Data & AI Trust Policy — AmpPilot

1. Our Core Data Principles

Everything we build is guided by four non-negotiable principles.

Your data is yours. AmpPilot never claims ownership of your brand data, campaign data, or business intelligence. Your data is used exclusively to provide the Service to you.

Your data is isolated. No customer's data is ever visible to, shared with, or used to benefit another customer. Brand-level isolation is enforced at the architecture level, not just by policy.

Your data is never shared with or used to benefit other customers or third parties. AmpPilot may use data within your account environment solely to improve platform performance and intelligence for your specific account.

We are transparent about AI. We use AI to assist — not to decide. All consequential decisions within AmpPilot are made within system boundaries you define and control.

2. Data Categories & How We Use Them

Category A — Public Market & Brand Context — This includes publicly available information such as website content, brand positioning, and competitive landscape data used to inform campaign planning and content generation. This data is used only for the specific task you request, is not retained as persistent cross-session memory beyond what is necessary to provide the Service, and is never used to train shared or foundation AI models.

Category B — Operational Decision Data — This includes spend levels, conversion performance, budget constraints, risk thresholds, internal priorities, and approval rules — essentially the intelligence that governs how AmpPilot makes decisions on your behalf. This data remains strictly internal to your AmpPilot environment, is never shared externally with any third party, is brand-isolated and never commingled with data from other customers, and directly governs all autonomous actions taken by the platform within your defined constraints.

Category C — Connected Platform Data — When you connect advertising or social platforms via OAuth, AmpPilot accesses campaign data, performance metrics, account identifiers, and assets solely to execute the Service on your behalf. This data is accessed under your authorization, processed only within your isolated environment, and never shared with other customers or used for any purpose beyond providing the Service to you. You can revoke platform access at any time.

Category D — Platform Intelligence — AmpPilot may derive de-identified, aggregated, statistical signals from across the platform to improve system-level functionality such as prioritization logic and risk evaluation heuristics. This process involves no brand-level data, no personally identifiable information, and no transfer of one customer's data to benefit another. Aggregated insights are used only to make the platform work better for everyone.

3. AI Usage — What It Does and What It Doesn't

AmpPilot uses AI models to assist with content generation such as ad copy, headlines, and creative briefs, reasoning support for campaign planning and optimization recommendations, and analysis of performance data to surface actionable insights.

AI within AmpPilot does not control spend, budgets, or financial decisions independently, take any action outside the parameters and constraints you configure, have access to data beyond what is necessary for the specific task at hand, or retain memory of your data between sessions beyond what the platform explicitly stores under your account.

All consequential decisions — including budget reallocation, campaign activation, and risk actions — are governed by rules and thresholds you define. AI assists the reasoning process. It does not override your controls.

4. Learning & Model Boundaries

We are explicit about what learns from what. Brand-specific learning and optimization is isolated entirely to your account and never influences any other customer's experience. Operational data including spend, performance, and risk configuration is never shared externally or used outside your environment. Your data is never used to train, fine-tune, or improve any third-party or shared foundation model. Data within your account environment may be used for account-level learning and optimization that improves your specific experience on the platform. The only cross-customer learning that may occur is through fully de-identified, aggregated platform-level signals that contain no brand, campaign, or customer-identifiable information.

5. Subprocessors & Third-Party AI

AmpPilot uses a limited number of carefully selected third-party subprocessors to deliver the Service, including cloud infrastructure providers, AI model providers for content generation and reasoning assistance, and communication and analytics tools.

All subprocessors are bound by data processing agreements that prohibit them from using your data for any purpose other than providing their service to AmpPilot. We do not permit any subprocessor to use your data to train their own models. We maintain a current list of subprocessors which is available upon request at privacy@amppilot.com.

6. Security Safeguards

AmpPilot implements technical and organizational measures to protect your data, including encryption of all data in transit using TLS and at rest, strict access controls with role-based permissions, OAuth token storage with encryption and secure credential management, regular security monitoring and vulnerability assessment, and confidentiality obligations for all personnel and contractors with data access.

In the event of a security incident affecting your data, we will notify you promptly in accordance with applicable law.

7. Your Controls

You remain in control of your data at all times. You can disconnect any connected platform integration at any time through account settings, request a copy of your data, request deletion of your data upon account termination, configure and modify all risk thresholds, budget caps, and approval rules governing automated actions, and contact us at any time with data-related questions or concerns.