Last updated
June 2026
Amy On Bera Ltd ("Amy," "we," "us" or "our") operates the Amy app and website. This Privacy Policy explains how we collect, use, store and share your personal data when you use Amy.
Amy is a UK software company. We take your privacy seriously.
1. Who we are
Amy On Bera Ltd
Company number
17260558
Registered office
Available from Companies House.
Amy On Bera Ltd is the data controller for personal data processed through the Amy app and website.
If you have questions about this policy, contact: theteam@amyonbera.com
2. What data we collect
We collect only the data we need to provide the Amy app and its features.
Data you provide directly
Account data — email address, display name, account login details
Profile data — profile picture, customisation choices, display preferences
Communication data — if you contact support, we keep a record of your query and our response
Transaction history — records of payment requests, raffle entries, point transactions and other in-app activity (but not your bank details, payment card details or wallet private keys)
Data collected automatically
Usage data — app features used, pages visited, interaction timestamps
Device data — browser type and version, operating system, device type
Analytics data — anonymised or pseudonymised usage patterns to help us improve the app
Data from connected wallets
When you connect a wallet to Amy, we collect:
Your wallet address
Your AMY balance and tier (for feature unlocking and badge purposes)
We cannot access, move or control assets in your connected wallet. The connection is read-only for dashboard and rewards purposes.
Data from third-party providers
Where a feature uses a third-party provider, Amy does not receive your KYC documents, identity data or payment card details from that provider.
Amy may receive a status indicator (e.g. "verified" or "not verified") from the provider if it is needed to show feature availability in the app.
3. What data we do NOT collect
Amy does not intentionally request sensitive personal data such as health, religion, political opinions or biometric data.
Amy also does not collect:
- Your bank account numbers or sort codes
- Your payment card numbers
- Your wallet private keys, seed phrases or passwords
- Your KYC documents or identity verification photos
- Biometric data
- Your precise location (we may infer a general region from your IP address for country availability purposes)
4. How we use your data
We use your data to:
- Provide and maintain the Amy app and its features
- Show you your rewards, points, badges, leaderboard position and transaction history
- Route payment requests to the appropriate provider where enabled
- Process raffle entries and reward distributions where active
- Calculate points, multipliers and badge progress
- Detect and prevent abuse, fraud or misuse of the app
- Improve the app based on usage patterns
- Respond to support queries
- Comply with legal obligations
5. Legal basis for processing (UK users)
Under UK data protection law, we process your data on the following bases:
Contract performance — to deliver the Amy app features you sign up for
Legitimate interests — to improve the app, prevent abuse and administer rewards
Consent — where we ask for your permission for specific processing (e.g. analytics cookies)
Legal obligation — where we are required to retain or disclose data by law
6. Who we share your data with
We share data only where necessary to provide the app and its features:
Third-party providers — where a provider-powered feature is enabled, limited data (wallet address, transaction reference) may be shared with that provider to process the transaction. We do not share your email, KYC data or payment card details with providers unless you provide them directly to the provider.
Service providers — companies that help us run the app (hosting, analytics, customer support tools). They process data only on our instructions.
Legal authorities — if required by law, court order or regulatory request.
We do not sell your personal data to anyone.
7. Data retention
We keep your data only as long as needed:
Account data — retained while your account is active, and up to 6 years after account closure (for legal and accounting purposes)
Transaction data — retained for up to 6 years for record-keeping
Usage data — retained in aggregated or pseudonymised form for up to 2 years
Support communications — retained for up to 3 years after resolution
You can request deletion of your data earlier by contacting us, subject to legal retention requirements.
8. Your rights
Under UK data protection law, you have the right to:
Access — request a copy of the personal data we hold about you
Rectification — ask us to correct inaccurate data
Erasure — request deletion of your data where legally permitted
Restriction — ask us to limit processing of your data
Portability — request your data in a machine-readable format
Objection — object to processing based on legitimate interests
To exercise any of these rights, contact: theteam@amyonbera.com
We will respond within one month (extendable by two months for complex requests).
You also have the right to complain to the Information Commissioner's Office (ICO) if you believe we have not handled your data properly: https://ico.org.uk
9. Children's data
Amy is not designed for or directed at children under 18. We do not knowingly collect data from children under 18. If we become aware that a child under 18 has provided us with personal data, we will delete it.
10. Cookies and tracking
Amy uses essential cookies to operate the app (e.g. session management, authentication).
We may use analytics tools (e.g. anonymised usage tracking) to understand how the app is used. Where these are not strictly essential, we will ask for your consent or provide an opt-out.
You can manage cookie preferences in your browser settings.
11. Data security
We take reasonable technical and organisational measures to protect your data against unauthorised access, loss or misuse. These include encryption in transit, access controls and regular security reviews.
However, no online service is completely secure. You are responsible for keeping your account credentials secure.
12. International data transfers
Your data is stored in the United Kingdom and the European Economic Area (EEA). Where data is transferred to providers or service providers in countries outside the UK and EEA, we ensure appropriate safeguards are in place (such as UK International Data Transfer Agreements or equivalent mechanisms).
13. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be notified through the app or by email.
The "Last updated" date at the top of this page shows when the policy was last changed.
14. Contact
Data controller
Amy On Bera Ltd
Company number
17260558
Contact
theteam@amyonbera.com
If you have concerns you believe we have not resolved, you can contact the Information Commissioner's Office: https://ico.org.uk
