cannot be disabled.
  • Functional Cookies: Remember your preferences (language, theme) to improve your experience.
  • Analytics Cookies: Help us understand platform usage patterns to improve features. Can be disabled in your browser settings.

We do not use third-party advertising cookies.

8. International Data Transfers

If your data is transferred to servers outside your jurisdiction, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) and adequacy decisions as required by GDPR.

9. Children's Privacy

MuniGrowth is not intended for individuals under 18. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify registered users of material changes via email and platform notification. Continued use of the platform after changes constitutes acceptance of the updated policy.

11. Contact Us

For privacy-related questions or concerns:

  • Email: contact@munigrowth.com
  • Data Protection Officer: contact@munigrowth.com
  • Address: MuniGrowth, Beirut, Lebanon