← Back to Home

Privacy Policy

Last Updated: October 2025

1. Introduction

Welcome to Amplycom. This Privacy Policy explains how Liljeforce AB ("we," "us," or "our") collects, uses, and protects your personal information when you use our AI-powered B2B outreach platform (the "Service").

Important: Amplycom is currently in development and available only to manually onboarded users. Features and data practices may evolve as we develop the platform. We will provide notice of material changes to this Privacy Policy.

By using Amplycom, you confirm that you are at least 18 years old and agree to the data practices described in this policy.

2. Data Controller

Liljeforce AB
Organization Number: 559211-3186
Address: Grundtvigsgatan 39, c/o Liljefors, 16848 Bromma, Sweden

Contact:
General inquiries: support@amplycom.com
Privacy matters: privacy@amplycom.com

3. What Data We Collect

We collect and process the following categories of personal information:

3.1 Account Information

  • Email address
  • Name
  • Job title
  • Organization name and details
  • Role and permissions within the platform
  • Account preferences and settings

3.2 Organization & Business Data

  • Organization description and domain
  • Ideal customer profile (ICP)
  • Offering description and unique selling points
  • AI-generated research about your business

3.3 CRM Data

  • Company Records: Company names, industries, size, locations, websites, LinkedIn profiles, keywords, descriptions
  • Contact Records: First and last names, email addresses, phone numbers, job titles, LinkedIn profiles, engagement status
  • Interaction History: Notes, calls, meetings, tasks, and other activities you log

3.4 Email Communications

  • Email subject lines and body content
  • Sender and recipient information
  • Email thread identifiers
  • Timestamps and delivery status
  • Important: We only store emails involving your CRM contacts (see Section 4 below)

3.5 Email Account Connection Data

  • Email service provider (Gmail, Outlook, etc.)
  • Connection status and authentication tokens
  • Email account identifiers (managed by Nylas)

3.6 AI Research Data

  • AI-generated research on companies and contacts
  • Industry trends and news summaries
  • Research timestamps and confidence scores
  • Cached research results (automatically refreshed periodically)

3.7 Usage and Technical Data

  • Audit logs of system actions
  • Activity timestamps
  • Authentication session data
  • Feature usage information

4. Email Integration & Selective Sync

Amplycom integrates with your email account to provide CRM-based email management. Our selective sync technology ensures only relevant emails are stored.

4.1 How Selective Sync Works

When you connect your email account via Nylas (our email infrastructure provider):

  • What We Store: Only emails from contacts you have added to your CRM are stored in Amplycom and displayed in your communication timeline.
  • What We Don't Store: Emails from senders who are not in your CRM are not stored in our database. These emails remain only in your regular email inbox.
  • Technical Processing: Our system receives notifications of incoming emails to determine if they involve your CRM contacts. Emails from non-CRM contacts are immediately filtered and discarded without storage or logging.

4.2 Privacy Architecture

We have implemented privacy-by-design measures to minimize data exposure:

  • Early validation: Non-CRM emails are identified and filtered at the earliest processing stage
  • Minimal logging: We do not log email content, subjects, or sender information for non-CRM emails
  • Encryption: All email data is encrypted in transit using TLS/HTTPS
  • Verification: Webhook communications are cryptographically verified

4.3 Email Open Tracking

When you send emails through Amplycom, we automatically track when recipients open your emails to help you understand engagement with your outreach.

  • What We Track: Whether an email was opened and the timestamp of the first open
  • What We Don't Track: Multiple opens, location data, device information, or reading behavior beyond the initial open
  • Purpose: To provide you with engagement analytics that improve your business communications

This is standard practice for B2B sales and marketing platforms and helps you understand when contacts engage with your emails.

4.4 Platform Limitations

Due to technical limitations of email webhook systems (standard industry practice for B2B platforms), incoming email notifications may transiently pass through our infrastructure during the sender validation process. However, non-CRM emails are immediately discarded and never stored, logged, or displayed in Amplycom.

5. How We Use Your Data

We use your personal information for the following purposes:

  • Provide the Service: To operate Amplycom, manage your account, and deliver CRM and outreach features
  • AI Research: To conduct automated research on companies and contacts in your CRM using Google Gemini AI
  • Email Generation: To generate personalized email content based on research insights and your communication preferences
  • Lead Qualification: To score and categorize leads based on engagement signals and AI evaluation
  • Communication Management: To track email communications, engagement history, and conversation threads
  • Service Notifications: To send you service-related updates and information about new features
  • Improve Our Service: To analyze usage patterns, fix bugs, and develop new features
  • Security & Compliance: To protect against fraud, abuse, and security threats

6. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Consent: When you connect your email account, enable AI communication features, or grant specific permissions
  • Contractual Necessity: To provide the Service you have signed up for and to fulfill our obligations to you
  • Legitimate Interests: To improve our Service, ensure security, prevent fraud, provide email engagement analytics (open tracking), and conduct business analytics (balanced against your privacy rights)

7. AI Processing

Amplycom uses Google Gemini AI to power research, content generation, and decision-making features:

  • Research Agent: Analyzes company websites, news, and industry information
  • Content Agent: Generates personalized email content based on research and your preferences
  • Decision Agent: Evaluates outreach timing, lead qualification, and engagement signals

AI Data Usage: We use Google Gemini AI via their paid enterprise tier, which means Google does not use your prompts or responses to train or improve their models. Your data is processed under Google's Data Processing Addendum as a data processor. Research results are cached in our database and automatically refreshed periodically (typically every 10 days) to keep insights current.

8. Data Sharing & Third-Party Services

We share your data only with trusted service providers necessary to operate Amplycom. We do not sell your personal information to third parties.

8.1 Service Providers (Subprocessors)

  • Supabase (EU - Stockholm): Database hosting and user authentication
  • Google Gemini AI (USA): AI-powered research, content generation, and decision-making
  • Nylas (USA): Email service integration and email account management
  • Vercel (USA): Application hosting and infrastructure

All service providers are SOC2 and/or GDPR compliant, and we have appropriate data processing agreements in place.

8.2 Legal Disclosures

We may disclose personal information if required by law, legal process, or government request, or if necessary to protect our rights, users, or the public.

9. International Data Transfers

Your primary data is stored in the EU (Stockholm, Sweden) via Supabase. However, some service providers (Google Gemini AI, Nylas, Vercel) may process data in the United States or other jurisdictions.

For transfers outside the EU/EEA, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) and service provider commitments to GDPR compliance mechanisms.

10. Data Retention

We retain your personal data as follows:

  • Active Account Data: Retained while your account is active and for a reasonable period thereafter
  • Research Data: Cached with periodic refresh cycles; older research may be automatically replaced with updated findings
  • Email Communications: Retained until you delete them or close your account
  • Deleted Accounts: Data is removed within a reasonable timeframe following account deletion (see Section 11)

11. Account Deletion

Personal Account Deletion: You may delete your personal account at any time. Your user profile and personal settings will be removed, but organization data will remain accessible to other users in your organization.

Sole Administrator: If you are the only administrator of an organization, you must first confirm deletion of all organization data before you can delete your personal account. This ensures no orphaned data remains in the system.

Data deletion is processed within a reasonable timeframe. Some anonymized data may be retained for analytics or legal compliance purposes.

12. Your Rights Under GDPR

As an EU data subject, you have the following rights:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Data Portability: Request your data in a machine-readable format
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for processing where we rely on consent

To exercise any of these rights, contact us at privacy@amplycom.com. We will respond within a reasonable timeframe.

You also have the right to lodge a complaint with your local data protection authority. In Sweden, this is Integritetsskyddsmyndigheten (IMY): www.imy.se

13. Data Security

We implement industry-standard security measures to protect your personal data:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest (database encryption)
  • Webhook signature verification for email integrations
  • Role-based access control and permission management
  • Multi-tenant data isolation (organization-level segregation)
  • SOC2-compliant infrastructure providers
  • Regular security monitoring and updates

While we strive to protect your data, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials.

14. Cookies & Tracking

Amplycom uses essential cookies necessary for authentication and session management. We do not use third-party tracking cookies or analytics cookies. Session cookies are automatically deleted when you log out or close your browser.

15. Beta & Development Status

Amplycom is currently in development and available only to manually onboarded users. During this period:

  • Features and functionality may change without advance notice
  • Data practices may evolve as we refine the platform
  • We may add new service providers or capabilities
  • Material changes to privacy practices will be communicated

By using Amplycom during this development phase, you acknowledge that the Service is under active development.

16. Age Restrictions

Amplycom is intended for business use by individuals 18 years of age or older. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected data from someone under 18, we will take steps to delete it.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or via email. The "Last Updated" date at the top of this policy indicates when it was last revised.

Continued use of Amplycom after changes become effective constitutes acceptance of the updated Privacy Policy.

18. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email:
General: support@amplycom.com
Privacy: privacy@amplycom.com

Postal Address:
Liljeforce AB
Grundtvigsgatan 39, c/o Liljefors
16848 Bromma
Sweden

Liljeforce AB is committed to protecting your privacy and handling your data with transparency and care.