Privacy Policy

Effective: September 17, 2025 | Last updated: February 21, 2026

Introduction

Charemm Ltd, trading as AMPD ("we", "us", "our"), is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and share information when you use the AMPD website and services (the "Service").

We are the data controller for the personal data we process. We are registered in England and Wales and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you are located in the European Economic Area, we also comply with the EU GDPR.

By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Service.

Data We Collect

Personal Information

When you create an account, subscribe to a plan, or contact us, we may collect the following personal information:

  • Full name and email address
  • Company or organisation name
  • Billing information and payment details (processed securely via our payment provider, Airwallex)
  • Account credentials (passwords are stored in hashed form only)
  • Communication preferences

Usage Data

We automatically collect certain information when you use the Service:

  • IP address, browser type, and operating system
  • Pages visited, features used, and time spent on the Service
  • Brand data, keywords, and domains you submit for analysis
  • Visibility scores, reports, and analysis results generated
  • Device information and screen resolution
  • Referring URLs and search terms used to find the Service

Cookies

We use cookies and similar tracking technologies to enhance your experience, analyse usage, and support authentication. For detailed information about the cookies we use, please see the Cookies section below.

Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases as defined by the GDPR:

  • Performance of a contract: Processing necessary to provide the Service to you, including account management, billing, and delivering analysis reports.
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving the Service, preventing fraud, ensuring security, and conducting aggregated analytics. We balance these interests against your rights and freedoms.
  • Consent: Where you have given explicit consent, such as for marketing communications or non-essential cookies. You may withdraw consent at any time.
  • Legal obligation: Processing required to comply with applicable laws, regulations, or legal proceedings.

How We Use Your Data

We use the data we collect for the following purposes:

  • To provide, maintain, and improve the Service
  • To process subscriptions and manage billing
  • To generate AI visibility scores, reports, and recommendations
  • To personalise your experience and provide relevant insights
  • To communicate with you about your account, updates, and support enquiries
  • To send marketing communications (with your consent)
  • To detect, prevent, and address technical issues, fraud, or abuse
  • To conduct aggregated research and produce anonymised benchmarks
  • To comply with legal obligations

Data Sharing

We do not sell your personal data. We may share your data with the following categories of recipients:

  • Service providers: Third-party companies that help us operate the Service, including cloud hosting (Hetzner), payment processing (Airwallex), error monitoring (Sentry), and email delivery services. These providers process data on our behalf under data processing agreements.
  • Legal compliance: When required by law, regulation, legal process, or government request.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction.
  • Aggregated data: We may share anonymised, aggregated data that does not identify you for research or industry benchmarking purposes.

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes described in this Privacy Policy, including to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements.

When you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes (e.g., billing records, which we retain for up to 7 years in accordance with UK tax law).

Your Rights

Under the GDPR and UK data protection law, you have the following rights regarding your personal data:

  • Right of access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can request that we correct any inaccurate or incomplete personal data.
  • Right to erasure: You can request that we delete your personal data, subject to certain legal exceptions.
  • Right to restriction of processing: You can request that we restrict the processing of your personal data in certain circumstances.
  • Right to data portability: You can request a copy of your personal data in a structured, commonly used, machine-readable format.
  • Right to object: You can object to the processing of your personal data where we rely on legitimate interests as the legal basis.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at hello@ampdaio.com. We will respond to your request within 30 days. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) or your local data protection authority.

Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Secure password hashing using industry-standard algorithms (bcrypt)
  • Regular security assessments and vulnerability testing
  • Access controls and role-based permissions
  • Kubernetes-based infrastructure with network isolation
  • Automated monitoring and incident response procedures

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Cookies

We use the following types of cookies:

  • Essential cookies: Required for the Service to function, including authentication tokens and session management. These cannot be disabled.
  • Analytics cookies: Help us understand how visitors interact with the Service so we can improve it. These are only set with your consent.
  • Preference cookies: Remember your settings and preferences (e.g., theme, language).

You can manage your cookie preferences through your browser settings. Please note that disabling essential cookies may prevent you from using certain features of the Service.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify registered users of material changes via email or prominent notice on the Service. We encourage you to review this Privacy Policy periodically.

Contact

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: hello@ampdaio.com

Charemm Ltd trading as AMPD
Data Controller for the purposes of GDPR