Skip to main content

Privacy Policy

Last updated: January 2026

Amani Digital LLC ("we", "us", or "our") operates the Amani Intelligence platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.

1. Data Controller

Amani Digital LLC is the data controller responsible for your personal data.

Company: Amani Digital LLC

Address: 123 Innovation Drive, Suite 400, San Francisco, CA 94105, USA

Data Protection Officer: dpo@amanidigital.com

Privacy Inquiries: privacy@amanidigital.com

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, business name, and job title
  • Business Data: Assessment responses, business documents, and research queries
  • Payment Information: Billing details (processed securely by Stripe)
  • Communications: Messages, feedback, and support requests

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent on platform
  • Device Information: Browser type, operating system, IP address
  • Cookies: Essential and analytics cookies (see our Cookie Policy)

3. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Contract Performance (Article 6(1)(b)): Processing necessary to provide our services
  • Legitimate Interests (Article 6(1)(f)): Improving our services, fraud prevention, security
  • Consent (Article 6(1)(a)): Marketing communications, analytics cookies
  • Legal Obligation (Article 6(1)(c)): Tax records, regulatory compliance

4. How We Use Your Information

  • Provide and maintain our AI-powered research and assessment services
  • Generate personalized business insights and recommendations
  • Process payments and manage subscriptions
  • Send transactional communications (account updates, service notifications)
  • Send marketing communications (with your consent)
  • Improve our services through analytics and usage patterns
  • Ensure security and prevent fraud
  • Comply with legal obligations

5. Data Sharing and Third Parties

We do not sell your personal information. We may share data with:

5.1 Service Providers (Data Processors)

  • Supabase: Database hosting and authentication
  • Anthropic (Claude API): AI-powered analysis and insights
  • Google (Gemini API): Research and analysis capabilities
  • Vercel: Platform hosting
  • Stripe: Payment processing
  • Resend: Email delivery

All third-party processors are bound by Data Processing Agreements (DPAs) that require them to protect your data in accordance with GDPR requirements.

5.2 Other Disclosures

  • Legal authorities when required by law or valid legal process
  • Business partners with your explicit consent
  • In connection with a merger, acquisition, or sale of assets

6. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • EU-US Data Privacy Framework certification (where applicable)
  • Binding Corporate Rules for intra-group transfers

7. Data Retention

We retain your data according to the following schedule:

Data TypeRetention Period
Account DataUntil account deletion + 30 days
Assessment Data7 years (legal requirement)
AI Council Conversations90 days (configurable)
Audit Logs7 years (compliance)
Marketing DataUntil consent withdrawn
Analytics Data2 years

8. Your Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access (Article 15): Request a copy of your personal data
  • Right to Rectification (Article 16): Request correction of inaccurate data
  • Right to Erasure (Article 17): Request deletion of your data ("Right to be Forgotten")
  • Right to Restrict Processing (Article 18): Request limitation of data processing
  • Right to Data Portability (Article 20): Receive your data in a machine-readable format
  • Right to Object (Article 21): Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

How to Exercise Your Rights

You can exercise your rights through:

  • Your account settings page (data export and deletion)
  • Contacting our Data Protection Officer at dpo@amanidigital.com
  • Submitting a request via privacy@amanidigital.com

We will respond to your request within 30 days as required by GDPR.

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption at rest and in transit (TLS 1.3)
  • Row-Level Security (RLS) in our database
  • Multi-factor authentication options
  • Regular security audits and penetration testing
  • Access controls and audit logging
  • Employee security training

10. Automated Decision-Making and AI Processing

Our platform uses artificial intelligence to provide personalized business insights and recommendations. Under GDPR Article 22, you have specific rights regarding automated decision-making.

10.1 How We Use AI

  • Assessment Analysis: AI analyzes your responses to generate business maturity scores and insights
  • Research Synthesis: AI combines data from multiple sources to create comprehensive reports
  • Personalized Recommendations: AI suggests strategic actions based on your business profile
  • Pre-Qualification: AI helps determine the most suitable subscription tier based on your needs

10.2 Human Oversight

While AI assists in generating insights, significant decisions affecting your account (such as access restrictions or subscription changes) involve human review. AI-generated recommendations are advisory and should be reviewed by you before implementation.

10.3 Your Rights

You have the right to:

  • Request human review of any AI-generated decision that significantly affects you
  • Express your point of view and contest automated decisions
  • Request information about the logic involved in automated processing
  • Opt out of certain automated processing by contacting our DPO

Note: AI processing of your data is necessary to provide our core assessment and research services. If you opt out of AI processing, some features may be unavailable. Contact dpo@amanidigital.com to discuss alternatives.

11. Cookies

We use cookies and similar technologies to enhance your experience. For detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy.

12. Children's Privacy

Our platform is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email and/or a prominent notice on our platform. Your continued use of our services after such modifications constitutes your acknowledgment of the modified policy.

14. Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with a supervisory authority. For EU residents, you can find your local authority at edpb.europa.eu.

We encourage you to contact us first so we can try to resolve your concerns.

15. Contact Us

Amani Digital LLC

123 Innovation Drive, Suite 400, San Francisco, CA 94105, USA

Data Protection Officer: dpo@amanidigital.com

Privacy Inquiries: privacy@amanidigital.com

EU Representative:
Amani Digital EU B.V.
Amsterdam, Netherlands
eu-privacy@amanidigital.com

← Back to Home
Cookie PolicyTerms of Service