Privacy Policy

Last updated: 2025-09-21

Ambriel Technologies (“Ambriel”, “we”, “us”, “our”) respects your privacy and is committed to protecting the personal data you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our websites, platform, products, and services (collectively, the “Services”).

By using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, you should not use the Services.

1. Scope

This Privacy Policy applies to:

  • Visitors to our websites.
  • Customers and users of our Services.
  • Individuals whose data may be processed through our Services by our customers.

This Privacy Policy does not apply to third-party websites or services linked to from our platform.

2. Data We Collect

We may collect the following categories of data:

a. Information you provide directly

  • Account registration details (name, email, company, password).
  • Billing and payment information.
  • Customer support inquiries and feedback.

b. Information collected automatically

  • Device and browser information.
  • IP address and geolocation data.
  • Log files, usage data, and activity on the Services.

c. Data processed on behalf of customers

Customers may submit personal data of their end-users for fraud prevention, compliance, and risk management purposes. This may include:

  • Contact details (name, email, phone number).
  • Transaction data (amount, time, merchant).
  • Technical identifiers (IP address, device ID, user agent).
  • Screening data (sanctions lists, PEP databases, adverse media checks).

In such cases, the customer acts as the Data Controller, and Ambriel acts as the Data Processor under applicable data protection laws.

3. How We Use Data

We use personal data for the following purposes:

  • To provide, maintain, and improve the Services.
  • To detect, prevent, and mitigate fraud and other illicit activities.
  • To comply with applicable laws and regulatory obligations (e.g., AML, CFT, sanctions compliance).
  • To communicate with customers about updates, security alerts, and administrative messages.
  • To provide technical support and customer success services.
  • To conduct research, analytics, and product development.
  • To enforce our Terms of Service and other agreements.

4. Legal Bases for Processing

Where required under applicable laws (e.g., GDPR), we process personal data based on the following legal grounds:

  • Performance of a contract – providing the Services to customers.
  • Compliance with legal obligations – meeting AML, CFT, and regulatory requirements.
  • Legitimate interests – improving our Services, preventing fraud, and securing systems.
  • Consent – where customers or website visitors provide explicit consent (e.g., marketing communications).

5. Data Sharing & Disclosure

We do not sell personal data. We may share data with:

  • Service providers – hosting, cloud infrastructure, analytics, support tools.
  • Regulatory and law enforcement authorities – where required by law.
  • Business transfers – in the event of a merger, acquisition, or sale of assets.
  • Affiliates and subsidiaries – to provide Services globally.

All third parties are bound by contractual obligations to protect data in accordance with this Privacy Policy.

6. International Transfers

Ambriel operates globally and may transfer personal data outside of the country of origin. Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards (e.g., Standard Contractual Clauses, adequacy decisions).

7. Data Retention

We retain personal data for as long as necessary to:

  • Provide the Services.
  • Comply with legal and regulatory obligations.
  • Resolve disputes and enforce agreements.

Retention periods may vary depending on the type of data and the purpose of processing.

8. Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encryption in transit and at rest.
  • Access controls and authentication.
  • Regular audits and monitoring.

However, no system is completely secure, and we cannot guarantee absolute security of data.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access to your data.
  • Rectification of inaccurate or incomplete data.
  • Erasure of data (“right to be forgotten”).
  • Restriction of processing.
  • Data portability.
  • Objection to processing.
  • Withdrawal of consent (where processing is based on consent).

Requests should be directed to privacy@[insert-domain].com. We may need to verify your identity before fulfilling requests.

10. Customer Responsibilities

If you are a customer using the Services, you are responsible for:

  • Providing legally sufficient privacy notices to your end-users.
  • Obtaining all required consents from your end-users.
  • Complying with applicable privacy and data protection laws.

11. Children’s Privacy

The Services are not directed to individuals under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us, and we will delete it.

12. Changes to this Policy

We may update this Privacy Policy from time to time. Updates will be posted on our website with a revised “Last updated” date. If changes are material, we will notify customers by email or through the Services.

13. Contact Us

If you have questions about this Privacy Policy, please contact us:

Ambriel Technologies 
Email: legal[at]ambriel.io

Website: ambriel.io/contact

By using the Services, you acknowledge that you have read, understood, and agree to this Privacy Policy.