Privacy Policy

AmmirePXL

Effective Date: March 15, 2026

This Privacy Policy explains how we collect, use, store, and protect personal data when you use our Platform.

1. Data We Collect

A. Account Information
  • Name
  • Email
  • Phone number
  • Organization (if applicable)
B. Uploaded Content
  • Business cards
  • Contact records
  • Documents
  • Legacy vault data
C. Automatically Collected Data
  • Device information
  • Log data
  • IP address
  • Usage analytics

2. Legal Basis for Processing

We process data based on:

  • User consent
  • Contractual necessity
  • Legitimate interests (service improvement)
  • Legal compliance obligations

3. How We Use Data

We use data to:

  • Provide digitisation services
  • Improve AI extraction accuracy
  • Maintain system security
  • Provide customer support
  • Comply with legal obligations

We do not sell personal data.

4. AI & Automated Processing

Our system uses AI to extract structured information from uploaded images.

Users may review and correct extracted data.

Anonymized data may be used to improve AI models.

5. Data Storage and Security

We implement:

  • Encryption (AES-256)
  • TLS-secured transmission
  • Role-based access controls
  • Secure cloud hosting

Data retention is limited to:

  • Active account duration
  • Legal compliance requirements
  • Backup cycle constraints

6. Data Sharing

We may share data only:

  • With service providers under strict confidentiality
  • If required by law
  • With user consent

7. User Rights

Subject to applicable law, users may:

  • Access their data
  • Correct inaccuracies
  • Request deletion
  • Withdraw consent
  • Request data portability

Requests may be submitted to: privacy@ammireng.com

8. International Transfers

If data is transferred outside your jurisdiction, we apply appropriate safeguards.

9. Updates

We may update this Privacy Policy periodically.

DATA PROTECTION IMPACT ASSESSMENT (DPIA)

1. Processing Description

The Platform processes personal data including: contact details, professional affiliations, document metadata, user account data. Processing includes AI-based OCR extraction and cloud storage.

2. Purpose of Processing
  • Digitisation of analog records
  • Structured data organization
  • Secure digital preservation
  • AI model improvement (anonymized)
3. Risk Assessment
Risk Impact Mitigation
Unauthorized access High Encryption + RBAC
AI extraction errors Medium Human verification
Data breach High Secure cloud infrastructure
Excessive retention Medium Defined retention policy
4. Lawful Basis

Processing is based on: User consent, Contract performance, Legitimate interest.

5. Data Minimization

We collect only necessary contact fields, user account data, and operational metadata. No sensitive data is required unless voluntarily uploaded.

6. Security Measures
  • Encryption at rest & transit
  • MFA for institutional accounts
  • Regular access reviews
  • Logging and monitoring
7. Residual Risk

Residual risk level: Moderate (typical for cloud SaaS). Mitigated through layered security controls.

Last Updated: March 15, 2026

Contact Our DPO