Privacy Policy

1. Information We Collect

We collect information in two ways: information you provide directly, and information collected automatically when you interact with our website and services.

Information You Provide

• Contact information — name, email address, phone number, and company/store name submitted through our contact form or during communications
• Store details — your ecommerce store URL, platform (Shopify, WooCommerce, etc.), and approximate monthly revenue range
• Service-related information — your goals, challenges, and any additional context you share about your business
• Communication records — emails, call notes, and messages exchanged between you and our team

Information Collected Automatically

• Usage data — pages visited, time spent on pages, referring URLs, and interaction patterns on our website
• Device information — browser type, operating system, screen resolution, and device type
• IP address — used for general geographic location (country/region level) and security purposes

2. How We Use Your Information

We use the information we collect for the following purposes:

• Delivering our services — conducting GSC Revenue Audits, building SEO strategies, and executing ongoing growth plans
• Communication — responding to your enquiries, sending audit reports, scheduling strategy calls, and providing service updates
• Improving our services — analysing aggregated, anonymised usage patterns to improve our framework, website, and service delivery
• Legal compliance — meeting our legal obligations and protecting our legitimate business interests

We do not use your information for unsolicited marketing, sell it to third parties, or use it for any purpose unrelated to the services you've engaged us for.

3. Google Search Console & Analytics Data

This section is particularly important because our core service involves accessing your Google Search Console and Google Analytics data.

Access Scope

• We request read-only access to your Google Search Console property. We cannot modify your site settings, submit URLs, or make any changes to your search presence.
• We request read-only access to your Google Analytics 4 property for conversion rate and revenue data. We cannot modify your analytics configuration.
• Access is granted through Google's standard OAuth authentication. We never ask for or store your Google account password.

How We Use This Data

• GSC data (queries, pages, positions, impressions, clicks, CTR) is processed through our proprietary GSC Intelligence Framework to identify revenue opportunities
• GA4 data (conversion rates, revenue, average order value) is used to map SEO opportunities to revenue projections
• All analysis is performed exclusively for your benefit and is included in your audit report and strategy deliverables

Data Isolation

Your search performance data is never combined with data from other clients. Each client's data is processed and stored in complete isolation. We do not create aggregate datasets, benchmarking databases, or shared intelligence from client data. Your data is yours.

Revoking Access

You can revoke our access to your Google Search Console and Analytics at any time through your Google Account permissions page. Revoking access does not affect any deliverables already provided to you.

4. Data Sharing & Third Parties

We do not sell, rent, or trade your personal information or business data to any third party. We may share limited information only in the following circumstances:

• Service providers — we use essential tools for email communication, form processing (Formsubmit), web hosting, and analytics. These providers only receive the minimum data necessary to perform their function and are bound by their own privacy policies.
• Legal requirements — we may disclose information if required by law, court order, or government regulation
• Business protection — we may share information to protect against fraud, security threats, or to enforce our terms of service
• With your consent — we may share information with your explicit permission, such as when coordinating with your development team or other agencies

5. Data Storage & Security

We implement appropriate technical and organisational measures to protect your information:

• All data transmissions are encrypted using TLS/SSL protocols
• Access to client data is restricted to authorised team members only, on a need-to-know basis
• We use secure, reputable cloud infrastructure for data storage
• Regular security reviews are conducted to identify and address potential vulnerabilities
• We are happy to sign a Non-Disclosure Agreement (NDA) before engagement if you require one

While we take every reasonable precaution, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but commit to promptly notifying affected clients in the unlikely event of a data breach.

6. Cookies & Tracking

Our website uses minimal cookies and tracking technologies:

• Essential cookies — required for basic website functionality (session management, security)
• Analytics cookies — we may use privacy-respecting analytics to understand how visitors interact with our website. This data is aggregated and does not personally identify you.

We do not use advertising cookies, retargeting pixels, or any third-party tracking that follows you across other websites. We do not participate in ad networks or data exchanges.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right to access — request a copy of the personal data we hold about you
• Right to correction — request correction of inaccurate or incomplete data
• Right to deletion — request deletion of your personal data, subject to legal retention requirements
• Right to portability — request your data in a commonly used, machine-readable format
• Right to object — object to processing of your data for specific purposes
• Right to withdraw consent — withdraw any previously given consent at any time

To exercise any of these rights, contact us at partners@ampiono.com. We will respond to your request within 30 days.

8. Data Retention

We retain your information for the following periods:

• Contact information — retained for the duration of our business relationship and up to 24 months after the last interaction
• GSC and analytics data — retained for the duration of the active engagement. Upon completion of services, raw GSC data is deleted within 90 days. Aggregated, anonymised insights may be retained in your deliverables.
• Audit reports and strategy documents — retained for your reference for 12 months after delivery, unless you request earlier deletion
• Communication records — retained for up to 24 months for service quality and dispute resolution purposes

You can request earlier deletion of any of your data at any time by contacting us.

9. Children's Privacy

Our services are designed for businesses and are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will take steps to delete it.

10. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, services, or legal requirements. When we make significant changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this privacy policy, your data, or how we handle information, please contact us:

• Email: partners@ampiono.com
• Contact form: ampiono.com/contact