GDPR Alignment

Scale Amplify is committed to protecting personal data and handling it responsibly in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

Scale Amplify operates as a Data Processor when handling personal data on behalf of its clients and aligns its processes, contractual commitments, and operational safeguards with the principles and requirements of the GDPR.

1. Our Role Under GDPR

In the context of our Lead Revival Services:

Client acts as the

Data Controller

Scale Amplify acts as the

Data Processor

Scale Amplify processes personal data solely on documented instructions from the Client and only for the purpose of delivering contracted services.

2. Lawful Basis for Processing

Scale Amplify relies on the Client's confirmation that all personal data shared has been lawfully collected and may be processed under one or more of the following legal bases, as applicable:

  • • Legitimate interest in B2B communication
  • • Performance of a contract
  • • Consent, where required

Scale Amplify does not independently determine the lawful basis and processes data strictly as instructed by the Client.

3. GDPR Principles We Follow

Our data handling practices are aligned with the core GDPR principles:

• Purpose Limitation: Personal data is processed solely for lead revival, outreach orchestration, and qualified meeting delivery as defined in the Lead Revival Services Agreement.
• Data Minimization: Only data necessary for service delivery is processed. No unnecessary or excessive personal data is requested or retained.
• Confidentiality & Integrity: Access to personal data is restricted to authorised personnel under strict confidentiality obligations.
• Storage Limitation: Personal data is retained only for the duration required to deliver services and is returned or securely deleted upon contract termination, unless legal retention is required.
• Transparency: Clients are informed of how personal data is processed through our Privacy Policy, Data Processing Agreement, and contractual documentation.

4. Data Subject Rights

Where applicable, Scale Amplify assists Clients in fulfilling data subject rights under GDPR, including:

  • • Right of access
  • • Right to rectification
  • • Right to erasure
  • • Right to restriction
  • • Right to objection
  • • Right to data portability

Requests are handled in coordination with the Client, who remains the primary point of contact for data subjects.

5. International Data Transfers

Where personal data is processed across jurisdictions, Scale Amplify ensures that appropriate contractual and organisational safeguards are applied in accordance with applicable data protection regulations.

6. Security & Governance

Scale Amplify maintains organisational and procedural safeguards designed to:

  • • Prevent unauthorised access or disclosure
  • • Ensure confidentiality of personal data
  • • Protect against accidental loss or misuse

Details of our data protection practices are described in our Data Security & Privacy documentation.

7. Data Processing Agreement (DPA)

Scale Amplify maintains a standard Data Processing Agreement that defines confidentiality, security, data handling, sub-processing, breach notification, and data deletion obligations in line with GDPR requirements. This DPA is incorporated into client engagements where applicable and is executed alongside the Lead Revival Services Agreement to formalise controller–processor responsibilities.

Contact

For questions regarding GDPR, personal data handling, or data subject rights, please contact:

Scale Amplify

Email: legal@scaleamplify.com

Address: D-25, Jangpura Extension, New Delhi 110014, India