At Ambassify, your privacy is a top priority. As part of our commitment to transparency, security, and accountability, we strictly adhere to the General Data Protection Regulation (GDPR) — the EU’s gold standard for data protection.

This page explains your rights under the GDPR, how you can exercise them, and what steps we take to ensure your data is handled securely and responsibly. Whether you’re a customer, platform user, or simply exploring our services, we want you to feel confident and informed about how your personal data is collected, processed, and protected.

Read on to learn more about your rights and how to reach us for any data-related requests or concerns.

Frequently Asked Questions (FAQ)

Does the company have a Data Protection Officer (DPO) assigned?

Yes, Ambassify has appointed a DPO who can be contacted via dpo@ambassify.com.

Can you provide a Data Processing Agreement (DPA)?

Yes, a DPA is an integral part of our SaaS agreement. It outlines our responsibilities as a data processor and our obligations under GDPR.

Is your company registered with a Data Protection Authority?

Yes, Ambassify is based in Belgium and complies with the Belgian Data Protection Authority (DPA).

What data do we store?

We store personal data provided by users (e.g., name, email), usage data from the platform, and any other data necessary for the service.

Where do we store and process your data, and is it transferred outside the EU/EEA?

Data is stored and processed within the EU data centers of Amazon AWS. More specifically Frankfurt (Germany) and Dublin (Ireland).

Which subprocessors do you use and where are they located?

A full list of subprocessors and their locations is available in our documentation: View Subprocessors

Is data encrypted in transit and at rest?

Yes. All data is encrypted using strong industry-standard protocols (TLS for data in transit, and AES-based encryption for data at rest).

Do you process special categories of data (e.g., health, biometric, political)?

No, Ambassify does not process any special categories of personal data unless explicitly provided and authorized by the customer.

What technical and organizational security measures are in place?

We implement ISO 27001:2022 certified information security controls, access restrictions, monitoring systems, regular audits, and secure development practices.

Do you have a clear data retention and deletion policy?

Yes. We retain data only as long as necessary for the purposes outlined in our policies and delete it upon termination or upon request, following strict deletion protocols.

Exercising Your GDPR Data Rights with Ambassify

At Ambassify, we fully support your rights under the General Data Protection Regulation (GDPR) and are committed to protecting your personal data. As a data subject, you have specific rights regarding the way your data is collected, processed, and stored. Here’s how you can exercise those rights with us.

Right of Access

You have the right to know whether we are processing your personal data. If so, you can request a copy of the data we hold about you. While we typically offer this free of charge, a reasonable fee may be applied for repetitive or excessive requests.

Right to Rectification

If you believe the information we have is inaccurate or incomplete, you may request that we correct or update it without undue delay.

Right to Erasure (“Right to Be Forgotten”)

Under certain conditions, you can request that we delete your personal data. Please note that in some cases, deleting your data may limit or prevent access to certain services.

Right to Object

You have the right to object to our processing of your data in specific situations, particularly when we rely on legitimate interest as our legal basis.

Right to Restriction of Processing

In certain cases, you may request that we limit the way we use your data — for example, while verifying its accuracy or when you’ve objected to its use.

Right to Data Portability

You can request that we transfer your personal data to you or another organization in a structured, commonly used, machine-readable format, provided this is technically feasible.

How to Submit a Request

To exercise any of the above rights, please use our secure form:

Submit a Data Request

Alternatively, you can contact our Data Protection Officer (DPO) at: dpo@ambassify.com

Have a Complaint?

If you’re unhappy with how your personal data has been handled, we encourage you to contact us directly. We’re here to help.

You also have the right to file a complaint with the Belgian Data Protection Authority or with your local supervisory authority. Belgian DPA Contact Page contact@apd-gba.be

Stay Informed

This information reflects our most current privacy practices. For full details, consult our official Privacy Policy.