Privacy Policy

Last updated: 19 February 2025

Amplir Ltd ("Amplir", "we", "us", "our") operates the amplir.com website and the Amplir Launch platform. This policy explains how we collect, use, store, and protect your personal data when you use our services.

1. Information we collect

Account information

When you create an account we collect your name, email address, and a hashed password. Authentication is managed by Supabase, a third-party authentication and database provider hosted in the EU.

Business profile data

If you use Amplir Launch to create a website, we collect the business information you provide: business name, tagline, description, services, contact details, reviews, and uploaded images. This data is used to build and host your website.

WhatsApp messaging data

If you enable the WhatsApp AI agent feature, we process messages exchanged between your customers and your WhatsApp business number. This includes message content, phone numbers, customer names (as provided by WhatsApp), and delivery status. Messages are processed via the Meta WhatsApp Business Cloud API and stored in our database to enable AI-powered responses and conversation history.

Payment information

Payments are processed by Stripe. We do not store your full card number, CVV, or other sensitive payment details. Stripe provides us with a customer ID, subscription status, and basic transaction data.

Contact form submissions

When you submit a contact form, we collect your name, email address, company name (optional), and message. Enquiries submitted through customer websites are also stored and associated with the relevant business.

Emails

We use Resend as our email delivery provider. Transactional emails (account verification, password resets, escalation alerts) are sent via Resend. We may retain email delivery metadata such as send status and timestamps.

Usage and analytics data

We use Umami (self-hosted) and Vercel Analytics to collect anonymised usage data such as page views, referrers, device type, and browser. No personal data or cookies are used for analytics.

2. How we use your information

We use your data to:

  • Provide, maintain, and improve our services
  • Create and host your business website via Amplir Launch
  • Process WhatsApp messages and generate AI-powered responses on your behalf
  • Process payments and manage subscriptions
  • Send transactional emails (e.g. verification, alerts)
  • Respond to your enquiries
  • Detect, prevent, and address technical issues or abuse

3. AI processing

Our WhatsApp AI agent and website builder use Anthropic's Claude API to process messages and generate content. Customer messages sent to your WhatsApp number are processed by Claude to generate appropriate responses based on your business profile. Anthropic does not use API inputs or outputs to train their models. Your data is processed in accordance with Anthropic's usage policy.

4. Data sharing and third-party services

We share data with the following third-party services:

  • Supabase (EU) — Authentication and database hosting
  • Meta (WhatsApp Business Cloud API) — WhatsApp message delivery and phone number verification
  • Anthropic (Claude API) — AI message processing and content generation
  • Stripe — Payment processing
  • Resend — Transactional email delivery
  • Vercel — Website hosting and deployment
  • OVHcloud — Infrastructure hosting for customer websites

We do not sell your personal data to any third party. Data is only shared with the providers listed above as necessary to deliver our services.

5. Data retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or regulatory reasons. WhatsApp conversation data is retained for 12 months from the date of the last message, after which it is automatically deleted.

6. Data security

We implement appropriate technical and organisational measures to protect your data, including encryption in transit (TLS), encrypted database connections, role-based access control, and secure authentication via Supabase. Payment data is handled entirely by Stripe and never touches our servers.

7. Your rights

Under applicable data protection law (including UK GDPR), you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Request data portability
  • Withdraw consent at any time

To exercise any of these rights, email us at privacy@amplir.com.

8. Cookies

We use only essential cookies required for authentication and session management. We do not use tracking cookies or third-party advertising cookies. Our analytics tools (Umami, Vercel Analytics) are cookie-free.

9. Children

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children.

10. Changes to this policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

11. Contact

If you have any questions about this privacy policy or our data practices, contact us at: