Controls & GDPR

See how Amondo complies with GDPR and what controls are available.

Overview

Amondo processes all personal data in accordance with the UK Data Protection Act 2018 and the UK and EU General Data Protection Regulation (GDPR). We apply strict data handling and access controls to protect user information and ensure lawful, fair and transparent processing.

Lawful basis for processing

Amondo only processes personal data where a lawful basis exists under Article 6 of the GDPR. The primary lawful bases used are:

  • Contractual necessity: to deliver services to customers and users.

  • Legitimate interests: to maintain and improve platform functionality, analytics and performance.

  • Consent: where users have actively provided consent, such as for communications or data submissions.

  • Legal obligation: where processing is required to comply with applicable law.

Data subject rights

Individuals whose data is processed by Amondo have the following rights under GDPR:

  • The right to access personal data held about them.

  • The right to request correction or deletion of inaccurate or unnecessary data.

  • The right to restrict or object to certain types of processing.

  • The right to data portability where applicable.

  • The right to withdraw consent at any time, without affecting prior lawful processing.

Requests related to these rights can be made through Amondo’s data protection contact channels. Amondo will respond to verified requests in accordance with GDPR timeframes.

Data minimisation and retention

Amondo collects and stores only the data required to provide and improve its services. Data is retained for as long as necessary to fulfil the purpose for which it was collected or as required by law. When data is no longer needed, it is securely deleted or anonymised.

Technical and organisational controls

Amondo maintains a combination of technical and organisational measures designed to ensure ongoing confidentiality, integrity, and availability of personal data. These include encryption, access control, employee training, and routine policy reviews in line with the principles of ISO 27001.

Data controller and processor roles

Depending on the context, Amondo may act as either:

  • Data Controller: when determining the purpose and means of processing, such as managing user accounts or customer relationships.

  • Data Processor: when processing data on behalf of a customer as part of platform operations or managed delivery services.

In both cases, Amondo applies the same data protection and security standards.

Data protection contact

For questions, data access requests, or GDPR-related concerns, contact: [email protected]

PreviousData ResidencyNextTakedowns

Last updated