Privacy Policy
Last Updated: 7 July 2026
Purpose, Scope, and Users
- This notice explains what personal data Amphora collects from visitors to our public web sites (for example https://www.amphora-research.com), why we collect it, and the rights visitors have. It provides the information required by Articles 13 and 14 of the UK GDPR.
- It is intended for website visitors and is linked from the footer of our public web sites.
- It covers our public web sites only. If your organisation is an Amphora customer and you use our systems or support desk, see our Customer Privacy Notice. If you work for Amphora or have applied to work for us, see our Employee & Applicant Privacy Notice.
Who We Are
Amphora Research Systems Ltd ("Amphora", "we", "us") is the data controller for the personal data described in this notice.
- Registered office: 3 Darby Vale, Bracknell, Berkshire, RG42 2PJ, United Kingdom.
- Registered with the Information Commissioner's Office (ICO), registration number Z2192553.
- Contact for anything in this notice: hello@amphora-research.com.
What We Collect, and Why
We deliberately keep the data we collect from website visitors to a minimum. There are only two kinds:
Website analytics
We use Umami, a privacy-focused analytics tool that we host on our own servers, to understand how our web sites are used. Umami records:
- Pages viewed, time spent on pages, and the referring site;
- Browser type, operating system and device type;
- An anonymised IP address.
All analytics data stays on Amphora's own servers. It is never shared with third parties, is not used for cross-site tracking or advertising, and is not used to identify individual visitors. Our lawful basis is our legitimate interest in understanding and improving our web sites.
A cookie banner on the site lets you manage your preferences.
When you contact us
If you email us, fill in a contact form, or book a meeting with us (through our scheduling provider, Calendly), we hold your name, your email address and our correspondence with you, so that we can respond and follow up. This is recorded in our CRM system. Our lawful basis is our legitimate interest in responding to enquiries about our products and services.
We do not buy marketing lists, and we do not sell, trade or share your personal data with third parties for marketing purposes.
Who We Share It With
We share personal data only with the service providers that process it on our behalf under contract - our CRM provider (Close) and our scheduling provider (Calendly). They may act only on our instructions and must keep the data confidential and secure.
International Transfers
Our CRM provider is based in the United States. That transfer is safeguarded by contractual clauses recognised under Article 46 of the UK GDPR (EU Standard Contractual Clauses with the UK International Data Transfer Addendum). Analytics data does not leave Amphora's own servers.
Retention
- Contact details and correspondence from enquiries are retained for 10 years, in line with our Data Inventory & Records Retention register.
- Aggregated analytics data is retained indefinitely for statistical analysis; it contains no personal identifiers.
Your Rights
Under the UK GDPR you have the right to request access to, correction of, or erasure of your personal data, to object to or restrict our processing of it, and to data portability. To exercise any of these rights, email hello@amphora-research.com. Requests are handled under our Subject Access Request policy and answered within 30 days.
You also have the right to complain to the Information Commissioner's Office, the UK supervisory authority for data protection.
Changes to This Notice
We may update this notice from time to time. The "Last Updated" date at the top of this page shows when it last changed. This notice is a controlled document in Amphora's Quality Management System, and earlier versions are retained in our document control system.