Privacy Policy

Last updated: May 18, 2026

This Privacy Policy explains how Sammion collects, uses, shares and protects personal data when you visit our website or use the Sammion platform.

We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws. Please read this policy together with our Terms of Service.

1. Who we are

The Sammion platform is provided by [COMPANY_LEGAL_DETAILS]. In this policy, "Sammion", "we" and "us" refer to that company.

We act as the data controller for personal data about website visitors and account holders. For the data that our business customers store in the platform about their own users, employees and contacts, we act as a data processor — see "Data you control as our customer" below.

2. Personal data we collect

Depending on how you use Sammion, we may collect the following categories of personal data:

  • Account data — your name, email address, password and workspace details provided during registration.
  • Billing data — billing contact details, your selected plan, and payment information handled by our payment provider.
  • Content and customer data — the information you and your team enter into the platform, which may include personal data about your own contacts, customers and employees.
  • Communications — messages you send to our support team, and the email, SMS, chat and call content processed when you use the platform’s messaging features.
  • Usage and technical data — log data, the actions you take in the service, device and browser information, approximate location and IP address.

3. How we use personal data

We use personal data to:

  • provide, operate, maintain and improve the Sammion platform;
  • create and administer your account and process subscription payments;
  • respond to your enquiries and provide customer support;
  • keep the service secure, prevent fraud and abuse, and diagnose technical problems;
  • send service-related messages and, where permitted, information about features and offers;
  • comply with our legal obligations, including accounting, tax and record-keeping requirements.

4. Legal bases for processing

Under the GDPR we rely on the following legal bases: performance of a contract, when processing is necessary to provide the service you signed up for; our legitimate interests, such as securing and improving the service; your consent, for example for certain cookies or marketing messages; and compliance with a legal obligation.

Where we rely on consent, you may withdraw it at any time without affecting processing carried out before the withdrawal.

5. Cookies and similar technologies

We use cookies and similar technologies to keep you signed in, remember your preferences (such as your language), secure the service and understand how it is used.

You can control non-essential cookies through your browser settings or any cookie controls we provide. Disabling essential cookies may prevent parts of the service from working.

6. Sharing and service providers

We do not sell personal data. We share personal data only with the categories of recipients listed below, and our service providers may process it solely on our instructions and under appropriate confidentiality and data protection terms:

  • service providers (sub-processors) acting on our behalf — for example payment processing, email, SMS and messaging delivery, AI features, analytics, customer support and cloud hosting;
  • competent authorities or other third parties where disclosure is required by law or necessary to establish, exercise or defend legal claims;
  • a successor organisation in connection with a merger, acquisition or other business transfer, subject to the protections of this policy.

7. International data transfers

Sammion and our service providers may process personal data in countries outside your own, including outside the European Economic Area.

Where personal data is transferred internationally, we rely on appropriate safeguards, such as the European Commission’s Standard Contractual Clauses, so that it remains protected.

8. How long we keep data

We retain personal data for as long as your account is active and for as long as needed to provide the service.

After your account is closed we delete or anonymise personal data within a reasonable period, unless a longer retention period is required by law (for example for accounting records) or to resolve disputes. Some content, such as logs, is retained only for a short period unless a corresponding add-on extends it.

9. How we protect data

We use technical and organisational measures to protect personal data, including encryption in transit, access controls and the option of field-level encryption for sensitive data.

No method of transmission or storage is completely secure, but we work to protect personal data and to detect and respond to incidents appropriately.

10. Your privacy rights

Subject to applicable law, you have the rights listed below. To exercise them, contact us using the details in the "Contact us" section; we may need to verify your identity. You also have the right to lodge a complaint with your local data protection authority.

  • Access — obtain a copy of the personal data we hold about you.
  • Rectification — have inaccurate or incomplete data corrected.
  • Erasure — have your personal data deleted in certain circumstances.
  • Restriction and objection — limit or object to certain processing.
  • Portability — receive certain data in a structured, commonly used format.
  • Withdrawal of consent — where processing is based on consent.

11. Data you control as our customer

When you use Sammion as a business customer, you decide what personal data you enter into the platform about your own users, employees and contacts. For that data you are the data controller and Sammion acts as your data processor.

We process such data only to provide the service and according to your instructions and our agreement with you. You are responsible for having a lawful basis for the data you store and for informing your own data subjects. For business customers we can enter into a separate data processing agreement (DPA).

12. Children’s privacy

Sammion is a business tool and is not directed to children. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can remove it.

13. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes we will update the date shown on this page and, where appropriate, notify you through the service. Please review this page periodically.

14. Contact us

If you have questions about this Privacy Policy or how we handle personal data, contact us at [PRIVACY_EMAIL].