Privacy Policy
Ambi is built around context: the meeting you just had, the message thread you are in, the note you meant to keep, and the action you want carried across devices. This policy explains what we collect, how we use it, what we do not do with it, and the controls you have.
Short version: you choose what Ambi can see, when listening is on, which services are connected, and what becomes memory. We do not sell your personal information, we do not use your content for advertising, and we do not allow third-party AI providers to train on your content without your consent.
Scope and controller
This Privacy Policy applies to Ambi's websites, applications, early-access experiences, connected-service integrations, and related services (the "Service"). In this policy, "Ambi," "we," "us," and "our" mean the operator of the Service.
When we process personal information to provide Ambi, we act as the controller for account, product, support, and website data. For content you connect or ask us to process from third-party services, we process that content on your behalf and according to your settings, permissions, and instructions.
Information we collect
Account, waitlist, and support information
We collect information you provide directly, such as your name, email address, organization, role, early-access responses, account credentials or authentication identifiers, support messages, and preferences.
Connected-service data
Ambi works through services and permissions you choose to connect. Depending on what you authorize, this can include calendar events, availability, email content, files and documents, messages, conversation metadata, contacts needed to complete a request, and actions Ambi takes at your direction, such as drafting a message or creating an event.
Examples of connected services may include Google Calendar, Gmail, Google Drive or Workspace files, Slack, Telegram, iMessage, and other services we support. You can disconnect a service or revoke a permission at any time; doing so stops new access from that service but may not delete content already saved in Ambi unless you delete it or request deletion.
Listening, transcripts, and live context
When you enable listening, Ambi may capture audio, generate speech-to-text transcripts, create summaries, infer speakers or topics, and attach follow-up tasks or memories. Ambi may also maintain a live context snapshot that can include the active device, current app or page, selected text, recent transcript snippets, recent Ambi output, and running tasks.
Content, memory, and AI output
We collect the notes, instructions, tasks, topics, memories, drafts, summaries, transcripts, and other content you create, upload, save, or ask Ambi to generate. AI output can become part of your account history or memory only as needed to provide the Service and according to your controls.
Device, usage, cookies, and diagnostics
We collect technical data needed to operate and secure Ambi, such as device identifiers, app version, browser type, IP address, operating system, settings, logs, crash reports, performance metrics, and approximate location derived from technical signals. Our website may use cookies or similar technologies for essential functions, analytics, security, and remembering preferences.
Optional sensitive or health-related signals
Ambi does not require health data for the core Service today. If we introduce features that use sensitive or health-related signals, such as smartwatch activity or wellness context, we will ask for explicit permission first, explain what is collected, and provide controls to turn it off. We do not use this information for advertising and do not sell it.
Listening and recording
Listening features are powerful and sensitive. You control whether listening is on. Ambi should show a clear status indicator when audio capture is active, and only one authorized capture source should be active for the same session unless we tell you otherwise.
You are responsible for using recording, transcription, and meeting features lawfully. That includes notifying other participants and obtaining consent where required by the laws that apply to you, the participants, and the place where the conversation occurs.
If someone asks you not to record or process a conversation, you should turn listening off for that conversation unless you have another lawful basis to continue.
How we use information
We use information to:
- Provide and personalize the Service, including transcription, summaries, memory, recommendations, reminders, and task follow-through.
- Understand your instructions in context, such as resolving what "this meeting," "that thread," or "the file from yesterday" refers to.
- Sync context and results across your authorized devices and connected services.
- Operate, debug, secure, monitor, and improve the Service.
- Communicate with you about access, support, security, policy updates, and product changes.
- Prevent abuse, enforce our Terms, comply with law, and protect users, the public, and Ambi.
Where a legal basis is required, we rely on performance of our agreement with you, your consent for optional features and connected services, our legitimate interests in operating and improving a secure product, and compliance with legal obligations.
AI and model processing
Ambi uses AI systems, including our own systems and trusted third-party providers, to transcribe, summarize, search, classify, draft, reason over context, and complete actions you request. To produce results, relevant content and context may be sent to these systems.
Training stance: we do not use your content to train third-party AI models, and we do not permit our model providers to train on your content, unless you give consent. If we offer optional product-improvement training for Ambi's own models, it will be described clearly and off by default unless you opt in.
Human review of your content is limited to situations where it is needed for support you request, safety and abuse investigation, debugging with appropriate safeguards, legal compliance, or another purpose you authorize.
Google API data
If you connect Google services, Ambi's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
We use Google user data only to provide or improve user-facing features you request, such as reading calendar availability, searching or drafting email, or referencing files you ask Ambi to use. We do not sell Google user data, use it for advertising, or use it to train generalized AI or machine-learning models unless Google policy permits it and you have given any required consent.
Retention and controls
We keep information for as long as needed to provide the Service, maintain your account, comply with law, resolve disputes, enforce agreements, and protect security. When information is no longer needed, we delete, de-identify, or aggregate it.
You can control data in several ways:
- Turn listening on or off.
- Connect or disconnect services and revoke device permissions.
- Review, edit, export, or delete supported transcripts, summaries, memories, tasks, and other content.
- Ask us to delete your account or specific personal information.
Deletion from active systems may not immediately remove copies from backups, logs, or legally retained records. We remove backup copies on a rolling basis, unless retention is required for security, legal, or legitimate operational reasons.
Security
We use administrative, technical, and organizational safeguards appropriate to the sensitivity of the information we process. These include encryption in transit, access controls, least-privilege practices, monitoring, logging, vendor review, and incident response procedures.
No system is perfectly secure. You can help by keeping your devices and credentials safe, using strong authentication, and telling us promptly if you suspect unauthorized access.
International transfers
Ambi is operated from the United States, and we and our service providers may process information in the United States and other countries. These countries may have data-protection laws different from the laws where you live.
Where required, we use appropriate safeguards for international transfers, such as Standard Contractual Clauses, the UK Addendum, data-processing agreements, and supplementary measures.
Your privacy rights
Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information, and to withdraw consent for optional features. We will not discriminate against you for exercising privacy rights.
If you are in the EEA, UK, Switzerland, California, another U.S. state with privacy laws, Japan, or another jurisdiction with privacy rights, you may also have region-specific rights such as lodging a complaint with a supervisory authority, using an authorized agent, or appealing our response to a request.
To exercise rights, contact privacy@ambi.ai. We may need to verify your request and may retain limited information to document our response where the law allows.
Children
Ambi is not directed to children. You must be at least 18 years old, or the age of majority where you live, to use the Service. We do not knowingly collect personal information from children under 13. If you believe a child provided us personal information, contact us and we will take appropriate steps to delete it.
Changes
We may update this Privacy Policy as Ambi changes or as legal requirements evolve. If changes are material, we will update the date above and, where appropriate, notify you in the Service, by email, or through another reasonable method. If a new use requires consent, we will ask before it applies.
Contact
Questions or requests about privacy are welcome.
- Privacy and data requests: privacy@ambi.ai
- Legal: legal@ambi.ai
- General: hello@ambi.ai