Privacy & Security
Amanda 2.0 was designed with a privacy-first architecture. Unlike cloud-based AI assistants that store, log, and potentially train on your conversations, Amanda keeps everything on your machine.
Your conversations are never stored on ThirdRez servers and are never used for model training. Period.
Client-Side Storage
All conversation history is stored exclusively in your browser's localStorage:
- No database — ThirdRez does not maintain any conversation database
- No cloud backup — There is no sync, export, or remote storage of your chats
- No server-side persistence — When a conversation is processed, the response is streamed back and immediately discarded server-side
- User control — Click "Clear All Data" and everything is permanently, irrevocably erased
Storage Implementation
localStorage key format: thirdrez-ai:conversations:{user_scope}
Each user (or guest session) has an isolated storage namespace. Conversations from different accounts never intersect.
Session-Only Memory
Amanda has no continuous memory across sessions or conversations:
- Each conversation thread is independent
- Amanda does not remember previous threads
- Closing a tab and reopening preserves the localStorage data, but Amanda processes each thread from scratch
- There is no persistent user profile that Amanda learns from over time
This is by design. Persistent memory creates privacy risks. We chose statelessness.
File Processing
When you attach files (PDF, DOCX, code, etc.):
- File content is extracted entirely in the browser using client-side parsers
- The extracted text is included in your message payload
- No file is ever uploaded to ThirdRez servers — only the extracted text is sent as part of the conversation context
- After processing, no copy of the file or its content persists server-side
API Communication
Messages are transmitted to Amanda's processing core via encrypted HTTPS (TLS 1.3):
| Layer | Protection |
|---|---|
| Transport | TLS 1.3 encryption for all API requests |
| Authentication | Server-side API key management — keys are never exposed to the client |
| Rate Limiting | IP-based and user-based rate limiting to prevent abuse (30 requests/minute) |
| Input Validation | Schema-validated payloads with Zod; malformed requests are rejected |
| No Logging | Conversation content is not logged, stored, or cached server-side |
What We Collect
For billing and authentication purposes, we track:
- User ID (from Supabase auth) — for tier validation
- Daily message count — for free tier enforcement (10 messages/day)
- IP-based rate limits — in-memory only, pruned automatically every 60 seconds
We do NOT collect:
- ❌ Conversation content
- ❌ File contents
- ❌ Prompt history
- ❌ User behavior analytics
- ❌ Model interaction logs
- ❌ Training data from any user interaction
Zero-Censorship Policy
ThirdRez is an adult-friendly (+18) ecosystem. As the creators of premium adult animations, the Kinetiq motion engine, and a full Second Life marketplace, we maintain a no-judgment, zero-censorship stance.
Amanda 2.0 does not:
- Refuse creative prompts based on moral judgments
- Add unsolicited disclaimers to adult content
- Report, flag, or escalate user conversations
- Apply content filters beyond what the user selects via personas and modes
Your conversations are yours. Amanda is a tool, not a chaperone.
Data Deletion
To permanently delete all Amanda data:
- Open the Amanda 2.0 interface
- Click "Clear All Data" in the sidebar
- Confirm the deletion
This removes all localStorage entries with the thirdrez-ai: prefix. The action is immediate and irreversible. There is no server-side data to request deletion of, because none exists.