amatra.ai

Privacy Policy

Effective Date: 01-Jan-2025

Last Updated: 17-Mar-2025

Introduction

We are committed to protecting your privacy and ensuring that your personal data is handled securely and responsibly. This Privacy Policy explains how we collect, use, store, and protect your information.

AMATRA LTD is a global software company building AI-powered systems for athlete recovery.

Amatra Ltd and its affiliates, successors and assigns are referred to as "Amatra," "we," "us," and "our."

Our current arsenal comprises (our "Products and Services"). Please note all Products and Services may not be available in your region. We request you to check with our customer care the availability of our products in your region.

  • Amatra Platform
  • Amatra Athlete App (not currently live)

Information We Collect

What we mean by data/personal information:

Your data essentially falls into either of the 4 buckets, mentioned below, depending on your interaction with the Amatra platform (the "Platform"), the Amatra athlete app (the "App") the Amatra website (the "Website") and/or our Products and Services (as defined above):

  • Biometric Data: From wearables such as Whoop (with consent).
  • Behavioral & Wellness Data: Gathered through wellness questionnaires and from wearables (with consent).
  • Personally Identifiable Information (PII): Including name, email, date of birth, phone number, and email address.
  • Other Information: Any other information needed for the provision of our Products and Services, collected with the user's consent.

How We Use Your Data

1. Service Delivery and Contractual Obligations:

  • To deliver our Products and Services, provide access to features, and fulfill our contractual obligations.

2. Customer Support and Communication:

  • To address your feedback, requests, queries, issues, complaints, and other customer care activities.
  • To communicate with you about your account, activities on our Products and Services, and Privacy Policy changes.
  • To push transactional, marketing, and other product and service related notifications and newsletters.
  • Contacting you (including via marketing emails) to provide information on existing or new products and services, features, special promotions or offers, both of Amatra and affiliates as well as third-party offers or products with whom we have a tie-up and which are relevant to use of the Products or Services. You may choose to opt-out of receiving promotional emails at any time via the “Unsubscribe” link in every such promotional email communication. Once you unsubscribe, we will no longer send you promotional/marketing emails however you will continue to receive servicing and transactional emails.

3. Product Improvement and Development:

  • For research, analysis, and case studies to develop and improve Products and Services.
  • To develop machine learning algorithms and tools to improve targeting of Products and Services, and other products and services we offer you, with your consent.
  • Creating insights for corporate / business strategy and marketing operations.

4. Personalization and Recommendations:

  • To provide recommendations to customize or tailor your experience of the Products and Services.
  • Offering you personalised services and targeted advertisements of our healthcare and wellness plans and offering you customised health insights.

5. Technical and Administrative Functions:

  • For technical administration and customization of Products and Services, and other general administrative and business purposes.
  • Diagnosing technical glitches.
  • To enable secure access to third-party integrations (e.g., Whoop API).

6. Data Analysis and Security:

  • For performing data analysis and testing, processing of statistics for advertising, affiliate marketing, and analytics.
  • Create unified squad and athlete profiles with analytics and insights generated through processing your information.
  • To investigate fraud or abuse.
  • Carrying out audits and ensuring internal quality control and safety.
  • Measuring interest and engagement in our Products and Services, including analysing your usage of the Products and Services.

7. Legal Compliance and Dispute Resolution:

  • To comply with the law and respond to legal requests.
  • Investigating, enforcing and resolving any disputes or grievances.

8. De-identified and Aggregated Data:

  • To create de-identified and/or aggregated information. De-identified and/or aggregated information is not personal information, and we may use and disclose such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes.
  • To use statistical information in any way permitted under law, including from Third-Parties in connection with commercial and marketing efforts.

9. General Consent:

  • For any other purpose or way that is clearly disclosed to you at the time you provide personal information or with your consent.

Data Storage

  • PII DATA PROCESSING: Data is accessed using athlete IDs rather than PII within our systems, except when displayed on team dashboards.
  • INTERNATIONAL DATA TRANSFER AND STORAGE: You agree that information collected may be stored and processed in any country including United States, where we rent servers, or where we or our affiliates, subsidiaries, or agents maintain facilities in order to provide Products and Services, and by accessing, registering for, or using the Products and Services, you consent to any such transfer of Information. We may transfer your information to third-parties acting on our behalf, for the purposes of storage such as including Supabase and Google Cloud in the United States. You authorise us to transfer, store, and use your information in any country where we operate. Some of these countries may have different privacy and data protection laws and rules from those in the country where you live. If you do not agree to the transfer, storage and use of your information in any other country where we operate, please do not use our Platform, the Products and Services.
  • DATA RETENTION: We keep your information only for as long as necessary to provide you with our Products and Services or as may be required under any applicable law. We store your information for lawful purposes only. We may keep de-identified data for research and statistical purposes for a longer period. If you close your User Account, we have no obligation to retain your data, and we may delete any or all of your data without liability. However, we may retain data related to you if we believe it may be necessary to prevent fraud or future abuse, or if required by law, or for other legitimate purposes. If you have elected to receive marketing communications from us, we will retain Information about your marketing preferences for a reasonable period of time, which will be determined by us based on the date you last expressed interest in our content, Platform, Products and Services.

Compliance & Security

  • DATA SERVICES: All data storage, management and transfer services/providers we use (Supabase and Google Cloud) are SOC2 compliant and follow stringent security protocols. Our services/providers ensure that data is encrypted at rest (AES-256) and in transit (TLS encryption).
  • DATA BREACH: In the event we become aware that the security of the Platform, Products or our Services has been compromised or your information has been disclosed to unrelated third-parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website, and where required, send you an email. If for any reason, you have a reason to believe that your information shared with us is no longer secure, you may contact us via our e-mail address at info@amatra.ai.

Data Sharing

There are certain circumstances in which we may share your information with certain third-parties without further notice to you, as set forth below:

SERVICE PROVIDERS:

  • We may share any information we collect about you with our third-party service providers. The categories of service providers to whom we entrust personal information include service providers for: (i) the provision of the Products and Services; (ii) the provision of information, products, and other services you have requested; (iii) marketing and advertising; (iv) payment and transaction processing; (v) customer service activities.

BUSINESS PARTNERS:

  • We may provide personal information to business partners with whom we jointly offer products or services.
  • Also, where you have been referred to use our Products and Services by our business partners such as gyms and other B2B partners, we may share your data with them upon their request subject to informing you via email prior to sharing data with them.
  • Where we share your data with third-parties, they may use it for their business purposes and data in their possession will be governed by such third-party’s privacy policy.

BUSINESS AFFILIATES:

  • We may share information with our affiliated entities.
  • At your request and with your explicit consent, we may collect health data from you on behalf of a third-party telemedicine provider, for the limited purposes consented to by you. Any data shared or transferred between us and a third-party telemedicine provider will be subject to strict network- and software-security protocols designed to ensure the safety of your data.
  • We may also display to you, at your request and through the Platform, health data from third parties that you have consented to share with us.

ADVERTISING PARTNERS:

  • We do not share your information to advertise any third party’s products or services via the Products and Services. We may use and share your information with third-party advertising partners to market our own Products and Services and grow our Products and Services’ user base, such as to provide targeted marketing about our own Products and Services via third-party services.

Miscellaneous

LEGAL DISCLOSURE:

  • We may access, preserve, and disclose any information we store in association with you to external parties if we, in good faith, believe doing so is required or appropriate to: (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) protect your, our, or others’ rights, property, or safety; (iii) enforce our policies or contracts; (iv) collect amounts owed to us; or (v) assist with an investigation and prosecution of suspected or actual illegal activity.

IN THE EVENT OF MERGER, SALE, OR OTHER ASSET TRANSFER:

  • If we are involved in a merger, acquisition, financing due diligence, reorganisation, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

DATA SHARING EXCLUSIONS:

  • All Unsolicited/ Public Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, and distribute such Unsolicited/Public Information to others without limitation or attribution. Anonymised, aggregated data may be shared with advertisers, research firms, and other partners.

User Rights

DATA ACCESS:

We recognize that both Athletes and Teams interact with our platform in different ways, and their data privacy is handled accordingly.

  • Athletes: Athletes own their personal data and have full rights to access, modify, and manage the data related to their individual performance and health metrics.
  • Teams & Authorized Staff: Authorized team staff (e.g., head of performance, analysts, medical staff) can access data only for the athletes they are responsible for. Their access is restricted based on team structures and predefined roles.

User Rights (GDPR Compliance)

  • Right to Access: Users can request to see the personal data stored about them.
  • Right to Modification: Users can request corrections to inaccurate or incomplete data.
  • Right to Deletion (Right to be Forgotten): Users can request deletion of their personal data under certain conditions.
  • Right to Data Portability: Users can request their data in a structured, commonly used format.
  • Right to Object: Users can object to data processing in specific cases, such as direct marketing.

DATA-SHARING PERMISSIONS: Athletes can revoke data-sharing permissions with their teams. Where you have consented to the processing of your information, you may withdraw that consent at any time by contacting us. Even if you opt out, we may still collect and use non-personal information regarding your activities on our Platform and Services and for other legal purposes as described above.

DATA DELETION: If you would like to request the deletion of your data from our systems, please contact us at info@amatra.ai. We will make every reasonable effort to fulfill your request in accordance with applicable data protection laws. Certain data may be retained for a period required by law, our legitimate business purposes, or as necessary to fulfill contractual obligations. We may retain anonymized or aggregated data that does not personally identify you for analytical and reporting purposes. We will notify you once your data deletion request is processed. If there are any challenges or exceptional circumstances that may affect the processing time, we will communicate these issues to you promptly.

Contact Information

For any privacy-related inquiries, contact us at info@amatra.ai.