Privacy Policy

Effective July 15th, 2024

Please read the following information (the “Policy”) carefully, as it contains all relevant information to be provided by us, Tagis Inc., located at 2443 Fillmore St #380-3880, San Francisco, CA 94115 (“Amplemarket” or “we”) and you as the user or data subject (“you”), regarding personal data treatments through Amplemarket’s website, software and services (the “Services”) including treatments over your own personal data by third-parties using the Services, as well as data collected from job applications channels, we control, for those who wish to be part of our team.

If you do not agree to the terms of treatment described in this Policy, please do not access or otherwise use the Services and, if the treatment refers to your data as data subject, please immediately ask us to delete such data — you can do so by sending an email to privacy@amplemarket.com.

1. Our use of personal data

“Personal data” refers to any information that identifies a person (a “data subject”), such as a name, identification number, location data, or other factors specific to an individual's identity.

When using our Services or applying for a position on our team, you may be asked to provide personal data. Additionally, as a contractor, Amplemarket may access personal contact data concerning employees of companies contacted by Amplemarket's clients through our Services.

At Amplemakert, our services are tailored for business use, and we make every effort to ensure that we do not knowingly collect any Personal Data from children under the age of eighteen (18), or as otherwise restricted by applicable law. If it comes to our attention that a minor under the age of 18 has shared Personal Data with us, rest assured we will swiftly remove that information from our systems to uphold their privacy.

2. The data we collect and why

We collect personal data from users of the Services, employees of Amplemarket’s clients. Below you will find the relevant details concerning all these data.

2.1. Categories of data

Collected and processed data includes the following categories of data (examples are provided as well):

1. Identification: full name; residential address.
2. Contact details: phone and mobile number; email address.
3. Usage: traffic data; usage statistics.
4. Location: IP address.
5. Payment: credit card number.
6. Communications: e-mails.
7. Business: company; position; seniority.

2.2. Groups of data subjects

We process data pertaining to the following groups of subjects:

1. Website Users – individuals who access our website.
2. Client Users – individuals authorized by an amplemarket client to access and use our systems.
3. Prospects – individuals targeted by the client's communications.
   

For each of these groups we process the following categories of data:

1. Website Users – usage and location.
2. Client Users – Identification, Contact details, Usage, Location, Payment, Communications, Business.
3. Prospects – Identification, Contact details, Business.

2.3. Details of the processing activity

The duration and retention term, specific processing activities, and the legal basis and purposes of these activities are specified below:

Data Categories and their corresponding information:

1. Identification
   • Group of Subject: Client Users
   • Purpose (and legal basis): To identify (performance of a contract – 6/1/b GDPR)
   • Storage period: 5 years after termination.
2. Identification
   • Group of Subject: Prospects
   • Purpose (and legal basis): To identify (consent or legitimate interest – 6/1/a or 6/1/f GDPR)
   • Storage period: Until the legitimate interest is fulfilled or, if based on consent, until it is withdrawn.
3. Contact details
   • Group of Subject: Same as above (Client Users and Prospects)
   • Purpose (and legal basis): To communicate (in the context of each legal basis)
   • Storage period: Same as above (Identification)
4. Usage
   • Group of Subject: Website Users
   • Purpose (and legal basis): Improving our website (legitimate interest – 6/1/f GDPR)‍
   • Storage period: 5 years after collection.
5. Location
   • Group of Subject: Same as above (usage)
   • Purpose (and legal basis): Same as above (usage)‍
   • Storage period: Same as above (usage).
6. Payment
   • Group of Subject: Client Users
   • Purpose (and legal basis): Process payments (performance of a contract – 6/1/b) GDPR)‍
   • Storage period: 5 years after termination.
7. Communications
   • Group of Subject: Client Users
   • Purpose (and legal basis): Manage your email from your email client (Gmail, Outlook, etc), as well as your contacts in the CRM and events in any linked calendar (Performance of a contract – 6/1/b) GDPR)‍
   • Storage period: 5 years after termination, or before that if you ask us to delete.
8. Business
   • Group of Subject: Prospects
   • Purpose (and legal basis): To ensure communications are relevant to you (consent or legitimate interest – 6/1/a) or f) GDPR)‍
   • Storage period: Until the legitimate interest is fulfilled or, before that, if you oppose to the treatment. Until withdraw of consent (when applicable).

2.3. Details of the processing activity

Data deletion. At the end of the respective retention period, Amplemarket will delete or anonymise your personal data, whenever it should not be kept for the specific purpose that may remain.

Sharing data. Amplemarket may share your personal data with processors and service providers acting on our behalf, as well as with our business partners such as Google Cloud Platform or Greenhouse.

Resistance to Disclosure. In the event of receiving a legally compelling request for the disclosure of personal data from any administrative, fiscal, judicial, regulatory, or supervisory authority, we shall: (a) promptly redirect such authority to obtain the data directly from you; (b) without delay, inform you of such request, except if we are legally prohibited to do so, in which case we shall act against such prohibition with the aim of enabling informing you; (c) employ all reasonable legal actions to prevent the fulfilment by us of the disclosure request aimed at us.

Third parties’ practices. We are not responsible for the practices of third parties, and data provided to or collected by them is not covered by our Privacy Policy.

3. Data protection rights

Your rights, described below, may be exercised via email to privacy@amplemarket.com.

3.1. Data Privacy Framework

Amplemarket participates in the European Economic Area, the United Kingdom, and Switzerland Data Privacy Frameworks, developed by the US Department of Commerce in conjunction with the European Commission, the UK Government, and Swiss Federal Administration.

You can find the details below.

Data Privacy Framework. Data Privacy Framework, incorporated into this Privacy Policy, is available here and a list of its participants can be found here.

Adherence to Data Privacy Framework Principles. Amplemarket adheres to EU-US Data Privacy Framework and the UK Extension to the EU-US Data Privacy Framework, as well as the Swiss-US Data Privacy Framework. Certification with the Department of Commerce ensures adherence to these Principles. If a conflict arises, the Principles take precedence.

Onward Transfers to Third Parties. For onward transfers to third parties, we ensure compliance with Notice and Choice Principles. Contracts establish data processing limits and require the same level of protection as our Principles. Agents must comply with privacy protection requirements and notify us of any inability to meet obligations.

Discrepancies. In cases of any discrepancy between this Policy and the Framework Principles, the latter governs. We safeguard personal data received from the UK, EU, or Switzerland in accordance with GDPR, UK, or Swiss data protection laws and principles, including cross-border transfers adhering to GDPR solutions like the Standard Contractual Clauses contained in the European Commission's Implementing Decision (EU) 2021/914 of 4 June 2021, as amended from time to time (EEA) and as adopted by the UK and Switzerland.

Responsibility for Data Processing. We remain responsible for personal information processed under GDPR, and we're liable for any inconsistency with Data Privacy Framework Principles in onward transfers, unless proven otherwise.

Jurisdiction. The Federal Trade Commission oversees Amplemarket’s compliance with the Data Privacy Framework.

Complaints and conflict resolution. At Amplemarket, we take your concerns seriously. Our priority is to address any issues you may encounter and ensure your satisfaction. Our goal is to handle your complaint promptly and make things right for you.  If we're unable to resolve your complaint, you can contact the American Arbitration Association, our U.S.-based third-party dispute resolution provider, free of charge, at https:/go.adr.org/dpf_irm.html.

Binding Arbitration Details. Under certain circumstances, you may invoke binding arbitration for complaints regarding DPF compliance when other dispute resolution procedures have been exhausted. For more details on your option to invoke binding arbitration as an individual, please visit the Data Privacy Framework website as you must follow certain procedures and fulfil certain conditions (v. Section c) of the Recourse, Enforcement and Liability Principle).

Data disclosure. Without prejudice to paragraph 2.4 above, we may be required to disclose personal information in response to lawful requests by public authorities, including those made for national security or law enforcement purposes.

If you are an EU, Swiss or UK citizen, you have the following specific rights:

The right to be informed. You have the right to be provided with clear, transparent, and easily understandable information about how we use your personal data and your rights. This is why we are providing you with the information in this Policy.

The right of access. You have the right to obtain access to your personal data, so you are aware and can check that we’re using your information in accordance with data protection law.

The right to rectification. You are entitled to have your personal data corrected or amended if it is no longer inaccurate or incomplete or, as the case may be, collected in violation of the EU-US Data Privacy Framework.

The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.

The right to restrict processing. You have rights to ‘block’ or suppress further use of your personal data. When processing is restricted, we can still store your personal data, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in the future.

The right to data portability. You have rights to obtain and reuse your personal data for your own purposes across different services. This is not a general right and there are exceptions.

The right to object to processing. You have the right to object to certain types of processing and may change your preferences as described above.

The right to withdraw consent. As noted above, if you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). You can withdraw your consent to the processing of your personal information at any time.

The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator:

• UK Information Commissioner’s Office (ICO) at www.ico.org.uk
• EU authorities at http://ec.europa.eu/justice/article-29/structure/data-protectionauthorities/index_en.htm
• Swiss FDPIC at https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html
  

Former, current, or prospective corporate customer contacts have the right to opt-out of our use of their personal data for direct marketing purposes. To exercise this right, please follow the instructions in any direct marketing message you may have received (e.g., click the provided opt-out link in the email message or send us an email or postal mail request to opt-out following the instructions provided in the direct marketing message).

3.3. California Privacy Rights

If you are a California resident, under the California Consumer Privacy Act (“CCPA”), we are required to provide additional information to you about how we use and disclose your data, and you may have additional rights regarding how we use your data.

Subject to certain exceptions, as a California consumer, you have the right to:

1. Access your Personal Data.
2. Obtain deletion of your Personal Data.
3. Receive data about the Personal Data about you that we have "sold" (as such term is defined under California law) to third parties within the past 12 months.
4. Opt-out of the "sale" of your Personal Data, including as detailed above in the "Cookies and Tracking Technologies" section.
   

Limitations. To the extent allowed by law, we may need to retain some of your Personal Data, which is essential for fulfilling the purposes outlined in this Privacy Policy.

No discrimination. If you choose to exercise your rights concerning your Personal Data as outlined above, we assure you that we will not treat you differently in terms of pricing, products, or services. Please refer to the "Contact us" section below if you have any questions or wish to exercise these rights.

Prior verification. If you are a California consumer exercising your rights, you may need to provide certain data such as your name and email for identity verification purposes. This data will only be used for verification and nothing else. You also have the option of appointing an authorized agent to act on your behalf. For authorized agents representing California residents, please contact us with evidence of your authorization.

Request for access. You can find instructions on how to request your data here.

Data validation. We process and utilize data in line with this Privacy Policy, which may include integrating publicly available information and data obtained from carefully selected third parties or the Internet, within legal bounds. This approach aims to enhance the quality of data provided to you and others through Amplemarket services.

Data Broker. As per the California Civil Code § 1798.99.80, Amplemarket is recognized as a Data Broker and is duly registered with the California Attorney General. You can learn more about our activities as a Data Broker and how to opt-out of the sale of your personal data here.

4. Safety

Although no data transmission can be guaranteed to be 100% secure, we take reasonable steps to protect all personal data. We use industry-standard Secure Socket Layer (SSL) encryption technology to safeguard the account registration process and sign-up data. Other security safeguards include but are not limited to data encryption, firewalls, and physical access controls to building and files. Access to data is limited (through user/password credentials and software systems) to those employees who require it to perform their job functions.

5. Changes to this policy

We may, at our sole discretion, modify this Policy or any part of it. Any changes will be effective upon publication of the updated Privacy Policy. If there are significant changes, we will notify you before the new policy takes effect. We recommend reviewing this Policy regularly to stay informed about any updates.

Our stored copies of this Policy, whether electronic or otherwise, are considered the true, complete, valid, authentic, and enforceable versions of the policy in effect on the date of your visit to the Website.

6. Limited use disclosure

Amplemarket's use of information received from Google APls will adhere to Google API Services User Data Policy, including the Limited Use requirements, which includes not using Google Workspace APIs to develop, improve, or train generalized AI and/or ML models and refraining from leveraging said API for the purposes of circumventing Gmail filters (including email warmup services).

Amplemarket's use of information received, and Amplemarket's transfer of information to any other app, from Google APIs will adhere to Google's Limited Use Requirements.

7. Contact us

If you have any questions, suggestions or complaint about this Privacy Policy or any of our privacy-related practices, please contact us at privacy@amplemarket.com.

Address: 2443 Fillmore St, San Francisco, California, 94115

‍

California residents may view metrics for California Consumer Privacy Act (“CCPA”)-related requests we have received during calendar year 2023, by clicking here.