Privacy Policy

Last updated: April 2026 · This policy applies to all AmpGate services.

1. Who We Are

AmpGate operates the AmpGate agentic identity platform accessible at ampgate.io (the "Service"). We act as the data controller in respect of personal data collected directly through the Service. For questions about this policy, contact us at privacy@ampgate.io.

2. Data We Collect

2.1 Account Data

Full name and email address (collected at registration).
Company or organisation name (optional).
Hashed password (bcrypt; we cannot recover your original password).
Account preferences and team-member associations.

2.2 Usage and Operational Data

Agent configurations and policy definitions you create.
Token issuance records (count, timestamp, agent ID, expiry, status).
API request metadata: endpoint, HTTP method, response code, latency, token count consumed.
Audit log entries: action type, actor identity, timestamp, outcome.
Quota and rate-limit counters.

2.3 Billing Data

Payment card details and billing addresses are collected and stored exclusively by our third-party payment processor (Paddle or equivalent). We receive only a transaction reference, subscription status, and payment outcome — never raw card numbers or full billing credentials.

2.4 Technical and Security Data

IP address and user-agent string at login and API authentication.
Session identifiers (stored as hashed cookies; see Section 7).
API key identifiers (SHA-256 hashed; we cannot recover the raw key).
Security event records: failed login attempts, suspicious API patterns.

2.5 Communications Data

If you contact our support team, we retain the content of that correspondence to resolve your enquiry and for quality purposes.

2.6 Data We Do Not Collect

We do not collect the contents of agent private keys, the payload of tokens issued to agents, or any data processed by your AI agents through external services.

3. Legal Basis for Processing (GDPR)

Where GDPR or UK GDPR applies, we rely on the following legal bases:

Contract performance — processing necessary to provide the Service you have subscribed to (account management, token issuance, billing).
Legitimate interests — security monitoring, abuse detection, fraud prevention, service analytics, and service improvement, where these interests are not overridden by your rights.
Legal obligation — retaining records as required by applicable tax or financial regulation.
Consent — sending optional product update or marketing communications (you may withdraw consent at any time by clicking "unsubscribe" in the email or contacting us).

4. How We Use Your Data

Provisioning and operating your account and the Service.
Authenticating your identity and authorising API requests.
Processing subscription payments and PAYG billing via our payment processor.
Enforcing usage quotas, rate limits, and plan entitlements.
Detecting and preventing abuse, fraud, and security incidents.
Sending transactional emails: account verification, payment receipts, quota alerts, trial expiry notices.
Responding to support requests.
Complying with legal obligations.
Producing aggregated, anonymised usage statistics for internal reporting.

We do not sell, rent, or trade your personal data. We do not use your data to train machine learning models, and we do not use it to serve third-party advertising.

5. Data Sharing and Third-Party Processors

We share personal data only where necessary with the following categories of processors, all bound by appropriate data processing agreements:

Payment processor (Paddle / equivalent) — handles subscription billing and payment card data on our behalf.
Cloud infrastructure provider — provides the servers, databases, and storage on which the Service runs.
Transactional email provider — delivers account and notification emails.
Error monitoring (self-hosted or privacy-preserving provider) — captures application errors for debugging.

We may disclose data to competent authorities where required by law, court order, or to protect the safety, rights, or property of AmpGate, our users, or the public.

6. Data Retention

We retain personal data for as long as your account is active or as needed to provide the Service. Specific retention periods:

Data Category	Retention Period
Account / profile data	Duration of account + 30 days post-deletion request
Audit logs — Trial plan	30 days
Audit logs — Starter plan	30 days
Audit logs — Pro plan	90 days
Audit logs — Business plan	1 year
Audit logs — Enterprise plan	Custom (contractual)
API request metadata	Same as audit log for plan
Billing / transaction records	7 years (tax / legal requirement)
Security / login event logs	90 days
Support correspondence	3 years from last interaction

After the applicable retention period, data is permanently and securely deleted. You may request earlier deletion at any time (see Section 8).

7. Cookies and Session Handling

We use a single first-party session cookie (tg_session) to maintain your authenticated session. This cookie is:

HttpOnly — not accessible to client-side JavaScript.
Secure — transmitted only over HTTPS.
SameSite=Lax — provides protection against cross-site request forgery.
Expires when you log out or after a period of inactivity.

We do not use tracking cookies, advertising cookies, third-party analytics cookies, or any cookie that follows you across other websites. No cookie consent banner is required because we use only strictly necessary cookies.

8. Your Rights

Depending on your jurisdiction, you may have the following rights in respect of your personal data:

Access — request a copy of the personal data we hold about you.
Rectification — correct inaccurate or incomplete data.
Erasure — request deletion of your personal data (subject to legal retention obligations).
Restriction — request that we limit how we process your data.
Portability — receive your data in a structured, machine-readable format.
Objection — object to processing based on legitimate interests.
Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact privacy@ampgate.io. We will respond within 30 days. We may need to verify your identity before processing a request. Where requests are manifestly unfounded or excessive, we reserve the right to charge a reasonable fee or refuse.

If you are in the EEA or UK and believe your rights have not been respected, you have the right to lodge a complaint with your local supervisory authority (e.g., the ICO in the UK, or the relevant national DPA in the EU).

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know — what categories of personal information we collect, use, disclose, or sell.
Right to Delete — request deletion of personal information we have collected, subject to exceptions.
Right to Correct — request correction of inaccurate personal information.
Right to Opt-Out of Sale/Sharing — we do not sell or share personal information for cross-context behavioural advertising.
Right to Non-Discrimination — we will not discriminate against you for exercising your rights.

To submit a CCPA/CPRA request, contact privacy@ampgate.io.

10. International Data Transfers

AmpGate operates globally. Your data may be transferred to and stored in countries outside your country of residence, including countries that may not provide the same level of data protection as your home country. Where we transfer personal data from the EEA or UK to countries that have not received an adequacy decision, we do so using appropriate safeguards such as the UK International Data Transfer Agreements (IDTA) or EU Standard Contractual Clauses (SCCs).

11. Security Measures

We implement industry-standard technical and organisational measures to protect your data:

All data in transit is encrypted using TLS 1.2 or higher.
Data at rest is encrypted using AES-256 or equivalent.
Passwords are hashed using bcrypt with a per-user salt.
API keys are hashed with SHA-256; raw keys are never stored.
Agent Task Tokens (ATTs) are signed with Ed25519; private keys are stored with filesystem permission 600.
Access to production systems is restricted to authorised personnel and protected by multi-factor authentication.
We conduct periodic security reviews and promptly address reported vulnerabilities.

While we take reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. In the event of a data breach affecting your rights and freedoms, we will notify affected users and relevant supervisory authorities as required by law.

12. Children's Privacy

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by email and by posting the updated policy on our website. The "Last updated" date at the top of this page indicates when the current version was published. Your continued use of the Service after notification constitutes acceptance of the updated policy.

14. Contact and Data Protection Enquiries

For privacy questions, data subject requests, or to contact our data protection representative:

privacy@ampgate.io

We aim to respond to all enquiries within 5 business days and all formal data subject requests within 30 days.