Privacy Policy
1. Introduction
Welcome to Amoringo (“we”, “us”, or “our”). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect information about you when you visit our website at https://amoringo.com/ or use any of our services (collectively, the “Service”).
This policy is designed to comply with the General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK GDPR), the California Consumer Privacy Act (CCPA), and other applicable international privacy laws.
By using our Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please discontinue use of the Service.
2. Definitions
For the purposes of this Privacy Policy:
- Personal Data means any information relating to an identified or identifiable natural person.
- Data Controller means the entity that determines the purposes and means of processing personal data. For this Service, the Data Controller is Amoringo.
- Data Processor means any entity that processes personal data on behalf of the Data Controller.
- Processing means any operation performed on personal data, including collection, storage, use, or deletion.
- Data Subject means any individual whose personal data is being processed.
- Consent means any freely given, specific, informed, and unambiguous indication of agreement to the processing of personal data.
3. Information We Collect
We collect only the minimum personal data necessary to provide and improve our Service. The categories of data we may collect include:
- Contact Information: First name, last name, and email address — collected when you subscribe to our newsletter or contact us.
- Technical Data: IP address, browser type, operating system, referring URLs, and approximate geographic location — collected automatically when you visit the website.
- Usage Data: Pages visited, time spent on pages, click paths, and interaction data — collected via our analytics platform in anonymised or pseudonymised form.
- Cookie Data: Preferences and session identifiers stored via cookies. See our Cookies Policy (Section 7) for more information.
We do not knowingly collect sensitive personal data (e.g. health data, financial data, or government identification numbers).
4. How We Use Your Information
We use your personal data for the following purposes:
- To deliver and maintain our Service.
- To send you newsletters and marketing communications you have consented to receive.
- To respond to enquiries and support requests.
- To analyse website usage and improve performance and user experience.
- To comply with legal obligations.
- To detect and prevent fraud, abuse, or security incidents.
We will not use your data for purposes incompatible with those listed above without your prior consent.
5. Newsletter and Email Marketing (MailerLite)
If you subscribe to our newsletter, we collect your name and email address for the purpose of sending you updates, announcements, and other communications related to Amoringo.
Service Provider — MailerLite: Our newsletter and email marketing services are managed by MailerLite (MailerLite Limited, Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593, Ireland). MailerLite acts as a Data Processor on our behalf and processes your data in accordance with their Privacy Policy.
Double Opt-In: Where required by law or where we deem it appropriate, we use a double opt-in process. This means that after submitting your email address, you will receive a confirmation email and your subscription will only be activated once you click the confirmation link.
Your rights: You may withdraw your consent and unsubscribe from our mailing list at any time. See Section 14 for details.
Your subscription data is stored securely by MailerLite and is not used for any purpose other than sending you the communications you have consented to receive.
6. Analytics and Tracking Technologies (Matomo)
We use Matomo (formerly Piwik), an open-source web analytics platform, to understand how visitors interact with our website and to improve our Service.
Data minimisation: Matomo is configured to anonymise IP addresses before they are stored. This means your full IP address is never recorded. Where possible, Matomo is operated in a cookieless or consent-respecting mode to further minimise data collection.
Data collected by Matomo may include:
- Anonymised IP address
- Browser type and version
- Operating system
- Pages visited and time of visit
- Referrer URL
- Approximate geographic location (country/city level)
Matomo analytics data is processed for the legitimate purpose of understanding aggregate website usage. We do not use Matomo to build individual user profiles or for targeted advertising. Analytics data may be stored on our own servers or on servers managed by Matomo Cloud (InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand).
7. Cookies Policy
Cookies are small text files placed on your device by websites you visit. They are widely used to make websites function correctly and to provide reporting information.
Types of cookies we may use:
| Cookie Type | Purpose |
|---|---|
| Strictly Necessary | Essential for the website to function (e.g. session management). Cannot be disabled. |
| Analytics | Used by Matomo to collect anonymised usage statistics. |
| Preference | Used to remember your settings and choices. |
| Marketing | We do not currently use marketing or advertising cookies. |
Managing cookies: You can control and delete cookies through your browser settings. Most browsers allow you to refuse cookies entirely, delete existing cookies, or be notified when a new cookie is set. Please note that disabling certain cookies may affect the functionality of our Service.
Where required by law, we obtain your consent before placing non-essential cookies on your device, via our cookie consent banner.
8. Legal Basis for Processing Personal Data (GDPR)
For users in the EU and UK, we rely on the following legal bases under Article 6 of the GDPR:
- Consent (Art. 6(1)(a)): When you subscribe to our newsletter or accept non-essential cookies. You may withdraw consent at any time.
- Contract Performance (Art. 6(1)(b)): When processing is necessary to deliver a service you have requested.
- Legitimate Interests (Art. 6(1)(f)): For website analytics (in anonymised form), fraud prevention, and improving our Service, where these interests are not overridden by your rights and freedoms.
- Legal Obligation (Art. 6(1)(c)): When processing is required to comply with applicable law.
9. Data Sharing and Third-Party Services
We do not sell, rent, or trade your personal data. We may share your data with:
- MailerLite — for email delivery and newsletter management (Data Processor).
- Matomo — for anonymised website analytics (Data Processor, where cloud-hosted).
- Hosting and infrastructure providers — for operating our website and services.
- Legal authorities — where required by law, court order, or to protect our legal rights.
All third-party providers are contractually required to handle your data in accordance with applicable data protection laws, and we ensure appropriate safeguards are in place, including Data Processing Agreements (DPAs) where required.
10. Data Retention
We retain your personal data only for as long as necessary for the purposes described in this policy:
- Newsletter data: Retained for as long as you remain subscribed. Deleted within 30 days of unsubscription upon request.
- Analytics data: Retained in anonymised or aggregated form for up to 13 months, after which it is deleted or further anonymised.
- Contact enquiries: Retained for up to 2 years from the date of last contact.
- Cookie data: Retained for the duration specified when each cookie is set (see your browser settings for details).
When data is no longer required, it is securely deleted or anonymised.
11. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These measures include:
- Encryption in transit (HTTPS/TLS) for all communications.
- Access controls limiting data access to authorised personnel only.
- Regular security reviews of our systems and processes.
- Use of reputable, security-audited third-party processors.
No method of transmission over the internet is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee its absolute security.
12. International Data Transfers
Your data may be transferred to and processed in countries outside the European Economic Area (EEA) or the UK. Where such transfers occur, we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- UK Addendum to SCCs, where applicable.
- Transfers to countries with an adequacy decision from the European Commission or the UK ICO.
MailerLite operates under EU adequacy frameworks and has appropriate transfer mechanisms in place. For more information, please refer to their privacy documentation.
13. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data:
For EEA and UK residents (GDPR / UK GDPR):
- Right of Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure (“Right to be Forgotten”): Request deletion of your data under certain circumstances.
- Right to Restrict Processing: Request that we limit processing of your data.
- Right to Data Portability: Receive your data in a structured, machine-readable format.
- Right to Object: Object to processing based on legitimate interests.
- Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing.
- Right to Lodge a Complaint: You have the right to lodge a complaint with your national supervisory authority (e.g. the ICO in the UK, or your country’s Data Protection Authority in the EU).
For California residents (CCPA):
- Right to know what personal information is collected.
- Right to request deletion of personal information.
- Right to opt-out of the sale of personal information (we do not sell personal data).
- Right to non-discrimination for exercising your privacy rights.
To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days (or as required by applicable law).
14. How to Withdraw Consent / Unsubscribe
You may withdraw your consent or unsubscribe from communications at any time:
- Newsletter: Click the “Unsubscribe” link included at the bottom of every email we send.
- Cookies: Adjust your browser settings or interact with our cookie consent banner to withdraw consent for non-essential cookies.
- All marketing: Contact us directly at [email protected] to opt out of all marketing communications.
Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
15. Children’s Privacy
Our Service is not directed to children under the age of 16 (or such higher age as required by local law). We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at [email protected] and we will take steps to delete it promptly.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make significant changes, we will update the “Last updated” date at the top of this page and, where appropriate, notify you by email or via a notice on our website.
We encourage you to review this policy periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.
17. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:
Amoringo Website: https://amoringo.com/ Email: [email protected]
We aim to respond to all privacy-related enquiries within 30 days.