← Back to Amber

Privacy Policy

Last updated: March 22, 2026

What we collect

When you use Amber, we collect and store:

• PayPal account information: Your PayPal Payer ID (a permanent account identifier), email address, and account verification status. We use this solely to identify your account and manage your subscription. We do not use your email address to send you marketing, notifications, or any other communications.
• Memories you store: Any text content you choose to save through the MCP tools. This is the core service — we store it so your AI can recall it later.
• Metadata: Timestamps, topic tags, and any key-value metadata you attach to memories.
• Usage data: We track subscription status and payment events for billing purposes. We do not track individual API calls or search queries.

How we store your data

Your memories are stored in your own isolated database. No other user can access your data. Each user gets a completely separate database instance hosted on Turso (libSQL), a globally distributed SQLite-compatible database.

Your data is encrypted in transit (TLS) and at rest (server-side encryption provided by the infrastructure).

How we use your data

We use your data solely to provide the Amber service:

• Store and retrieve your memories when your AI assistant requests them.
• Process your memories (chunking, expansion, embedding) to enable semantic search.
• Manage your subscription and billing through PayPal.

We do not sell, share, or use your data for advertising, training AI models, or any purpose other than providing the service to you.

Third-party services

Amber uses the following third-party services to operate:

• PayPal: Payment processing and identity verification.
• OpenAI: Text embeddings for semantic search. Your memory content is sent to OpenAI's embedding API to generate search vectors. OpenAI's data usage policy applies.
• Google (Gemini): Text processing (chunking, expansion, date extraction). Your memory content is sent to Google's Gemini API for processing.
• Cloudflare: Hosting and content delivery.
• Turso: Database hosting.

Data retention

Your memories are stored for as long as your account is active. If you cancel your subscription, your data remains in your database but you cannot access it until you resubscribe.

If your subscription has been cancelled or expired for more than 12 months, we may delete your database. We do not send notifications before deletion.

Data deletion

You can delete individual memories at any time using the delete_memory tool. Deleted memories go to trash and can be restored. To permanently delete all your data, use the delete_account tool, which removes your database and all associated data irreversibly.

Data export

You can export all your memories at any time using the export_memories tool, which returns all your data as JSON.

Cookies

Amber does not use cookies. Authentication is handled via OAuth 2.1 tokens.

Children

Amber is not intended for use by anyone under the age of 18.

Changes

We may update this privacy policy from time to time. Changes will be reflected on this page with an updated date.

Contact

For privacy-related questions, contact us at support@ambermem.com.