Last Updated: February 11, 2026
Effective Date: February 11, 2026
Ampel Co. (“Ampel,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, retain, and protect information when you use the Ampel mobile application and related services (the “Service”).
Please read this Privacy Policy carefully. By creating an account or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our data practices, please do not use the Service.
This Privacy Policy should be read together with our Terms of Service. Capitalized terms not defined in this Privacy Policy have the meanings given in the Terms of Service.
We collect information in three ways: information you provide directly, information collected automatically, and information from third parties.
Account Information. When you create an account, we collect your full name, email address, password (stored in encrypted form), subscription preferences and tier selection, profile settings and communication preferences.
AI Interaction Data. When you use the Service, we collect your prompts, questions, and instructions submitted to the AI (“Input Content”), AI-generated responses (“Output Content”), conversation history and context, feedback on AI responses (such as ratings or reports), and model preferences and settings.
Payment Information. When you subscribe, our payment processor Stripe, Inc. directly collects your payment card information (credit/debit card number, expiration date, CVV) and billing address. We do not directly receive or store your complete payment card information. We receive only confirmation of successful payment, the last four digits of your card number, card type and expiration date, transaction identifiers, and subscription status information. Stripe processes and stores payment data in accordance with PCI-DSS standards. See Stripe's privacy policy at https://stripe.com/privacy.
Identity Verification Information (Equity Program Participants Only). If you choose to participate in our equity incentive program, you must complete identity verification through our partner Persona. Ampel does not store your government identification documents or biometric data. This data is collected by and transmitted directly to Persona for processing. The identity verification process collects:
IMPORTANT NOTICE REGARDING BIOMETRIC DATA
During identity verification, Persona collects facial geometry data (a mathematical representation of your facial features) from your selfie photograph and compares it against your government-issued photo identification. This biometric data is used solely for identity verification and fraud prevention purposes. Please see Section 6 (Biometric Data Notice) for important information about your rights regarding biometric data, including specific rights under Illinois, Texas, and Washington state laws.
Communications. We collect information when you contact our customer support, send us email correspondence, or provide feedback and survey responses.
Usage Data. We automatically collect information about how you use the Service, including features and functions you access, AI models you interact with, session duration and frequency, time and date of access, engagement metrics (prompts submitted, responses generated), and referral activity.
Device and Technical Information. We automatically collect device type, model, and operating system, mobile device identifiers (such as advertising ID or IDFA, with your consent on iOS), IP address, browser type and version, mobile network information, app version, time zone and locale settings, and crash reports and error logs.
Location Information. We collect approximate geographic location based on your IP address and time zone settings. We do NOT collect precise geolocation data through GPS or mobile device sensors.
Cookies and Similar Technologies. We use cookies and similar tracking technologies to enable core Service functionality (authentication, session management), analyze usage patterns (via Google Analytics), measure advertising effectiveness (via the Meta/Facebook SDK and Pixel), and remember your preferences. See Section 10 for details on managing cookies.
From Service Providers. We receive transaction confirmations and subscription status from Stripe, identity verification results and document validation status from Persona (but not your actual biometric data or identity documents), and aggregated usage statistics from Google Analytics.
From AI Model Providers. We may receive information from our third-party AI model providers about the processing of your queries, including error logs, content moderation flags, and usage statistics.
From Other Users. If another user refers you to Ampel, we may receive your email address from the referring user. We will use this information only to contact you about the referral and will not add you to marketing lists without your separate consent.
If you receive Class B Common Stock through our equity incentive program, we maintain stock ownership records (share count, issuance dates, grant basis), investment amount and valuation data, tax reporting information (for IRS Form 1099 preparation), securities transaction history, and related correspondence.
We use your information to operate the AI chat platform and process your queries, transmit your Input Content to third-party AI model providers and deliver responses, maintain your account and conversation history, authenticate your identity and prevent fraud, process subscription payments and billing, provide customer support and respond to inquiries, and troubleshoot technical issues.
We use aggregated and de-identified data to analyze usage patterns and improve AI performance, develop new features and capabilities, conduct research on AI systems and user interactions, and monitor and improve Service performance and reliability. We do not use your Input Content or conversation data to train AI models unless you have explicitly opted in. See Section 2.6.
If you participate in our equity incentive program, we use your information to verify your identity and eligibility to receive securities, comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations, process equity grants and maintain stockholder records, track annual investment limits under Regulation Crowdfunding, prepare and file required SEC disclosures (Form C and amendments), prepare and file tax forms (IRS Form 1099), facilitate communications from Loupt Portal LLC (our registered funding portal), and comply with SEC, FINRA, and state securities law requirements.
We use your information to send service announcements and updates (such as changes to Terms or features), send transaction confirmations and billing notifications, send promotional emails about Ampel (you may opt out at any time), send investor relations communications (if you are a stockholder), and conduct surveys and request feedback.
We use your information to comply with applicable laws, regulations, and legal processes, respond to lawful requests from government authorities, enforce our Terms of Service and protect our rights, detect, prevent, and address fraud, security, or technical issues, and protect the safety and rights of our users and the public.
Your choice matters. We do not use your Input Content or conversation data to train AI models by default. If you affirmatively opt in through your account settings, we may use your data in aggregated and de-identified form to improve AI model performance and capabilities. You may change your opt-in preference at any time. Changes apply to data collected after the change; data already used for training prior to your opt-out will not be retroactively removed, but no additional data will be used.
Important: Even if you opt in with Ampel, the third-party AI model providers that process your queries may have their own data usage policies. We maintain data processing agreements with our AI model providers that restrict their use of your data, but we encourage you to review their privacy policies as well.
We share your personal information with third parties only as described below. We do not sell your personal information to third parties.
When you use the Service, your Input Content is transmitted to third-party AI model providers (such as OpenAI, Anthropic, Google, and others) to generate responses. These providers may process your Input Content on their servers, temporarily retain your queries for service operation and safety monitoring, and apply content moderation and safety filters. We maintain data processing agreements with our AI model providers that restrict their use of your data to providing the Service and prohibit them from using your data for their own model training. However, each provider operates under its own privacy policy, and we encourage you to review them.
We share information with third-party companies that perform services on our behalf:
Hosting and Infrastructure:
Payment Processing:
Identity Verification (Equity Program Participants Only):
Analytics:
Advertising and Measurement:
All service providers are contractually obligated to protect your information and use it only for the purposes we specify.
If you participate in our equity incentive program, we share your name, email, identity verification results, investment history, and stockholder information with Loupt Portal LLC, an SEC-registered funding portal and FINRA member, to facilitate Regulation Crowdfunding securities offerings and comply with SEC regulations.
We may disclose your information when required by law, regulation, legal process, or governmental request, necessary to comply with securities laws (SEC, FINRA, state regulators), requested through valid subpoena, court order, or similar legal process, necessary to enforce our Terms of Service or protect our rights, necessary to protect the safety, rights, or property of Ampel, our users, or the public, or required to detect, prevent, or address fraud, security, or technical issues.
Securities Regulators: The SEC, FINRA, and state securities regulators may request access to stockholder information for examination and enforcement purposes.
Tax Authorities: We are required to report certain equity grants to the IRS and may share information as required for tax compliance.
If Ampel is involved in a merger, acquisition, asset sale, bankruptcy, or similar business transaction, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice in the Service at least 30 days before your information is transferred and becomes subject to a different privacy policy.
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for purposes such as research and analytics, industry reporting, and service improvement.
We may share your information with other third parties when you explicitly consent to such sharing.
Regardless of where you live, you have the following rights:
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). See Section 12 for detailed information.
Residents of states with comprehensive privacy laws (including Colorado, Connecticut, Virginia, Utah, Oregon, Montana, Texas, Kentucky, Indiana, Rhode Island, and others) have similar rights, including the right to access and delete personal information, the right to correct inaccurate information, the right to opt out of the sale of personal information (we do not sell personal information), the right to opt out of targeted advertising, the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects, and the right to appeal a denial of a privacy request. Please contact us at privacy@ampel.ai to exercise your rights. We will respond within the timeframe required by your state's law.
You can manage cookie preferences through your browser settings. See Section 10 for more information.
If you have provided biometric data through the identity verification process, you have specific rights under applicable state laws. See Section 6 for details.
Securities Law Exception
If you have received Class B Common Stock through our equity incentive program, we are required by federal securities laws and IRS regulations to maintain certain records even after account deletion, including:
Retention Period: These records must be maintained for at least seven (7) years after your last securities transaction, and some records may be retained permanently as required by law.
What You Can Still Delete: Even as a stockholder, you may delete your conversation history and AI chat data, profile preferences and settings, and marketing preferences.
To exercise any privacy right, email privacy@ampel.ai with your full name, the email address associated with your account, the specific right you wish to exercise, and any relevant details. We will verify your identity before processing your request and will respond within 45 days (or as required by applicable law). If we need additional time, we will notify you of the extension and the reason.
We will not discriminate against you for exercising your privacy rights. Exercising your rights will not affect the price or quality of the Service, except where a reduction in data may limit certain personalized features.
We retain different types of data for different periods:
| Data Type | Retention Period |
|---|---|
| Account data | Until you request deletion (subject to Section 4.6) |
| Conversation history | Until you delete it or close your account |
| Deleted conversations | Removed from active systems within 30 days; backup copies within 90 days |
| Usage and analytics data | Up to 2 years; may be aggregated and anonymized for indefinite retention |
| Server and security logs | Up to 90 days |
| Payment transaction metadata | 7 years (legal and tax requirements) |
| Securities-related records | At least 7 years after last transaction (some records permanently) |
| Biometric data (held by Persona) | Per Persona's retention policy; Ampel does not store biometric data |
We may retain de-identified or aggregated data that can no longer be used to identify you for an indefinite period for research, analytics, and service improvement purposes.
Input Content transmitted to third-party AI model providers may be retained by those providers in accordance with their own retention policies and our data processing agreements. We require our AI model providers to delete query data within a reasonable period, typically 30 days, except where retention is required for safety monitoring or legal compliance.
This section applies to users who participate in the equity incentive program and complete identity verification through Persona.
During identity verification, Persona collects facial geometry data, which is a mathematical representation of your facial features derived from the selfie photograph you provide. This data is compared against the photograph on your government-issued identification to verify your identity.
Biometric data is collected and used solely for: identity verification to comply with securities law KYC requirements, fraud prevention and detection, and liveness verification (confirming a live person, not a photograph).
Biometric data held by Persona will be permanently destroyed when the initial purpose for collection has been satisfied, or within the timeframe required by applicable state law, whichever is earlier. Applicable state retention limits include:
You may request deletion of your biometric data at any time by contacting us at privacy@ampel.ai, and we will instruct Persona to delete it.
Illinois Residents (BIPA). If you are an Illinois resident, under the Illinois Biometric Information Privacy Act (740 ILCS 14/1 et seq.), you have the right to receive written notice before biometric data is collected (this section serves as that notice), to provide informed written consent before collection (which will be obtained through a separate consent screen during the verification process), to know the specific purpose and length of term for which your data will be stored, and to request deletion of your biometric data.
Texas Residents (CUBI). If you are a Texas resident, under the Texas Capture or Use of Biometric Identifiers Act (Business & Commerce Code Section 503.001), you have the right to provide informed consent before your biometric data is collected, to know that your biometric data will not be sold, leased, or disclosed except as permitted by law, and that your biometric data will be destroyed within one year after the verification purpose has been satisfied.
Washington Residents. If you are a Washington state resident, under RCW 19.375, you have the right to receive notice before your biometric data is enrolled in a database, to consent to the collection and use of your biometric data, and to prevent future commercial use of your biometric data.
Before the identity verification process begins, you will be presented with a separate biometric data consent notice that complies with applicable state laws. By providing your selfie and government identification through the Persona verification flow after receiving and acknowledging the consent notice, you consent to the collection, use, storage, and eventual destruction of your biometric data as described in this section. You are not required to provide biometric data to use the core AI chat Service. Biometric data collection is required only for participation in the optional equity incentive program.
We implement administrative, technical, and physical security measures to protect your personal information, including encryption of data in transit (TLS/SSL) and at rest, access controls and authentication requirements, regular security assessments and monitoring, secure data storage through reputable cloud service providers, and employee training on data protection practices.
Our key service providers maintain industry-standard security certifications: Stripe is PCI-DSS Level 1 compliant, Persona is SOC 2 Type II and ISO 27001 certified, and Vercel and Supabase maintain SOC 2 certifications.
In the event of a data breach that compromises your personal information, we will notify affected users and applicable regulatory authorities as required by law. Notification will be provided without unreasonable delay and, where required, within the timeframes specified by applicable state and federal law (typically 30 to 72 hours after discovery, depending on jurisdiction).
No system is completely secure. Despite our efforts, we cannot guarantee absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and notifying us immediately of any unauthorized access at support@ampel.ai.
The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have inadvertently collected personal information from a child under 13, we will promptly delete that information.
Users between 13 and 18 years old may use the AI chat Service with the consent of a parent or legal guardian, as required by our Terms of Service and applicable law. These users are NOT eligible to participate in the equity incentive program, which requires users to be at least 18 years of age.
If you believe we have collected information from a child under 13, please contact us immediately at privacy@ampel.ai. We will take prompt steps to delete the information and, if appropriate, terminate the child's account.
Ampel is based in the United States, and our Service is currently available only to U.S. residents. Our data storage and processing facilities are located in the United States. If you access the Service from outside the United States, you understand that your information will be transferred to and processed in the United States, which may have different data protection laws than your country of residence.
We use cookies and similar technologies for the following purposes:
Essential Cookies: Required for the Service to function properly, including account authentication, session management, and security features. These cookies cannot be disabled without impairing the Service.
Analytics Cookies: Used through Google Analytics to collect information about how you use the Service, including pages visited, features used, and session duration. This data is collected in aggregate form.
Advertising and Measurement: We use the Meta Pixel on our website and the Meta SDK in our mobile app to measure advertising campaign performance and optimize ad delivery. The Meta Pixel places a cookie when you visit our website that helps Meta attribute app installations and other conversions to specific ad campaigns. In our mobile app, the Meta SDK collects your device's advertising identifier (IDFA) only if you grant permission via the iOS App Tracking Transparency prompt. You can opt out of Meta tracking by declining the ATT prompt on iOS, adjusting ad settings in the Facebook app, or using the Meta Privacy Center at https://www.facebook.com/privacy/center/.
You can manage or disable cookies through your browser settings. Most browsers allow you to view, delete, and block cookies. However, disabling essential cookies may prevent the Service from functioning properly. For Google Analytics specifically, you can install the Google Analytics Opt-out Browser Add-on available at https://tools.google.com/dlpage/gaoptout.
Some browsers offer a “Do Not Track” (DNT) setting. There is currently no industry standard for how companies should respond to DNT signals. We do not currently respond to DNT signals. We use Meta's advertising tools to measure our own ad campaign performance, but we do not sell your data or engage in cross-context behavioral advertising. On iOS, you can control advertising-related data collection through the App Tracking Transparency prompt, which is presented during onboarding.
Because Ampel provides access to third-party AI models, it is important that you understand how your data flows to these providers.
When you submit a query, your Input Content (the text of your prompt) is transmitted to the third-party AI model provider selected to generate a response. Metadata necessary for processing (such as conversation context and model parameters) may also be transmitted. We do not transmit your name, email address, or other account information to AI model providers.
Under our data processing agreements, AI model providers are authorized to process your Input Content solely to generate responses, apply content moderation and safety filters, and comply with applicable law. Our agreements prohibit AI model providers from using your Input Content for their own model training or for any purpose other than providing the Service.
AI model providers may temporarily retain your Input Content for operational purposes (such as abuse detection and safety monitoring), typically for no more than 30 days, after which it is deleted. We regularly review and audit our providers' data handling practices.
You can delete your conversation history at any time from your Ampel account. However, data already transmitted to AI model providers is subject to their retention policies and our data processing agreements. If you have concerns about a specific provider, please contact us at privacy@ampel.ai.
This section applies to California residents and supplements the information in this Privacy Policy with disclosures required by the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).
In the preceding 12 months, we have collected the following categories of personal information:
| Category | Examples | Source |
|---|---|---|
| Identifiers | Name, email, IP address, device ID, account ID | You, automatic collection |
| Personal information (Cal. Civ. Code 1798.80) | Name, address, SSN (equity participants), payment information | You, Stripe, Persona |
| Commercial information | Purchase history, subscription records, products/services considered | You, Stripe |
| Internet/network activity | Browsing history, interactions with Service, search history within app | Automatic collection |
| Geolocation data | Approximate location from IP address | Automatic collection |
| Biometric information (equity participants) | Facial geometry for identity verification | Persona |
| Sensory data | Audio if you use voice input features | You |
| Inferences | Preferences, characteristics, behavior patterns derived from above | Derived from collected data |
In the preceding 12 months, we have disclosed the following categories of personal information to the following categories of recipients for business purposes:
| Category | Recipients | Purpose |
|---|---|---|
| Identifiers (name, email) | Loupt Portal LLC, Persona | Securities compliance, identity verification |
| Internet/network activity | Google Analytics, Meta Platforms | Service analytics, advertising measurement |
| Commercial information | Stripe | Payment processing |
| Biometric information | Persona | Identity verification |
| Input Content (prompts) | AI model providers | Generating AI responses |
We do not sell personal information as defined by the CCPA/CPRA. We do not share personal information for cross-context behavioral advertising. If our practices change, we will update this Privacy Policy and provide a “Do Not Sell or Share My Personal Information” link.
We collect the following categories of sensitive personal information: Social Security Number (equity program participants only), government identification (equity program participants only), and biometric data (equity program participants only). We use sensitive personal information only for the purposes authorized by the CPRA, specifically for identity verification and securities law compliance. We do not use sensitive personal information for purposes beyond those listed in CCPA/CPRA Section 1798.121.
California residents have the right to limit our use of sensitive personal information to uses necessary for performing the Service. Because we use sensitive personal information only for identity verification and securities compliance (which are necessary for the equity incentive program), this limitation would not result in a change to our current practices. If you wish to exercise this right, contact privacy@ampel.ai.
Our equity incentive program, through which eligible users may receive Class B Common Stock, may be considered a “financial incentive” under the CCPA/CPRA because it provides a benefit to consumers in exchange for the collection and use of personal information (including identity verification data). The value of the financial incentive is reasonably related to the value of the consumer's data, calculated based on the administrative cost of the equity program and the average equity grant value. You may opt into the equity program through your account settings. Participation is entirely voluntary and is not required to use the AI chat Service. You may withdraw from the equity program at any time, though shares already issued will remain outstanding per securities law requirements.
To exercise your California privacy rights (including the right to know, delete, correct, and opt out), email us at privacy@ampel.ai or submit a request through your account settings. We will verify your identity before processing your request and will respond within 45 days. You may designate an authorized agent to make requests on your behalf by providing written authorization.
We may update this Privacy Policy from time to time. When we make changes, we will update the “Last Updated” date at the top of this page. For material changes, we will provide notice via email to the address associated with your account or by prominent notice within the Service at least 30 days before the changes take effect.
If you disagree with material changes to this Privacy Policy, you may close your account before the changes take effect. Your continued use of the Service after the effective date of changes constitutes your acknowledgment of the revised Privacy Policy.
If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices:
To exercise your privacy rights (access, deletion, correction, etc.), email privacy@ampel.ai with your full name, email address associated with your account, specific request, and any relevant details. We will verify your identity before processing and will respond within 45 days (or as required by applicable law).
For questions specifically about biometric data collection or to request deletion of biometric data held by Persona:
For questions about equity holdings, stockholder records, or investor relations:
BY CREATING AN ACCOUNT OR USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.
© 2026 Ampel Co. All rights reserved.