Privacy Policy

1. Information We Collect

We collect information you provide directly when using AMS Platform, including:

• Account information (name, email, organization, phone number)
• Membership and billing data (payment methods, transaction history)
• Documents uploaded for AI processing (CNIC, NTN, invoices, MoUs)
• Communication data (chat messages, forum posts, event registrations)
• Usage analytics (pages visited, features used, session duration)

2. How We Use Your Information

We use collected information to:

• Provide and improve AMS Platform services
• Process membership applications, renewals, and billing
• Power AI document intelligence (OCR, translation, classification)
• Send relevant notifications and communications
• Ensure platform security and prevent fraud
• Comply with legal obligations in Pakistan and applicable jurisdictions

3. Data Residency & Storage

All data is stored on secure servers with Pakistan data residency as the default. Enterprise clients may opt for on-premise deployment. Data is encrypted at rest (AES-256) and in transit (TLS 1.3).

4. Third-Party Sharing

We do not sell your personal data. We share data only with:

• Payment processors (PayFast, JazzCash, Easypaisa, Stripe) for billing
• AI processing partners for document intelligence (under strict data processing agreements)
• Law enforcement when legally required

5. Your Rights

You have the right to:

• Access and download your personal data
• Request correction of inaccurate data
• Request deletion of your data (subject to legal retention requirements)
• Opt out of non-essential communications
• Data portability in standard formats

6. Cookies & Tracking

We use essential cookies for authentication and session management, and analytics cookies (anonymized) to improve user experience. You can manage cookie preferences through your browser settings. See our Cookie Policy for details.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Financial records are retained for 7 years per FBR requirements. Upon account deletion, personal data is removed within 30 days unless legal retention applies.

8. Security

We implement industry-standard security measures including encryption at rest and in transit, regular security audits, penetration testing, and 24/7 monitoring. We are pursuing ISO 27001 and SOC 2 Type II certification.

9. International Users

For users outside Pakistan, we process data in accordance with GDPR, UK Data Protection Act 2018, and Hong Kong PDPO as applicable. Standard contractual clauses are in place for cross-border transfers.

10. Contact

For privacy-related inquiries: privacy@amsplatform.com