Amieldigital
Try
Legal

Privacy Policy

Last updated June 3, 2026. This policy explains what personal data Amiel Digital collects, why we collect it, how we use it, and the rights you have under the GDPR, UK GDPR and similar laws.

1. Who we are

Amiel Digital ("Amiel", "we", "us") operates the catalog-enrichment platform available at this website and at app.amiel.digital. We act as the data controller for your account data and as a data processor for any catalog data you upload for enrichment.

2. Data we collect

  • Account data — name, email, password hash, company, role, language, timezone.
  • Billing data — billing address, VAT ID, invoice history. Card data is handled by our payment processor; we never see full card numbers.
  • Catalog data — product titles, descriptions, images and attributes you upload or connect via API.
  • Usage data — pages visited, features used, credit consumption, error logs, IP address, browser fingerprint.
  • Communication — emails, support tickets and chat transcripts.

3. How we use data

We use your data to operate the service, authenticate sessions, bill credits, deliver enrichment jobs, prevent fraud, comply with legal obligations and improve the product. We do not sell personal data and we do not use catalog data to train shared AI models without explicit opt-in.

4. Legal bases (GDPR)

We rely on contract (delivering the service you purchased), legitimate interest (security, fraud prevention, product analytics), legal obligation (tax, accounting) and consent (marketing emails, non-essential cookies).

5. Sharing & sub-processors

We share data only with sub-processors who help us run the service: cloud hosting (AWS, eu-central-1), payments (Stripe, PayPal), email delivery (Postmark), error monitoring (Sentry), analytics (PostHog). A full list is available on request.

6. International transfers

Primary processing happens in the EU. When data leaves the EEA we rely on Standard Contractual Clauses and additional safeguards required by Schrems II.

7. Retention

Account data is kept while your account is active and for 24 months after deletion for tax and audit purposes. Catalog data is deleted within 30 days of contract termination. Backups are rotated every 35 days.

8. Your rights

You have the right to access, rectify, delete, restrict, port and object to processing of your personal data, and to lodge a complaint with your local data protection authority. Email [email protected] and we will respond within 30 days.

9. Security

We encrypt data in transit (TLS 1.3) and at rest (AES-256), enforce SSO and 2FA for staff, run least-privilege access reviews quarterly, and undergo annual penetration testing. SOC 2 Type II report available under NDA.

10. Contact

Data Protection Officer — [email protected]. Postal: Amiel Digital, 110 Rue de Fontenay, 94300 Vincennes, France. SIREN 922 808 068 · SIRET 922 808 068 00014 · TVA FR81922808068.