Your data. Your infrastructure.
No exceptions.

ambient captures conversations to build your company brain. That means we handle sensitive data. Here's exactly what happens to it - no legal jargon, no ambiguity.

Core principles

  • Your data is never used to train models. Not ours, not third-party. This is contractual, not just policy. Your conversations teach your brain only.
  • We cannot access your content. We don't read your transcripts, listen to recordings, or review extracted insights. Infrastructure access is limited to encrypted metadata for debugging.
  • Deletion is real. When you delete data or cancel your account, it's gone. Not soft-deleted. Not archived. Permanently removed from all storage and backups within 30 days.
  • You own everything. Your transcripts, insights, knowledge graph, company state - all of it. Export anytime in standard formats. No vendor lock-in by design.

What we collect

Audio Captured on your device, streamed for transcription never stored by us
Transcripts Text output from transcription, stored encrypted
Insights Decisions, tasks, topics extracted by AI
Graph Relationships between people, projects, decisions
State Synthesized company understanding (themes, tensions)
Metadata Timestamps, recording duration, seat usage

We do not collect: email content, browser activity, screen recordings, file contents, or anything outside of conversations you explicitly record with ambient.

Third-party processors

We use specialized services for specific tasks. Each processes only the minimum data required and is contractually bound to not retain or train on your data.

Service Purpose Data shared Retention
Deepgram Speech-to-text transcription Audio stream (real-time) Not retained
Anthropic (Claude) Extraction & synthesis Transcript text Not retained
OpenAI Embedding generation Text segments Not retained
Supabase Database hosting Encrypted application data Until deletion
Neo4j Aura Knowledge graph hosting Graph relationships Until deletion

On Private Cloud and Enterprise tiers, you can eliminate third-party processors entirely by running transcription, extraction, and storage on your own infrastructure.

Deployment & data residency

Where your data lives depends on your deployment tier.

Cloud
Private Cloud
Local
Audio leaves device
For transcription only
To your infra only
Never
Transcripts stored
Our managed DB
Your dedicated DB
Your machine
AI processing
Third-party APIs
Your API keys
Local models
Knowledge graph
Managed Neo4j
Your Neo4j instance
Local graph DB
Region control
US/EU
Your choice
Your premises
Data encrypted
At rest + transit
At rest + transit
Your encryption

Your controls

You can at any time:

  • Export all data - transcripts, insights, knowledge graph, company state. Standard JSON/CSV formats.
  • Delete individual recordings - removes transcript, all extracted insights, and graph relationships derived from it.
  • Pause recording - ambient only captures when you choose. No always-on listening.
  • Remove team members - revokes access immediately. Their contributions to the brain remain unless explicitly deleted.
  • Cancel and delete everything - 30-day grace period for export, then permanent deletion across all systems.

Compliance trajectory

We are building toward formal compliance certifications. Current status:

  • SOC 2 Type II - in progress. Expected completion with GA launch.
  • GDPR-ready - data minimization, right to deletion, data portability, and processor agreements in place.
  • HIPAA - planned for Enterprise tier with fully local deployment.

Questions?

If you have questions about how we handle your data, want to request deletion, or need a DPA for your organization, reach out at privacy@herlabs.io.

Last updated: January 2026