amplikind.ai

Amplifying feedback signals.

Not authenticated

Effective date: October 2025

🛡️ Privacy Policy

Entity responsible: amplikind.ai (independent project operated in Spain)
Contact: privacy@amplikind.ai

1. Overview

amplikind.ai collects and processes limited personal data to provide feedback and coaching functionality. We follow the principles of data minimisation, transparency, and control under the EU General Data Protection Regulation (GDPR).

2. Data we collect

Account and authentication data

We verify Auth0 tokens and store decoded identifiers such as the unique sub. Your name, email, or nickname may be retrieved from Auth0 to label your account.

Questionnaire data

Titles, descriptions, prompts, and responses entered by users are stored in our database. These may contain personal information if you choose to include it.

AI-generated content

Answer text is analysed by OpenAI’s APIs to generate summaries, classifications, and coaching suggestions, which are stored with the questionnaire.

IP addresses

Logged temporarily to enforce rate limits for public preview requests.

Cookies and analytics

A first-party cookie prevents duplicate submissions, and third-party scripts from Google Analytics and Auth0 may set their own cookies for analytics and authentication purposes.

3. Purpose of processing

We process data to:

  • deliver questionnaires and results,
  • prevent duplicate or abusive submissions,
  • provide AI-based summaries and insights, and
  • understand basic usage patterns to improve the service.

4. Legal basis

Processing is based on:

  • consent (when submitting answers or enabling analytics),
  • legitimate interest (to maintain platform security and prevent spam), and
  • contractual necessity (to provide feedback functionality to registered users).

5. Data retention

  • Data remains stored until the questionnaire owner deletes it.
  • When a questionnaire is deleted, all associated questions, responses, and AI summaries are automatically removed.
  • No automatic expiry or anonymisation currently occurs.
  • Cookies persist for up to one year.
  • Auth0 tokens remain cached locally until you log out or clear storage.

6. Data sharing

  • OpenAI receives text of answers and prompts to produce summaries; processing occurs under their published privacy terms.
  • Google Analytics and Auth0 may collect standard usage information as independent controllers.
  • No personal data is sold or shared with any other third parties.

7. Your rights

Under GDPR, you may:

  • request a copy or deletion of your data,
  • withdraw consent at any time,
  • object to processing, or
  • file a complaint with the Agencia Española de Protección de Datos (AEPD).

Contact us at privacy@amplikind.ai for any request.

8. Hosting and security

The service is currently self-hosted in Spain. Data is stored on servers controlled by amplikind.ai and protected by standard technical measures (encrypted connections, restricted access). Future versions will migrate to ISO 27001-certified infrastructure as the project grows.