Amity’s GDPR Commitment

At Amity Corporation Ltd. (referred to as “Amity”), we are fully committed to being compliant, where applicable, with the provisions of the General Data Protection Regulation (referred to as “GDPR”) and to help our customers and users to understand this regulation. Hence, the goal of this GDPR Commitment is to explain what steps we took – and what we will take in the future – to ensure and maintain a secure and compliant environment for our customers and users under GDPR.

GDPR went into effect on May 25, 2018, with the goal of further regulating and strengthening the privacy rights of EU citizens. It is the most comprehensive privacy regulation ever adopted in the European Union.

GDPR sets out standards to comply with for all the organizations that collect and/or process Personal Data (i.e. all the information relating to an identified or identifiable natural person) and ensures full transparency throughout the collection and/or processing of such Personal Data.

1) Why Amity is GDPR compliant

Please find below the measures that we have taken to guarantee our compliance with GDPR:

Policy Reviews and Updates

We’ve updated our Terms and Policies according to GDPR provisions. Indeed, as set forth in GDPR, our new Privacy Policy guides you through all the data we collect, use and disclose, and explains to you in detail how we collect, use and disclose it. Importantly, any customer or user can always modify the data we collect. You can ask us to remove your Personal Data simply by sending us an email at legal@amity.co In any case, please have a look at our Privacy Policy at the following link (https://www.amity.co/privacy-policy). Kindly note that you always have rights in relation to your Personal Data as set forth in  the GDPR provisions.

Investments in Security Infrastructure and Certifications

Amity is committed to always guarantee to its customers and users the best technical and organizational measures to protect their Personal Data against unauthorized disclosure or access and / or accidental or unlawful destruction or alteration. To this end, we have highly invested in building up a solid security infrastructure to ensure the best protection possible of your Personal Data. ( You can find more details on our security infrastructure and certification in paragraph no. 3 below).

Partnering only with Third-Parties that Meet our Requirements

We are committed to cooperate and work exclusively with partners who are 100% GDPR compliant, and have updated their terms and policies according to its provisions.

2) Our Certifications and Security Infrastructure

Obviously, your privacy is extremely important to us, and we have invested time and resources in guaranteeing to our customers and users the highest standards of security.

Our security protocols are aligned to the ISO/IEC 270001 standards and are regularly assessed by third party auditors and customers. All data going through Amity is encrypted both in-transit and at-rest. Data in-transit is always encrypted with the latest TLS 1.2 protocol, a security protocol widely known and used for encryption of personal information in the e-commerce and banking industries. Qualys Grade A+ compliance report of Amity servers.

Data at rest is encrypted via AES-256 encryption before being stored. AES-256 currently offers the highest level of encryption of any standard and it is widely used by both banks and government agencies around the world to protect sensitive information. For user generated content such as messages or files, Amity will use a unique encryption key for every individual piece of content. The encryption keys are then encrypted a second time using a separate encryption key, and stored in a special key management server, on a seperate network, in order to add an additional layer of security.

Amity’s servers are hosted with Amazon Web Services (AWS) in their London, Singapore, and North Virginia regions. AWS is a global data center & cloud computing provider with secure locations all over the world. Amity’s data centers are SSAE16 SOC1 / SOC2 / SOC3 and ISO 270001 compliant. This means our physical servers all have 24/7 video surveillance, biometric locks, and strict personnel access controls.

Your Opinion Matters

Should you have any question that was not addressed so far, or should you simply wish to better understand how Amity deals with your Personal Data or, in general, your rights under GDPR, please please feel free to email us at legal@amity.co.