Skip to content

Security & Data Privacy

We cannot see your data.
That's the architecture.

Most vendors promise they won't look at your data. Ampliflyer was engineered so that we can't. Your strategy work is processed on your device, analyzed over encrypted no-training API calls, and stored only where you choose. There is nothing of yours on our servers to leak, subpoena, or breach.

How It Works

The life of your data, end to end

Written for the people who will actually review it — your IT, security, and legal teams.

Step 1 · On your device

Local parsing

Everything you type and every document you upload is parsed locally, in your browser, on your device. Raw files are never transmitted to or stored on Ampliflyer servers. We cannot see any inputs you enter into fields — text or attachments.

Step 2 · In transit

Encrypted, no-training analysis

Parsed data is sent directly via encrypted (TLS) calls to the enterprise Google Gemini API. Enterprise API terms prohibit the use of your data to train any model. Ampliflyer is not in that data path — your content flows from your device to the model and back.

Step 3 · At rest

Local-only storage

All outputs are stored in an Ampliflyer Library folder of your choosing — on your device or in your local browser cache. Nothing in our cloud, nothing on our servers. If you sign in on a different device, your data doesn't travel with you. If your device is secured, so is your Ampliflyer work.

What this means for your security review

The standard questions — "Where is our data stored? Who can access it? What's your breach exposure?" — have unusual answers here: nowhere on our systems, no one, and none of your work product. The conversation shifts from auditing our controls to verifying our architecture, and we'll walk your team through exactly that.

Data Minimization

The only data we hold is what runs your account

We collect the absolute minimum needed to create your account, administer your agreement, and keep the service secure. We do not sell data, and we do not track your activity for advertising. Full details are in our Privacy Policy.

  • Account: email, username, and a secure password hash — nothing more.
  • Billing: handled by PCI-compliant payment processors; we retain a tokenized reference only.
  • Cookies: the platform sets essential session cookies only — no advertising trackers.
  • Usage content: we cannot see what you analyze — by design, we don't know what our customers use the platform for.

For Your Committee

Built to pass the review, fast

  • For IT & Security

    A guided architecture walkthrough with our engineering team, plus written documentation of data flows for your questionnaire. Email info@ampliflyer.ai to start a review in parallel with your evaluation.

  • For Legal & Procurement

    Our Terms of Use and Privacy Policy are public and current. Enterprise agreements and data-processing terms are provided during the pilot stage.

  • For the Economic Buyer

    Zero-knowledge architecture isn't only risk mitigation — it removes the adoption blocker that stalls most enterprise AI deployments: compliance objections to data exposure.

Security FAQ

What your reviewers will ask

Does Ampliflyer store our documents or inputs on its servers?

No. Inputs and uploaded attachments are parsed locally on your device into the data needed for analysis. Outputs are saved to a local Ampliflyer Library folder you choose on your device or in your local browser cache. Nothing is stored in Ampliflyer's cloud or on any Ampliflyer server.

Is our data used to train AI models?

No. Analysis runs through encrypted calls to the enterprise Google Gemini API under enterprise terms that prohibit the use of your data to train any model.

Can Ampliflyer employees see what we analyze?

No. The software is designed to prevent visibility of customer usage and data. Ampliflyer cannot see the inputs you enter, whether text or uploaded attachments — there is no customer work product on our systems to view.

What account data does Ampliflyer hold?

The minimum needed to operate your account: email address, username, and a secure password hash. Billing is handled by PCI-compliant payment processors; we retain only a tokenized reference. The Ampliflyer platform itself uses essential session cookies only and sets no advertising trackers; our public website discloses its single analytics tag in the Privacy Policy.

What happens if an Ampliflyer server is breached?

Your strategic work product is not there to steal. Because inputs are processed on your device and outputs are stored only on your device, a compromise of Ampliflyer infrastructure cannot expose your deal flow, documents, or analyses.

Have a security questionnaire? Send it to info@ampliflyer.ai — we'll turn it around while your evaluation runs.

Bring your security team to the demo.

We'll walk strategy and IT through the platform and the architecture in the same 30 minutes — and start your security review in parallel.

Book a Demo