← Back to home

Privacy Policy

Effective Date: March 23, 2026

NovaFox LLC ("Company," "we," "us," or "our") operates AmpTagger ("the Service"). This Privacy Policy describes how we collect, use, store, and protect your information when you use the Service.

1. Information We Collect

Information You Provide

  • Account information: name, email address, organization name, and profile photo (if provided via Google SSO)
  • Article data: URLs submitted for analysis and article text, including text submitted via browser extensions or bookmarklets provided by the Service. When you use the AmpTagger bookmarklet, the readable text of the page you are viewing is transmitted to our servers for analysis. You are responsible for ensuring you have authorized access to any content you submit.
  • Entity Database contributions:The Service's Entity Database may be populated through automated discovery (e.g., analyzing submitted articles and searching public sources) or through direct contributions by users (e.g., manually adding or uploading entity names, social media handles, and associated metadata). Regardless of how Entity Data enters the system, it consists of publicly available information and is maintained by AmpTagger as part of the Service infrastructure, not as user-owned data. By contributing Entity Data, you confirm that the information is derived from publicly available sources.
  • Generated content: social media posts created by the Service
  • Organizational data: platform configurations, saved templates, user roles, and usage preferences

Information Collected Automatically

  • Authentication data: session tokens and login method (email/password or Google SSO)
  • Usage data: features accessed, actions taken within the Service, timestamps, and interaction patterns
  • Device and browser data: browser type, operating system, screen resolution, and language preference
  • Analytics data: we use Google Analytics to collect anonymized usage statistics, including pages visited, session duration, and general interaction patterns. Google Analytics may use cookies and similar technologies to collect this information. You can opt out of Google Analytics by installing the Google Analytics Opt-Out Browser Add-On.
  • Log data: IP address, access times, and referring URLs

Payment Information

Payment is processed securely by Stripe. We do not store credit card numbers, CVVs, or other sensitive payment details on our servers. Stripe may collect information necessary to process your payment in accordance with their Privacy Policy.

2. How We Use Your Data

We use the information we collect to:

  • Provide the Service: analyze articles, generate social media posts, manage entity data, and maintain your account
  • Authenticate your identity: verify your login credentials, including via Google SSO
  • Process payments: manage subscriptions and billing through Stripe
  • Improve the Service: use anonymized, aggregated usage patterns and analytics data to refine post generation quality and user experience
  • Communicate with you: send service-related notices, security alerts, and updates about changes to our terms or policies
  • Ensure security: detect and prevent fraud, abuse, and unauthorized access

We do not use your data for advertising purposes. We do not sell your personal information to third parties.

3. Third-Party Services

We use third-party service providers in the following categories to operate the Service:

  • AI processing: to analyze articles and generate social media posts (receives article text and entity context)
  • Search services: to discover publicly available social media handles (receives entity names)
  • Authentication: to verify your identity via third-party sign-on (receives name, email, profile photo)
  • Analytics: to collect anonymized usage statistics (receives anonymized browsing and session data)
  • Payment processing: to manage subscriptions and billing (receives payment and billing information)
  • Cloud infrastructure: to host and operate the Service (processes all service data as infrastructure provider)

A current list of our specific sub-processors is maintained at amptagger.com/sub-processors. Each third-party service processes data in accordance with their own privacy policies.

4. Data Storage and Security

Your data is stored in Vercel Postgres databases located in the United States. We implement the following security measures:

  • All data is encrypted in transit using TLS 1.2 or higher
  • All data is encrypted at rest using AES-256 encryption
  • Access to production systems is restricted and logged
  • Authentication credentials are securely hashed
  • Regular security reviews of our infrastructure and code

While we take reasonable measures to protect your data, no method of transmission or storage is completely secure. We cannot guarantee absolute security.

5. Data Retention

  • Account data is retained while your account remains active.
  • Organizational Data(platform configurations, saved templates, post history, usage preferences) is retained while your organization's account is active.
  • Entity Datais maintained by AmpTagger as part of the Service's Entity Database. It is not tied to any single user or organization account. Upon account closure, your access to the Entity Database is revoked, but Entity Data is retained as part of the Service. Individuals listed in Entity Data may request removal per Section 10.
  • Generated posts are created on the fly and are not stored long-term on our servers unless saved to your post history.
  • Usage and analytics data is retained in anonymized, aggregated form and is not tied to individual accounts.
  • Upon account closure, all Organizational Data and account information is permanently deleted. You may contact us at privacy@amptagger.com to request confirmation of deletion.

6. Cookies and Tracking Technologies

AmpTagger uses the following cookies and similar technologies:

  • Session cookie: a single authentication cookie to keep you logged in. This is essential for the Service to function.
  • Google Analytics cookies: used to collect anonymized usage statistics. These cookies do not identify you personally. You can opt out using the Google Analytics Opt-Out Browser Add-On.

We do not use advertising cookies or third-party tracking cookies for marketing purposes.

7. Your Rights

Regardless of your location, you have the right to:

  • Access your personal data stored in the Service
  • Correct inaccurate personal data
  • Delete your account and associated Organizational Data (Entity Data is maintained separately as part of the Service; see Section 5)
  • Export your entity database and organizational data in a portable format
  • Object to or restrict certain processing of your data
  • Withdraw consent for optional data processing (such as analytics) at any time

To exercise any of these rights, contact us at privacy@amptagger.com. We will respond to your request within 30 days.

8. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know: you may request details about the categories and specific pieces of personal information we have collected about you.
  • Right to delete: you may request deletion of your personal information.
  • Right to opt-out of sale: we do not sell your personal information to third parties.
  • Right to non-discrimination: we will not discriminate against you for exercising your CCPA rights.

To submit a CCPA request, contact us at privacy@amptagger.com.

9. European Users (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal basis for processing: we process your personal data based on contractual necessity (to provide the Service), legitimate interests (to improve the Service and ensure security), and consent (for optional analytics).
  • Data transfers: your data is stored in the United States. We rely on standard contractual clauses and other appropriate safeguards for international data transfers.
  • Right to lodge a complaint: you have the right to lodge a complaint with your local data protection authority.
  • Data Protection Officer: for GDPR-related inquiries, contact us at privacy@amptagger.com.

10. Third-Party Personal Data (Entity Database)

As part of the Service, AmpTagger collects and stores publicly available information about individuals, organizations, and other entities mentioned in news articles submitted by our users. This information may include names, social media handles, and publicly available profile details gathered through automated searches of public social media platforms and search engines.

Important disclosures about this data:

  • Source: Entity data is derived from publicly available sources, including published news articles and public social media profiles. We do not access private accounts or non-public information.
  • Purpose: This data is collected solely to help news organizations generate accurate social media posts that properly tag and reference the people and organizations mentioned in their coverage.
  • No direct relationship: The individuals whose information appears in the entity database are not users of AmpTagger and have not provided their information directly to us. They have no account relationship with the Service.
  • Minors: Entity data may include publicly available information about individuals under the age of 16 who are referenced in news coverage. We do not knowingly collect private or non-public information about minors. We do not use entity data for profiling, advertising, or any purpose beyond generating social media post suggestions for our users.
  • Removal requests: Any individual whose information appears in an AmpTagger entity database may request review or removal of their data by contacting us at privacy@amptagger.com. We will process such requests within 30 days.
  • Legal basis (GDPR): Where applicable, we process third-party entity data under the legitimate interest basis, as it supports the journalistic and editorial activities of our users. This processing is limited to publicly available information and is proportionate to the purpose of the Service.
  • Ownership and retention:Entity Data is owned and maintained by AmpTagger as part of the Service's infrastructure. It is not owned by, or associated with, any single user or organization account. When a user's or organization's account is closed, their access to the Entity Database is revoked, but the data itself is retained. Individuals whose information appears in Entity Data may request removal as described above.

11. Children

AmpTagger is not intended for users under the age of 16. We do not knowingly collect personal information directly from children under 16 for account registration purposes. If we learn a child under 16 has created an account, we will delete it promptly. If you believe a child under 16 has registered for an account, please contact us at privacy@amptagger.com.

For information about how we handle publicly available data about minors referenced in news coverage, see Section 10 (Third-Party Personal Data).

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service at least 30 days before they take effect. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

13. Contact

If you have questions about this Privacy Policy, please contact us at privacy@amptagger.com.

© 2026 NovaFox LLC. All rights reserved.

We use cookies to analyze site usage and improve your experience. See our Cookie Policy for details.