Ambassify takes data protection seriously. We are fully compliant with the GDPR and act as both a data controller and a data processor, depending on the context. Privacy is built into everything we do.

GDPR Compliance

Ambassify maintains full compliance with the General Data Protection Regulation (GDPR).

  • Dual Role: We act as a data controller for our own website visitors and prospects, and as a data processor for platform users and customer data
  • Data Processing Agreement: A DPA is part of every SaaS agreement, clearly defining responsibilities and safeguards. View our Data Processing Agreement
  • Lawful Basis: All personal data processing is carried out under a valid legal basis as defined by the GDPR
  • Records of Processing: We maintain up-to-date records of all processing activities

Data Subject Rights

You have clear rights over your personal data, and we make it easy to exercise them.

  • Your Rights: You can request access, rectification, erasure, restriction, portability, or object to the processing of your personal data
  • How to Submit a Request: Use our secure Data Subject Rights Form or contact our DPO at dpo@ambassify.com
  • Response Time: We respond to all valid requests within the timeframes required by law

Privacy by Design

Privacy is embedded into our product development process from the start.

  • Built-In Privacy: Privacy considerations are part of every stage of product design and development
  • Data Minimization: We collect and process only the data that is strictly necessary for the intended purpose
  • PII Data Flow: Our personal data flows are documented and regularly reviewed. View the PII data flow overview
  • AI and Privacy: Our AI features do not process personally identifiable information. Learn more about our Responsible AI approach

Regulatory Framework

We comply with multiple data protection regulations and actively monitor the evolving legal landscape.

  • Core Regulations: Full compliance with the GDPR, the ePrivacy Directive, Belgian data protection law, and the Swiss nFADP
  • Emerging Regulations: We monitor developments such as the CCPA and PDPA to ensure continued compliance
  • Supervisory Authority: Our lead supervisory authority is the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit). You can lodge a complaint directly with them or with your local supervisory authority

Data Protection Officer

Ambassify has appointed a Data Protection Officer to oversee all data protection matters.

  • Contact: Reach the DPO at dpo@ambassify.com
  • Complaints: You can also file complaints with the Belgian Data Protection Authority or your local supervisory authority

Key Documents

The following documents provide further detail on how we protect your data.