How your data works
AMP is an early beta second brain. This page explains what it stores, what may be sent to AI providers, and what controls are available today.
Last updated: 20 June 2026
What AMP stores
AMP may store your account email, password hash, chat messages, memories, calendar events, reminders, notifications, feedback, and uploaded images or image metadata when you use those features.
Visual preferences such as theme and handedness are generally stored in your browser. Active short-term memories are limited and designed to expire after 48 hours.
Uploaded images are stored through AMP's current beta upload system and are not intended for confidential material. Do not upload sensitive documents or images.
How AI processing works
AMP currently uses OpenAI through its API for AI-generated responses. When an AI response is needed, AMP may send your current request, a small amount of recent conversation, relevant saved context, and any image you explicitly ask AMP to analyze.
Some actions, including certain memory and calendar operations, are handled by AMP's own application logic without sending the action to the AI model.
Browser voice capture may use your browser or device's speech service. If AMP's server transcription is used, the audio is sent to the configured OpenAI-compatible voice provider so it can be transcribed.
OpenAI states that API data is not used to train its models by default. OpenAI may retain API inputs and outputs for up to 30 days for abuse monitoring unless different data controls apply.
Encryption
AMP's production site uses HTTPS, which encrypts data while it travels between your device and AMP. API calls to OpenAI also use HTTPS.
AMP's production PostgreSQL database is hosted by Supabase. Supabase states that customer data is encrypted at rest with AES-256 and in transit using TLS.
Who can access stored data
You can access your data through your AMP account. People with authorized access to AMP's production systems or database credentials can technically access stored data when needed for support, debugging, security, or operating the service.
OpenAI and Supabase process data as service providers under their own terms and privacy practices.
Deleting and exporting data
You can forget individual active memories inside AMP. Calendar events can also be removed through the product.
At this stage, AMP does not yet offer self-serve account deletion or a self-serve data export. To request account or broader data deletion, contact admin@amplyai.org from the email connected to your account.
A practical beta warning
Do not store information in AMP that you would not be comfortable storing in an early beta product. Avoid passwords, authentication codes, banking details, government identification numbers, medical records, or information whose exposure could put someone at risk.