Skip to content

PRIVACY POLICY

Privacy Policy

This policy explains how Amevia and Dioartis Grup SRL handle information when people visit our public website, use the Amevia product or interact with an Amevia website agent.

Effective date: 13 July 2026Last updated: 13 July 2026Version: 0.1

Privacy at a glance

This summary is provided for convenience. The full policy below contains the complete explanation.

Customer-controlled knowledge

Customers choose the website pages, FAQs and other knowledge sources connected to their Amevia agent.

Visitor interaction data

Amevia may process visitor messages, page context and information submitted through enabled lead or action flows.

Operational data

Amevia may process account, usage, request and error information needed to operate and secure the service.

Configured providers

Infrastructure, AI, email, analytics and payment providers are used only where configured for the service.

1.Scope

This Privacy Policy applies to:

  • getamevia.com and other Amevia public pages;
  • Amevia account creation and authentication;
  • the Amevia workspace and dashboard;
  • website onboarding and configuration;
  • the Amevia widget installed on customer websites;
  • visitor conversations with an Amevia agent;
  • lead forms and other enabled visitor actions;
  • support, sales, billing and privacy requests submitted through Amevia contact flows.

Third-party websites and services linked from Amevia have their own policies. A customer website using the Amevia widget remains responsible for its own privacy notice and for explaining how it uses Amevia on that website.

2.Who operates Amevia

Amevia is a product of Dioartis Grup SRL.

Operator details
FieldValue
ProductAmevia
OperatorDioartis Grup SRL
Websitegetamevia.com
Privacy contactgetamevia.com/contact?topic=security

Field

Product

Value

Amevia

Field

Operator

Value

Dioartis Grup SRL

Field

Website

Value

getamevia.com

Field

Privacy contact

Value

getamevia.com/contact?topic=security

Registered office, company registration numbers and any dedicated privacy email address will be published here only when verified and approved for public display.

3.Roles and responsibilities

Public website and direct account relationship

Dioartis Grup SRL generally determines how information is processed for the public website, Amevia accounts, contact requests, product administration, service security and billing where enabled.

Customer website visitor data

For conversations and leads collected through a customer’s website:

  • the customer normally determines why Amevia is used and which features are enabled;
  • Amevia processes information to provide the configured service;
  • exact roles may depend on the use case, contract and configuration.

Depending on the context, Dioartis Grup SRL may act as a controller, processor or service provider with distinct responsibilities. Customers are responsible for providing their own visitors with appropriate privacy information and obtaining any required permissions.

4.Information we process

A. Account information

May include name, email address, organization name, login and session information, account preferences, selected plan and workspace or website associations.

B. Website and knowledge information

May include website URL, pages and extracted text, FAQs, policies, product or service information, manually added knowledge, source status and scan or synchronization timestamps.

C. Agent and widget configuration

May include agent name, role, tone, languages, fallback rules, prohibited topics, widget presentation settings, greeting, suggested questions and installation status.

D. Visitor interaction information

Where enabled, may include visitor messages, agent responses, source page URL, session or conversation identifiers, timestamps, action selections, device or technical information, approximate network information and conversation outcome.

E. Lead information

May include information voluntarily submitted by a visitor, such as name, email, company, request details and conversation context. The current lead-capture flow does not collect telephone numbers.

F. Usage and operational information

May include IP address, browser and device type, timestamps, product areas accessed, request counts, error events, scan events, installation checks, entitlement usage and diagnostic logs.

G. Contact-request information

May include name, work email, company, website, account email, request category, subject, message, technical references and consent acknowledgement submitted through the Contact page.

H. Billing information

Paid billing is not currently enabled. Amevia does not currently collect payment-card information through the product. This section will be updated before payment processing becomes available.

5.How information is collected

Information provided directly

Examples include signup, account settings, knowledge entries, the Contact form and visitor lead forms where enabled.

Information collected through product use

Examples include conversations, scans, installation checks, usage counters and operational logs.

Information collected from customer websites

Examples include pages selected for scanning and visitor interactions through the widget.

Information received from configured providers

Where configured, providers may support authentication delivery, infrastructure, analytics, email, AI inference or payment services.

We do not purchase personal information from data brokers.

6.How information is used

Amevia uses information for specific product purposes, including to:

  • create and operate Amevia accounts;
  • connect and manage customer websites;
  • scan and prepare approved knowledge;
  • configure and display website agents;
  • respond to visitor requests;
  • recommend relevant products, services or pages where enabled;
  • capture visitor contact information when enabled;
  • store and display conversations and leads;
  • produce usage summaries, analytics and insights where enabled;
  • apply plan limits and entitlements;
  • detect errors, abuse and security issues;
  • provide support and respond to requests;
  • send transactional or account notifications where email delivery is configured;
  • process billing where enabled;
  • improve reliability and usability;
  • comply with legal obligations.

8.Website content and knowledge

Customers choose which websites and sources to connect. Where scanning is available, Amevia may fetch publicly reachable pages from those websites. Extracted content may be stored and prepared for retrieval. Customers can review or remove knowledge according to available product controls. Excluded, blocked or unsupported content may not be imported.

Customers must have authority to submit or connect the content they use with Amevia. Customers should not upload confidential, unlawful or third-party content unless they are authorized to process it through Amevia.

9.Visitor conversations

Where the widget is installed and enabled, Amevia may process visitor messages and page context to generate responses. Conversations may be stored in the customer workspace and reviewed according to the customer’s plan and configuration. Where analytics features are enabled, conversations may support topic, outcome or knowledge-gap summaries.

10.Leads and contact information

Lead capture is controlled by the customer. Visitors choose whether to submit information. Submitted information may be linked with conversation context. The customer may use the lead according to its own privacy notice. Amevia stores and displays lead information as needed for the configured service, and lead exports may occur where supported.

The customer is responsible for its later use of the lead.

11.Accounts and authentication

Account creation currently collects full name, organization name, work email and password. Sessions are maintained with an httpOnly session cookie named amevia_session, with a maximum age of 14 days under the current implementation.

Email verification and password-reset delivery depend on a configured transactional email provider. Until that provider is configured, verification and reset messages may not be sent automatically.

12.Payments

Paid billing is not currently enabled. Amevia does not currently collect payment-card information through the product.

If payment processing is enabled later, full payment-card details should be handled by the configured payment provider. This section will then describe billing contact information, invoices, transaction identifiers and any fraud or compliance checks that apply.

13.Contact requests

Information submitted through /contact is used to respond to the request, maintain necessary records and protect the service. Request-type-specific fields may be collected for sales, support, billing, security, privacy or partnership enquiries. Delivery may use a configured email provider or, until delivery is configured, a mailto fallback that opens the sender’s email client.

Do not send passwords, API keys or payment-card information through the contact form.

14.Cookies and similar technologies

Amevia currently uses essential technologies needed to operate authenticated sessions and interface preferences. The public site does not currently load third-party analytics or marketing cookies.

Cookies and similar technologies currently used
Name or categoryPurposeTypeDuration
amevia_sessionAuthenticate signed-in workspace sessionsEssential cookie (httpOnly)Up to 14 days
amevia-themeRemember light or dark interface preference in the dashboardLocal storage preferenceUntil cleared by the browser or user
amevia-sidebar-collapsedRemember dashboard sidebar layout preferenceLocal storage preferenceUntil cleared by the browser or user

Name or category

amevia_session

Purpose

Authenticate signed-in workspace sessions

Type

Essential cookie (httpOnly)

Duration

Up to 14 days

Name or category

amevia-theme

Purpose

Remember light or dark interface preference in the dashboard

Type

Local storage preference

Duration

Until cleared by the browser or user

Name or category

amevia-sidebar-collapsed

Purpose

Remember dashboard sidebar layout preference

Type

Local storage preference

Duration

Until cleared by the browser or user

Local storage is not a cookie. If non-essential analytics or marketing technologies are added later, this policy and any consent mechanism will be updated to match.

15.Analytics and operational logs

Product and website-agent analytics

Where enabled in the product, Amevia may generate interaction analytics and related summaries for the customer workspace. These features are distinct from public-website marketing analytics, which are not currently configured on getamevia.com.

Operational logs

Operational logs may include request metadata, error events, IP addresses or similar identifiers needed for performance, abuse prevention and security. Monitoring and alerting details depend on the final production configuration.

16.AI and service providers

Amevia may use providers for hosting and databases, storage and delivery, AI inference, transactional email, analytics and monitoring, payment processing and customer support. Providers are used only where configured.

Provider categories and current status
CategoryPurposeExample data involvedStatus
InfrastructureHosting, databases, storage and deliveryApplication and operational records needed to run the productProduction provider to be selected
AI processingGenerate website-agent responsesApproved knowledge context and visitor messages needed for a responseNot configured
EmailAccount, notification and support deliveryAccount email addresses and message content required for deliveryNot configured
Analytics and operationsService health, errors and product-usage monitoringOperational metrics, error details and usage countersDevelopment only
PaymentsProcess paid plans when enabledBilling contact and transaction identifiers; card data handled by providerNot configured

Category

Infrastructure

Purpose

Hosting, databases, storage and delivery

Example data involved

Application and operational records needed to run the product

Status

Production provider to be selected

Category

AI processing

Purpose

Generate website-agent responses

Example data involved

Approved knowledge context and visitor messages needed for a response

Status

Not configured

Category

Email

Purpose

Account, notification and support delivery

Example data involved

Account email addresses and message content required for delivery

Status

Not configured

Category

Analytics and operations

Purpose

Service health, errors and product-usage monitoring

Example data involved

Operational metrics, error details and usage counters

Status

Development only

Category

Payments

Purpose

Process paid plans when enabled

Example data involved

Billing contact and transaction identifiers; card data handled by provider

Status

Not configured

Provider details may be updated as production infrastructure is finalized. Secret values, endpoints and infrastructure topology are not published in this policy.

17.When information may be shared

  • Service providers — to operate the configured service.
  • Customers — website administrators may access conversations, leads and related context generated through their websites.
  • Legal and safety reasons — when reasonably necessary to comply with law, protect rights, investigate abuse or address security issues.
  • Business changes — in connection with a merger, acquisition, financing or transfer, subject to appropriate protections.
  • With permission — where a person or customer requests or authorizes sharing.

We do not sell personal information to advertisers.

18.International processing

Amevia may use providers in different countries. Information may be processed outside the person’s country. Protection mechanisms depend on provider location, contract and applicable law. Final transfer mechanisms will be documented once production providers are selected.

This policy does not currently claim a specific hosting region, adequacy decision or standard contractual clause package.

19.Retention

Information is retained only as long as reasonably needed for the service, security, contractual or legal purpose, subject to final production retention settings.

Typical retention signals in the current product
Data categoryTypical retentionWhat determines it
Account dataWhile the account remains active, then as needed for security or legal purposesAccount status and operational needs
Website knowledgeWhile the website remains connected and knowledge is retainedCustomer configuration and removal actions
ConversationsPlan settings currently indicate 7 days (Free), 90 days (Starter) or 12 months (Growth)Plan entitlements and website retention settings
LeadsWhile needed for the configured service and customer reviewCustomer configuration and supported removal workflows
Contact requestsAs needed to respond, maintain records and protect the serviceRequest type and legal needs
Billing recordsNot applicable while paid billing is disabledAccounting and legal requirements once enabled
Operational logsAs needed for security, debugging and reliabilityProduction logging and infrastructure settings

Data category

Account data

Typical retention

While the account remains active, then as needed for security or legal purposes

What determines it

Account status and operational needs

Data category

Website knowledge

Typical retention

While the website remains connected and knowledge is retained

What determines it

Customer configuration and removal actions

Data category

Conversations

Typical retention

Plan settings currently indicate 7 days (Free), 90 days (Starter) or 12 months (Growth)

What determines it

Plan entitlements and website retention settings

Data category

Leads

Typical retention

While needed for the configured service and customer review

What determines it

Customer configuration and supported removal workflows

Data category

Contact requests

Typical retention

As needed to respond, maintain records and protect the service

What determines it

Request type and legal needs

Data category

Billing records

Typical retention

Not applicable while paid billing is disabled

What determines it

Accounting and legal requirements once enabled

Data category

Operational logs

Typical retention

As needed for security, debugging and reliability

What determines it

Production logging and infrastructure settings

20.Security

Amevia uses technical and organizational measures intended to protect information, including access controls, secure production transport where configured, secret management, validation, logging and dependency maintenance where implemented. Details are summarized on the Security & privacy page.

No internet service can guarantee absolute security. Amevia does not claim SOC 2, ISO 27001 or end-to-end encryption for website-agent conversations at this stage.

21.Your choices and rights

Depending on location and applicable law, you may have rights to request access, correction or deletion; object to or restrict certain processing; withdraw consent where processing is based on consent; request portability where applicable; and complain to a competent data-protection authority.

These rights may be subject to legal conditions, exceptions and verification. We may need to verify identity and authority before completing a request. Do not send identity documents through an insecure public message unless a secure process is provided.

Requests concerning a customer website

If the request concerns a conversation or lead submitted through a customer’s website, the visitor should normally contact that website operator first. Amevia will assist the customer where required by the applicable relationship and law. Amevia may not always be able to identify or delete visitor data without customer context.

22.Children’s privacy

Amevia is designed as a business website-agent service and is not directed specifically to children. Customers should not configure Amevia to collect children’s personal information without an appropriate lawful basis, notice and safeguards.

If you believe a child has submitted information inappropriately, contact us with enough non-sensitive context to investigate.

23.Changes to this policy

This policy may change as product functionality, providers or law changes. The Last updated date will change when material updates are published. Material changes may be communicated through the website, account or email where appropriate. Archived versions may be retained later.

We do not promise email notification for every minor wording change.

24.Contact

Dioartis Grup SRL operates Amevia. For privacy questions, data requests or security concerns, use the Contact page with the appropriate request type.