Privacy Policy

v 1.0

April 11, 2021

The privacy of your data is very important to us. In this policy, we lay out some key points related to your data - such as - how your data is handled; your rights to your data; what data is collected etc.

We never sell your data - our apps are not built for that purpose.

This policy applies to all products built and maintained by AmatyaNet LLC including Kamma CRM (all versions), Metta EHR (all versions) and STEMify.  

What information we collect and the reasons

Our basic principle is to collect only what we need. Here’s what that means in practice:

Identity & access

When you sign up for a AmatyaNet product, we typically ask for identifying information such as your name, email address, and maybe a company name. This information is used to uniquely identify an account with our products, for communication and billing purposes. We do not store any passwords in our product database. We solely rely on Google and Facebook sign on, and use your profile’s publicly available data and identifying email associated with your account.

We’ll never sell your personal info to third parties, and we won’t use your name or company in marketing statements without your permission either.

Billing information

When you pay for an AmatyaNet product, we might ask for your credit card and billing address. This information is used to charge you for the services, calculate taxes (if any)  and send you invoices. Mostly you can pay us through payment processors like PayPal or Google Pay or through a check - and hence the payment information doesn’t even go through our product or servers. In case, our product collects your credit card information, it is directly passed to a third party payment processor, and again, is not stored in our product database.

We might store a record of the payment transaction, including the last 4 digits of the credit card number and as-of billing address, for account history, invoicing, and billing support. We store your billing address to calculate any sales tax due in the United States or VAT in the EU, to detect fraudulent credit card transactions, and to print on your invoices.

Website interactions

When you browse our marketing pages or applications, your browser automatically shares certain information such as which operating system and browser version you are using. We track that information, along with the pages you are visiting, page load timing, and which website referred you for statistical purposes like conversion rates and to test new designs. We sometimes track specific link clicks to help inform some design decisions.

Cookies

We might use persistent first-party cookies to store certain preferences. This is for the purposes of making it easier for you to use our product.

Voluntary correspondence

When you write to AmatyaNet with a question or to ask for help, we keep that correspondence, including the email address, so that we have a history of past correspondences to reference if you reach out in the future.

We also store any information you volunteer like surveys. Sometimes when we do customer interviews, we may ask for your permission to record the conversation for future reference or use. We only do so if you give your express consent.

Information we do not collect

We do not collect data such as:

Your profile picture, if any, is captured from your Google or Facebook profile and only a link to that picture is stored in our database. We do not store the image itself or extract any information out of it.

Although we do not collect personal information such as age, sex, religon, race - you have the option to collect this information from/for your own clients, for your own use and analysis and to better serve your customers.  

When we might access and share your information

We do not access your information, unless one of the following happens:

Support & troubleshoot Issues

We might access your account to help you provide support and troubleshoot an issue. We will ask for your consent.

Action against restricted uses

Accessing a customer’s account when investigating potential abuse in rare cases is possible and we do that as a last resort. Privacy and safety of both our clients as well parties reporting the abuse is important to us and we do best to balance the responsibilities.  

Required by applicable law

AmatyaNet LLC is a US company and all data infrastructure is located in the US. If US law enforcement authorities have the necessary warrant, criminal subpoena, or court order requiring us to share data, we have to comply. Otherwise, we flat-out reject requests from local and federal law enforcement when they seek data. And unless we’re legally prevented from it, we’ll always inform you when such requests are made.

If AmatyaNet receives a request to retain data, we refuse unless compelled by either the US Federal Stored Communications Act, 18 U.S.C. Section 2703(f) or a properly served US subpoena for civil matters. In both of these situations, we have to comply. In these situations, we notify affected customers as soon as possible unless we are legally prohibited from doing so.

If we are audited by a tax authority, we may be required to share billing-related information. If that happens, we only share the bare minimum needed such as billing addresses and tax exemption information.

Your right to your information

We strive to provide the same data privacy to all our customers no matter where they are in the world. As stated above, unless required, we do not look into your data for any commercial use or for third-party selling.

We understand some countries and US states have a higher privacy protection regulations - such as:

AmatyaNet recognizes all of the rights granted in these regulations, except as limited by applicable law.

Please follow these links for more details about these rights:

GDPR

https://gdpr.eu/

CCPA
https://oag.ca.gov/privacy/ccpa

If you have questions about exercising these rights or need assistance, please contact our support team.

How we secure your data

All data is encrypted via SSL/TLS when transmitted from our servers to your browser. The database backups, where applicable and required, are encrypted.

Most data stored in our databases is not encrypted, but we follow industry practices to keep your data secure.

It will be good to clarify -

Deleted account data

You have the option to delete all your account data. We do backups regularly. Usually within 30 - 60 days, all data is permanently purged - even from backups.

Location of site and data

Our products and other web properties are operated in the United States. If you are located in anywhere other than the United States, the data you provide is stored and transferred in the United States.

By using our website, applications and services, you consent to this transfer.

Updates to this policy

We may update this policy as needed to comply with relevant regulations and reflect any new practices.

If you have any questions, comments, or concerns about this privacy policy, your data, or your rights with respect to your information, please get in touch by emailing us at info@amatya.net.