AMPLIFIER sp. z o.o.
Get In Touch
support@ampliapps.com
Work Inquiries
job@ampliapps.com
Back

Privacy Policy of AMPER

1. Data Controller

The controller of personal data processed in connection with the use of the AMPER mobile application (the “App”) is:

AMPLIFIER sp. z o.o.
Nowy Świat 9/4
15-453 Białystok, Poland
Tax ID (NIP): 5423244143, REGON: 361079884, Court Register (KRS): 0000549935
Contact e-mail: support@ampliapps.com

2. Scope

This document describes how we collect, use, and share personal data in connection with the AMPER mobile application (available on Google Play and the App Store) and the related web panel. AMPER is a B2B tool (Sales Force Automation / B2B e-commerce) made available to employees of enterprises that are clients of AMPLIFIER sp. z o.o.

3. Data we collect

3.1. Account data – provided by the client’s administrator or by the user:

  • first and last name,
  • business e-mail address,
  • job title / role in the organisation,
  • password (stored only in hashed form, never in plaintext),
  • identifier of the tenant/organisation the user belongs to.

3.2. Data generated through use of the App:

  • data on sales visits, orders, surveys, visit reports,
  • photos taken in the App (e.g. shelf documentation, product photos),
  • GPS location of the device at the moment of registering a visit (see section 5),
  • technical data: device model, OS version, App version, language, installation ID,
  • IP address, connection logs, time of use,
  • diagnostic data about errors (see section 6 – Sentry).

3.3. End-customer (counterparty) data: when using the App, the user processes data of their own customers (companies, points of sale, contact persons). For such data, the user’s employer is the controller (the client of AMPLIFIER), and AMPLIFIER sp. z o.o. acts as a processor under a Data Processing Agreement (DPA).

4. Purposes and legal bases

PurposeLegal basis (GDPR)
Providing the service – enabling use of the AppArt. 6(1)(b) – performance of a contract
Authentication and account securityArt. 6(1)(b) and (f) – legitimate interest
Error diagnostics, App stabilityArt. 6(1)(f) – legitimate interest
Technical support (helpdesk)Art. 6(1)(b) and (f)
Billing, invoicingArt. 6(1)(c) – legal obligation
Defence against claimsArt. 6(1)(f)

5. System permissions requested by the App

The App requests the following permissions. Each can be revoked at any time in the operating system settings – this will limit the related features of the App.

  • Location (GPS): used only at the moment of registering the start/end of a customer visit, to confirm presence at the point of sale. Location is not collected in the background when the App is not actively used, nor after logout.
  • Camera and photo access: needed to take documentary photos (e.g. of product displays) and attach them to visit reports. The App does not scan the gallery beyond photos selected by the user.
  • Files / device storage: used for local offline cache (the App is offline-first) and to store photos before they are uploaded to the server.
  • Push notifications: used to inform about new tasks, orders, and administrator messages. Disabling notifications does not block App use.

6. Recipients of data

Data is processed by:

  • AMPLIFIER sp. z o.o. – controller / processor,
  • The user’s employer (AMPLIFIER’s client) – with respect to account data and data generated in the App,
  • Hosting infrastructure provider – servers located in Poland / the European Union,
  • Sentry (self-hosted) – an error-diagnostics tool; instance hosted on our own servers in the EU. Sentry collects anonymous technical information about errors (stack trace, app version, device model). We do not send data to Sentry SaaS (sentry.io) or outside the EEA.

We do not use Google Firebase, Google Analytics, or any other third-party analytics tools. Data is not transferred outside the European Economic Area (EEA).

7. Retention

  • Account data: for the duration of the contract between the user’s employer and AMPLIFIER sp. z o.o., then up to 30 days (unless the employer requests a shorter period under the DPA).
  • Operational data (visits, orders, photos): according to the retention policy agreed with the user’s employer in the DPA.
  • Technical logs and diagnostic data: up to 90 days.
  • Billing data: 5 years (under Polish accounting law).

8. Your rights

Under the GDPR you have the right to:

  • access your data (Art. 15),
  • rectify your data (Art. 16),
  • erasure – the “right to be forgotten” (Art. 17),
  • restrict processing (Art. 18),
  • data portability (Art. 20),
  • object to processing (Art. 21),
  • lodge a complaint with the President of the Polish Personal Data Protection Office (UODO, ul. Stawki 2, 00-193 Warsaw, uodo.gov.pl).

9. Account and data deletion

To delete your user account and the personal data associated with it, send an e-mail to support@ampliapps.com with the subject: “AMPER – account deletion”, providing:

  • your full name and the e-mail address associated with the account,
  • your company/organisation name,
  • (optionally) the scope of data to be deleted.

We will fulfil the request within 30 days. Certain data may need to be retained for legally required periods (e.g. billing data – 5 years). Note: if your account was created by your employer, we will additionally contact the administrator on your employer’s side, as the employer is the controller of part of your data.

Information on the account deletion procedure is also available at: https://ampliapps.com/account-deletion-amper/

10. Data security

We apply appropriate technical and organisational measures, including: TLS 1.2+ encryption in transit, password hashing (bcrypt/argon2), role-based access control, regular backups, security audits, and least-privilege access policies.

11. Children

AMPER is a business tool intended for employees of enterprises and is not directed to persons under the age of 16. We do not knowingly collect personal data of children.

12. Changes to this Policy

We may update this Policy. We will inform users of material changes in the App and by e-mail. The current version is always available at the URL of this page, with the effective date clearly shown.

13. Contact

For data protection matters, please contact us at:
E-mail: support@ampliapps.com
Postal address: AMPLIFIER sp. z o.o., Nowy Świat 9/4, 15-453 Białystok, Poland