This Privacy Policy explains how We Are Ampl Ltd ("Ampl", "we", "us") collects, uses, and protects personal data when you visit amplconsulting.ai, book a call with us, complete our onboarding portal, or otherwise engage with our services.
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
We Are Ampl Ltd is the data controller for personal data collected through this website and our direct business activities. Where we process personal data on behalf of a client of the AI Setter System (for example, messages exchanged with that client's leads), we act as a data processor — see "Client end-user data" below.
- Company: We Are Ampl Ltd
- Email: thomas@weareampl.com
- Address: Unit 1 The Ajm Centre, Prospect Business Park
2. What we collect
We collect personal data in the following circumstances:
When you book a call
- Name, email address, phone number, business details, and any answers you provide on the booking form.
- Calendar metadata (chosen time slot, time zone).
When you visit the website
- Standard server logs (IP address, browser type, referring URL, pages viewed, timestamps).
- Analytics events from Ahrefs Analytics and the Meta Pixel — see "Cookies & tracking" below.
When you become a client
- Business information needed to deliver the service: scripts, ICP documents, offer details, target audience information.
- Account access credentials and tokens for the platforms you authorise us to operate (e.g. ManyChat, Meta, calendar).
- Voice recordings provided for cloning purposes.
- Billing information processed through Stripe (we do not store full card details ourselves).
- Communications between you and Ampl (email, calls, messaging).
3. How we use it
We use personal data to:
- Respond to enquiries and run sales calls.
- Deliver the AI Setter System and any associated services.
- Send service updates, performance reports, and other operational communications.
- Process payments and manage our financial records.
- Improve our website, marketing, and product through aggregated analytics.
- Comply with our legal and regulatory obligations.
We do not sell personal data to third parties.
4. Legal basis for processing
Under UK GDPR, we rely on the following lawful bases:
- Contract — to deliver the AI Setter System under a Services Agreement, or to take steps before entering into one (sales calls, onboarding).
- Legitimate interest — to run and improve our business, including marketing to prospective clients, website analytics, and security monitoring. You can object to this processing at any time.
- Consent — for voice cloning, marketing cookies, and any other processing where consent is required. You can withdraw consent at any time.
- Legal obligation — for tax records, accounting, and compliance.
5. Who we share data with
We use a small set of vetted third-party sub-processors to deliver our services. Each is bound by data processing terms and only processes data on our instructions:
| Provider | Purpose | Location |
|---|---|---|
| Anthropic | Claude API — powers AI setter responses | United States |
| ElevenLabs | Voice cloning and speech synthesis | United States |
| ManyChat | Messaging layer (Instagram DMs, WhatsApp, SMS) | United States |
| Railway | Backend hosting and infrastructure | United States |
| Airtable | Client reporting dashboards and operations | United States |
| GoHighLevel (GHL) | CRM, booking calendar, sales pipeline | United States |
| Stripe | Payment processing | United States |
| Meta (Facebook/Instagram) | Advertising platform & Meta Pixel analytics | United States |
| Ahrefs | Privacy-friendly site analytics | Singapore |
| Microsoft (Outlook) | Business email and calendar | United States / EU |
We may also share data where required by law, in connection with a legal claim, or in the event of a business transfer (e.g. sale of the company).
6. International transfers
Most of our sub-processors are based in the United States. Where personal data is transferred outside the UK, we rely on the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, alongside additional safeguards where appropriate.
7. Retention
We hold personal data only as long as we need it for the purposes set out in this policy:
- Sales enquiries that don't convert: up to 24 months from last contact, then deleted or anonymised.
- Active client data: retained for the duration of the engagement and for 6 years after termination, in line with UK accounting and statutory record requirements.
- Voice cloning data: deleted within 30 days of termination of the engagement or earlier withdrawal of consent.
- Server logs and analytics: typically 12 months.
- Marketing contact data: until you opt out, then suppressed indefinitely on our suppression list (to honour your opt-out).
8. Cookies & tracking
This website uses a small number of cookies and similar technologies:
- Strictly necessary — required for the site to function (e.g. routing, security). Always on.
- Analytics — Ahrefs Analytics, which is privacy-friendly and does not use cookies for cross-site tracking.
- Advertising — the Meta Pixel measures the effectiveness of our adverts on Facebook and Instagram. It uses cookies and similar identifiers to attribute conversions.
You can control cookies through your browser settings and opt out of Meta's advertising tracking through your Meta account preferences and your device's ad-tracking settings.
9. Voice cloning data
Where you provide voice recordings for cloning, you give us explicit consent to record, process, and synthesise your voice within the scope of the AI Setter System. Voice data is stored and processed by ElevenLabs Inc. under their data processing terms. We use it solely for your benefit and delete it within 30 days of termination of the engagement or earlier withdrawal of consent.
Consent for voice cloning is separate from the rest of this policy and can be withdrawn at any time by writing to thomas@weareampl.com. Withdrawal ends our right to generate new voice content but does not affect content already produced.
10. Client end-user data
When we operate the AI Setter System on behalf of a client, we may process personal data belonging to that client's leads and customers — for example, the contents of an Instagram DM conversation. In that context the client is the data controller and we act as a data processor.
If you are a lead or customer of one of our clients and have a question about how your data is being used, please contact that client directly. They are responsible for the lawful basis and notices in relation to your data.
11. Security
We take reasonable technical and organisational measures to protect personal data, including encrypted transport (HTTPS), credential isolation between clients, least-privilege access to internal systems, and review of sub-processor security practices. No system is perfectly secure; if we become aware of a breach affecting your data we will notify you in line with our UK GDPR obligations.
12. Your rights
Under UK GDPR you have the following rights, free of charge in most cases:
- Access — request a copy of the personal data we hold about you.
- Rectification — ask us to correct inaccurate or incomplete data.
- Erasure — ask us to delete your data, subject to legal exceptions.
- Restriction — ask us to limit how we use your data while a query is resolved.
- Portability — request your data in a portable format.
- Objection — object to processing based on legitimate interests, including direct marketing.
- Withdraw consent — for any processing based on consent, including voice cloning.
- Complain — lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.
To exercise any of these rights, email thomas@weareampl.com. We will respond within one month.
13. Children
Our services are aimed at business customers and are not intended for anyone under the age of 18. We do not knowingly collect personal data from children.
14. Changes to this policy
We may update this policy from time to time. The current version is always available at this URL with the "Last updated" date shown at the top of the page. Material changes will be communicated to active clients by email.
15. Contact
For privacy-related questions, requests, or complaints:
- We Are Ampl Ltd
- Email: thomas@weareampl.com
- Phone: +1 646 466 6024
- Address: Unit 1 The Ajm Centre, Prospect Business Park
You can also complain to the UK Information Commissioner's Office at ico.org.uk or on 0303 123 1113.