amphora
Privacy Policy
Effective date: 23 May 2026 · Last updated: 23 May 2026
1. Who we are
This policy is published by Amphora AI ("Amphora", "we", "us"). For privacy questions, contact info@am4a.ai. Amphora AI is the data controller responsible for processing the personal data described below.
EU representative (GDPR Art. 27). Amphora AI is established in the United States and does not currently have an establishment in the EU. We process only minimal personal data (email addresses for subscribers; aggregate cookieless analytics for visitors), do not process special-category data, and the processing is not large-scale or systematic. Under GDPR Art. 27(2)(a), our processing therefore qualifies for the "occasional, not large-scale, no special-category" exemption from the requirement to designate an EU representative. If EU processing grows beyond this threshold we will designate a representative and update this page. EU/EEA visitors can in the meantime contact us directly at info@am4a.ai for any data-protection inquiry.
2. What data we collect, and why
2.1 Information you give us directly
- Email address — if you sign up via the "Stay in the Loop" / Early Access form. We use it only to send you product updates and Salesforce-AI insights. We retain it until you unsubscribe; one-click unsubscribe is in every email. Legal basis: GDPR Art. 6(1)(a) consent (the act of submitting the form). You can withdraw this consent at any time by clicking the unsubscribe link or emailing info@am4a.ai.
2.2 Information collected automatically (only with your consent)
- Cookies and identified analytics — if you accept analytics in the cookie banner, we set Google Analytics 4 (GA4) cookies that record aggregated visit data tied to a randomly-assigned client ID (page views per session, referring site, device category, country). GA4 anonymizes your IP address at ingestion. We do not enable Google Signals, ad personalization, or cross-device tracking.
- Country detection for the banner itself — we make one network call to
ipwho.ison first visit to determine whether you're in the EU/UK/EEA and need the strict opt-in banner. The result (country code only) is cached in your browser's localStorage for 7 days. We do not record your IP address; we only see the country code returned by the lookup. This is a strictly necessary processing operation under GDPR Art. 6(1)(f) — without it we couldn't decide which legal regime applies to your visit.
2.3 Information collected automatically (no consent required — aggregate only)
Independent of your cookie choice, we use Google Consent Mode v2 cookieless pings to capture aggregate, non-identifying analytics. Each visitor's browser fires one anonymous ping per page load to Google Analytics. Each ping carries:
- Country, region, and city — derived by Google's server from your IP address (the raw IP itself is not stored)
- Browser family and operating system family (no precise version fingerprint)
- The referring site, if any
- UTM campaign parameters from the URL, if present
These pings set no cookies and carry no persistent identifier. Each ping is treated by Google as a brand-new anonymous visitor — there is no cross-page or cross-session linking. The data only ever appears in aggregate form in our analytics dashboards (e.g., "123 visitors from San Francisco this week"), never tied to a specific individual.
Legal basis: GDPR Art. 6(1)(f) (legitimate interest in understanding aggregate site traffic to operate and improve the service). Consent Mode v2 cookieless pings are widely recognized as a privacy-respecting approach to web analytics — they do not set cookies (so ePrivacy / PECR consent requirements do not apply) and the aggregated, non-identifying outputs fall within the legitimate-interest balancing test under GDPR Art. 6(1)(f). We have documented this balancing test internally and can share it on request.
If you do not want to participate even in this aggregate cookieless reporting, set Global Privacy Control in your browser — we treat GPC as a hard opt-out and fire no Google Analytics requests of any kind.
2.4 Strictly necessary cookies and operational logs (no consent required)
- Strictly necessary cookies — we set
am4a_consentandam4a_geoin your browser's localStorage to remember your cookie choice and your detected region so we don't re-prompt you on every page load. These are exempt from consent under GDPR Art. 6(1)(f) and ePrivacy Art. 5(3) because they're strictly necessary for the service you requested (a working consent banner that doesn't pester you). - Server-side request logs — our hosting provider (Google Cloud) logs IP address, user-agent, and URL of every request for 30 days, for security and abuse-prevention. Legal basis: GDPR Art. 6(1)(f) legitimate interest in operating the service securely.
3. Who we share data with
We use a small number of carefully selected processors. We do not sell personal data and we do not share it with advertising networks.
| Recipient | Purpose | Location | Safeguard |
|---|---|---|---|
| Google LLC (Google Analytics 4) | Anonymous aggregate analytics via Consent Mode v2 cookieless pings (every visitor unless Global Privacy Control is set); identified GA4 analytics with persistent client ID and cookies (only if you accept the analytics category in the cookie banner) | USA / global | EU-US Data Privacy Framework + Google's Standard Contractual Clauses |
| Google Cloud Platform | Static site hosting + Cloud Functions (the subscribe endpoint) | us-east4 (Virginia, USA) | EU-US Data Privacy Framework + Google Cloud's DPA |
| ipwho.is | One-time country-code lookup on first visit to determine consent regime | Cloudflare global edge | Anonymous lookup; no account, no persistent identifier shared |
4. International transfers
Our hosting is in the United States. When you visit am4a.ai from outside the US, your data is transferred to the US. We rely on the EU-US Data Privacy Framework (Google is a certified participant) and on the European Commission's Standard Contractual Clauses with our processors. You can request a copy of the relevant safeguards by emailing info@am4a.ai.
5. Retention
- Consent record (
am4a_consent): 30 days, then we re-prompt you (well within CNIL + ICO max-12-month guidance). - Region cache (
am4a_geo): 7 days. - GA4 data: 14 months (the most-private setting GA4 offers; we don't extend it).
- Email subscription: until you unsubscribe; the unsubscribe link is in every email.
- Server logs: 30 days, then deleted.
6. Your rights
Depending on where you are, you have the following rights. To exercise any of them, email info@am4a.ai from the address you'd like us to verify. We respond within 30 days (15 days for CCPA opt-out requests).
6.1 If you are in the EU/UK/EEA (GDPR / UK-GDPR)
- Right of access (Art. 15) — get a copy of what we hold
- Right to rectification (Art. 16) — correct inaccurate data
- Right to erasure / "right to be forgotten" (Art. 17)
- Right to restrict processing (Art. 18)
- Right to data portability (Art. 20)
- Right to object (Art. 21) — especially to processing based on legitimate interest
- Right to withdraw consent (Art. 7(3)) — at any time, via the "Cookie preferences" button in the footer, with no penalty
- Right to lodge a complaint with your supervisory authority (Art. 77)
6.2 If you are in California (CCPA / CPRA)
- Right to know what categories of personal information we collect
- Right to delete personal information
- Right to correct inaccurate personal information
- Right to opt out of "sale" or "sharing" — we do not sell or share for cross-context behavioral advertising, but you can still exercise the right preemptively via the "Cookie preferences" button or by emailing us
- Right to limit use of sensitive personal information — we do not collect sensitive personal information as defined by the CPRA
- Right to non-discrimination for exercising your rights
6.3 Other jurisdictions
If you're somewhere with equivalent rights (LGPD in Brazil, PIPEDA in Canada, POPIA in South Africa, etc.), the same email address gets you the same response. We honor the strictest applicable standard.
7. Children
am4a.ai is intended for business audiences (Salesforce engineers, architects, and admins). We do not knowingly collect personal data from anyone under 16 (or under 13 if you are in the US). If you believe a child has provided us data, email info@am4a.ai and we will delete it.
8. Security
The site is served over HTTPS only (HSTS-enforced, 2-year max-age, includeSubDomains + preload). Strict Content Security Policy with no 'unsafe-inline' for scripts. The subscribe endpoint runs on Google Cloud Functions with email-format validation, CORS allowlisting, and per-IP rate limiting. The consent record never leaves your browser — it's localStorage-only, never transmitted to our servers.
9. Automated decision-making
We do not use automated decision-making (including profiling) that would produce legal or similarly significant effects on you under GDPR Art. 22. The site does not score, rank, or make automated decisions about visitors.
10. Voluntary provision of data
Visiting am4a.ai does not require providing any personal data. Subscribing to the early-access list is entirely voluntary; the only consequence of not subscribing is that you won't receive our product updates. There is no contractual or statutory obligation to provide your email address.
11. Changes to this policy
If we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, re-prompt you for cookie consent. For email subscribers, we will email a summary before any material change takes effect.
12. Contact
Amphora AI — privacy contact: info@am4a.ai
For GDPR-specific inquiries, please mark your email "GDPR Request" so it routes to the right person.