Privacy policy

Last updated:

Data Collection

We collect only the data necessary for the agreed-upon purposes and ensure that data collection methods comply with relevant laws and regulations. Mainly, ensuring that the data received has consent for its intended use.

Data Handling

  • All data is encrypted at rest using industry-standard encryption algorithms.

  • Data is stored in a secure, access-controlled environments. We use a cloud service (GCP) with robust security certifications which also requires user to have 2FA (two factor authentication) set up and enabled.

  • Data access is limited to authorised personnel through granular identity and access control management (IAM) and role-based access control (RBAC).

  • All staffed are trained on how to handle and manage sensitive data.

  • Data will not be shared with any external third-party parties, unless previously agreed with the brand and a data transfer agreement has been put in place.

  • We maintain records of data protection activities, including data collection, access logs, incident reports, and training records.

  • We have data retention policies to ensure data is kept only as long as necessary and disposed of securely when no longer needed.

Incident Response and Reporting

  • We have an internal incident response plan which we maintain which we use to address data breaches and security incidents.

  • We take immediate action to contain and mitigate any data breaches including notifying affected parties and relevant authorities as required by law.

  • We document and report all incidents in accordance with legal and contractual requirements.

Data Subject Rights

Individuals have the following rights concerning their personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.

  • Right to Rectification: If any data we hold is inaccurate or incomplete, you can request corrections.

  • Right to Erasure: In certain circumstances, you can request that we delete your personal data.

  • Right to Restrict Processing: You can ask us to limit how we use your data in certain situations.

  • Right to Data Portability: You can request that your data be transferred to another organisation.

  • Right to Object: You have the right to object to the processing of your data for direct marketing purposes.

  • Right to Withdraw Consent: Where we rely on your consent for data processing, you can withdraw this consent at any time.

If you wish to exercise any of these rights, please contact team@tryamt.com

International Data Transfers

If we transfer personal data outside the European Economic Area (EEA) or to regions with differing privacy laws, we ensure that appropriate safeguards are in place. These safeguards may include:

  • The use of Standard Contractual Clauses approved by the European Commission.

  • Transfers to countries that have been deemed to provide an adequate level of data protection by relevant authorities.

We will always ensure that your data is protected, regardless of where it is processed.

Updates to Privacy Policy

We may update this privacy policy from time to time to reflect changes in our data protection practices or legal requirements. Any significant changes will be communicated via email or through prominent notices on our website. Please check back periodically to ensure you are aware of any updates.

Addendum: Google Workspace APIs

Google Workspace APIs are not used to develop, improve, or train generalized AI and/or ML models.

Google User Data Access

The application accesses specific Google user data within your Gmail account, including the ability to read and write emails. This access is limited to the following data:

  • Email Messages: The application reads and retrieves email messages in your mailbox to perform its functions.

  • Compose and Send Emails: The application writes and sends emails on your behalf, based on the functions and permissions you have granted.

This data is retrieved through the official Gmail API.

Use of Google User Data

We use the Gmail data we access solely for the following purposes:

  1. Reading Emails: The application reads your emails to analyse and triage inbound mail.

  2. Composing and Sending Emails: We use Gmail data to compose, draft, and send responses on your behalf.

We do not use your Gmail data for any other purposes outside these stated functions. Additionally, we do not share, sell, or distribute your Gmail data to any third parties unless required by law.