Privacy Policy — Amber's Angels

Introduction
Privacy-by-Design Framework
What We Collect
Data Retention Schedule
What We Never Do
Volunteer Accountability
AI Ethics & Bias
Regulatory Alignment
Contact & Requests

1. Introduction

Amber's Angels Inc. is a Georgia-based 501(c)(3) nonprofit organization that deploys a volunteer-driven, AI-powered search platform during government-issued missing person emergencies (AMBER Alerts, Silver Alerts, and others).

We are committed to the highest standards of privacy and ethical AI deployment. Our platform is designed to act as a force multiplier for law enforcement while strictly adhering to a Privacy-by-Design philosophy.

Plain language summary: We never store your video. We only run when an alert is active. We never sell your data. Every AI detection is reviewed by a human before anything reaches law enforcement.

2. Privacy-by-Design Framework

Unlike traditional surveillance systems, Amber's Angels does not build persistent databases of citizen movement. Our technology is event-triggered and ephemeral by architectural design — not just by policy.

No Video Archiving

Raw video streams from volunteer drones and smartphones are processed entirely in memory. Once the inference engine analyzes a frame, it is immediately discarded — it is never written to disk, transmitted to a server, or accessible to any human. This is enforced at the code level, not by an administrative policy that could be overridden.

Event-Triggered Only

Our detection pipeline only activates during declared, government-issued alerts consumed from the FEMA IPAWS official feed. Between alerts, the platform is completely dormant. There is no passive background collection.

Mission Specificity

Volunteers explicitly opt in to each individual search mission. Accepting one mission does not grant consent for any other. Volunteering for one alert type (e.g., AMBER) does not auto-enroll you in others.

Facial Obfuscation

Our processing pipeline includes automated protocols to obfuscate faces and the license plates of non-suspect vehicles in any data that progresses to coordinator review. Innocent bystanders are protected by default.

3. What We Collect

We practice strict data minimization — we collect only what is operationally necessary for the active mission.

From Volunteers (App Users)

Identity information: Name, email address, government-issued ID (for verification), and background check results. Required for vetting and accountability.
GPS telemetry: Your location during accepted missions only. Used for sector assignment, coverage mapping, and mission coordination.
Device metadata: Device type and OS version for technical support purposes only.

Detection Events

When the AI detects a potential match above our confidence threshold, a detection record is created containing: GPS coordinates at the moment of detection, a timestamp, the vehicle's make/model/color as classified by our AI, and the plate OCR result (if readable).
Detection records contain no raw video or imagery.
Detection records are only created for events that pass our two-factor scoring threshold. The vast majority of frames generate no record at all.

Website Visitors

This website is hosted on GitHub Pages. We do not use cookies, tracking pixels, or analytics scripts. GitHub may collect standard server access logs (IP address, browser type, page requested) per their own privacy policy.

4. Data Retention Schedule

Data Type	Purpose	Retention Period	Who Can Access
Raw video frames	Real-time inference only	Not retained — deleted post-inference	Processing system only (ephemeral)
GPS telemetry	Mission mapping and coverage analysis	90 days	Mission coordinators only
Detection records	Law enforcement leads (plate + VMMC data)	1 year	Coordinators + law enforcement on active case
Volunteer identity	Background checks, accountability, vetting	Duration of volunteer status + 1 year	Admin only
Alert metadata	FEMA IPAWS source, timestamp, activation log	2 years (compliance)	Admin only

All retention schedules are enforced at the infrastructure level through automated deletion routines — not dependent on manual processes.

5. What We Never Do

Sell, rent, or share volunteer or detection data with any commercial entity, data broker, or advertiser.
Operate detection capabilities continuously — between active alerts, the platform is dormant.
Build citizen movement profiles — without persistent video storage, no searchable history of any individual's location can exist.
Share data with immigration enforcement or any agency outside the scope of the triggering missing person alert.
Allow AI results to reach law enforcement without human coordinator review.
Collect data from people who have not explicitly enrolled as volunteers and accepted a mission.

6. Volunteer Accountability & Vetting

All volunteers must complete a background screening prior to receiving platform access. This is a requirement of our law enforcement partnerships and a commitment to the communities we serve.

Vetting Requirements

Government-issued ID verification
Criminal background check (third-party provider)
Completion of the Amber's Angels Volunteer Training Program
Signed Data Use Agreement acknowledging privacy responsibilities
FAA Part 107 Remote Pilot Certificate (drone pilots only)

Data Use Agreement

Volunteers explicitly agree to the following prohibitions: no independent video recording during missions, no social media posts about active searches, no sharing of operational details outside the platform, no contact with suspects or law enforcement on behalf of the organization. Violations result in immediate revocation of access.

7. AI Ethics & Bias Mitigation

Our AI models (YOLOv8, MobileNetV3, OpenALPR) are mission-scoped detection tools — not autonomous decision-makers.

Human-in-the-Loop by Design

No detection result is ever transmitted directly to law enforcement. Every potential match is reviewed by a trained coordinator before escalation. The AI surfaces leads; humans validate them. This is a structural constraint, not a preference.

Bias Awareness

We acknowledge that vehicle recognition AI can carry training data biases. Our team monitors for disparate false-positive rates across vehicle types and geographic contexts. We are committed to publishing model performance audits as our labeled dataset grows through pilot operations.

Transparency

Our general system architecture and data governance policies are public. We welcome scrutiny from civil liberties organizations, academic researchers, and grant oversight bodies. To request a technical briefing, email info@amberangels.org.

8. Regulatory Alignment

Framework	Our Position
COPPA	No minors may create volunteer accounts. The platform does not interact with child users.
CCPA / State Privacy Laws	Ephemeral processing and no commercial data sharing keeps us within applicable state-level requirements.
FAA Part 107	All drone operations require certified pilots or supervised training. No autonomous drone flight.
FEMA IPAWS	We consume official IPAWS feeds only. We do not generate or amplify unofficial alerts.
GDPR (informational)	Our privacy-by-design architecture aligns with GDPR principles, positioning us for future expansion.

9. Contact & Data Requests

Questions regarding this policy, privacy concerns, or requests for records deletion may be directed to:

Amber's Angels Inc.
Email: info@amberangels.org
Website: amberangels.org

We will respond to all privacy requests within 30 days.

Privacy Policy & Data Governance

Contents