AMPLL App Permissions Explained

To provide you with insights and coaching about your working style and habits, AMPLL needs access to some of your activity data. You can grant the AMPLL app this access via standard permissions on your devices and within your applications.

This page illuminates the minimum set (required) of permissions the AMPLL app needs to be functional and the (optional) full set of permissions that enhance its utility. For each permission requested below, you’ll see why AMPLL needs the specific permission, exactly what it uses the access for, and of equal importance, what AMPLL does not do with these permissions.

For a detailed explanation of each requested permission, click its name below.

Required Permissions

AMPLL is currently available for people using either Google Calendar or Microsoft Outlook 365 calendar.  Here are the permissions with these providers AMPLL needs to function:

    •  

Optional Permissions

On Your Mac

Beyond typical "screen time" statistics, AMPLL can more intelligently model your energy based on time you spend in conferencing applications, email, chat applications like Slack, and focus time applications. This data works in conjunction with your calendar schedule to create a full set of insights. The ability to measure your application usage on Mac requires two different privileges - Accessibility and Screen Recording:

Cloud Applications

In addition to the base set of permissions above, AMPLL offers the following optional integrations to maximize the work style insights it can provide to you. 

      • Email (Google Gmail, Microsoft 365, Microsoft Outlook)
      • Cloud File Systems (Google Drive, Microsoft OneDrive, Microsoft 365)
      • Microsoft Teams coming soon
      • Slack
  •  
  •  

Detailed Explanations...

 

Login (Google, Microsoft, and Slack)

What is being requested...

      • Microsoft calls this login permission “Sign you in and read your profile.”
      • Google calls these login permissions “See your personal info, including any personal info you’ve made publicly available” and “See your primary Google Account email address.”
      • Slack calls this login permission “View information about your identity.”

Why this is requested...

This access is used to create and access your AMPLL user account. AMPLL currently supports login services from Google, Microsoft, and Slack. As such, AMPLL never stores your passwords. Moreover, by utilizing these providers, you can take advantage of their native password recovery, multi-factor authentication, and security audit features. Both providers also let you revoke access to apps like AMPLL at any time.

How your data is used...

In addition to logging you in, AMPLL stores your email, full name, and profile image to create your user account.

How your data is not used...

Your personal information accessed from creating an account and logging into AMPLL will:

      • Never be sold to a third party.
      • Not be used in any other way beyond delivering you the service represented by the AMPLL app and its functionality.
      • Not be kept beyond your direction: You can delete your personal information at any time from within the app.

Back to the full list

Calendar Access (Google & Microsoft)

What is being requested...

      • Microsoft calls these calendar permissions “Have full access to your calendars” and “Read your contacts.”
        Google calls the read-only calendar permission “See and download any calendar you can access using your Google Calendar.”
      • Google calls the calendar write permission “View and edit events on all your calendars.” Note: For Google, the ability to write calendar events is separate and optional while Microsoft combines this access into a single permission.
google-calendar-permissions

Why this is requested...

AMPLL requests both read and write access to your calendars. Read access to your calendars allows AMPLL to analyze your schedule, provide you with real-time working style insights and coaching based on your preferences. Write access to your calendars is used to reserve specific time on your calendar, such as focus time or well-being time so you can block out your availability for this activity. Note: The schedule reservation feature is currently in testing and will be released in the app soon.

Calendar permissions are required to use AMPLL because your schedule management is central to providing insights and coaching around your working style and work/life integration habits. For instance, your potential for “Zoom fatigue” from remote meetings and ability to find uninterrupted time for focused work are vital to measuring your energy and delivering customized coaching.

How your data is used...

In general, AMPLL aims to use and store only the metadata about your calendar - the date, time, duration, meeting name, the meeting location, and the meeting participants. To enable detection of remote meetings, AMPLL inspects the content of the meeting invitation for fingerprints of conferencing applications, including Zoom, Google Meet, and Microsoft Teams. While AMPLL does store metadata about underlying conferences, it does not store the contents of the meeting invitation itself. To parse your recipient list, use of the Microsoft programming interface also entails a permission to read your contacts.

How your data is not used...

Your calendar data accessed by using the AMPLL app will:

      • Never be sold to a third party.
      • Not be shared with anyone at your company in an identifiable way, without your express permission.
      • Not be used in any other way beyond delivering you the service represented by the AMPLL app and its functionality.
      • Not be kept beyond your direction: You can delete your personal information at any time from within the app.

        Back to the full list

Accessibility on Mac

What is being requested...

      • Apple bundles a set of system access privileges under the “Accessibility” section of “System Preferences” on Mac computers. These privileges can only be used by applications if they are granted by the device’s owner.
accessibility-permission

Why this is requested...

The "Accessibility" permission is not appropriately named for the way AMPLL uses the access it allows on the system. For context, most Mac applications are designed to be self-contained and don’t have any valid reason to observe other applications running on the device. As such, Apple created a special permission for those applications that do have valid reasons to observe (and sometimes interact with) other applications. Many other applications requiring this permission are designed to assist those with disabilities, such as screen reading applications for the blind, so Apple bundled the system permissions needed to observe other applications under the “Accessibility” section.

AMPLL requires this permission to detect the time you spend working in your various applications, as well as to detect when you are away from your computer. This information is used in conjunction with your calendar data to provide you with real-time working style insights and coaching based on your preferences.

How your data is used...

The time you spend working on your computer in various applications is organized into “activity slices” by AMPLL. This activity data is also grouped by activity types such as meetings (like Zoom and Google Meet), impromptu conversations (like chat and email), focus time (like in documents or coding apps), and well-being (like listening to music). All of the work activity on your computer is then represented in the AMPLL app both in terms of how it impacts your energy levels throughout the day and in a detailed log and calendar view format designed to deliver you insights about your working style over time.

How your data is not used...

Unlike many applications that use Accessibility permissions, AMPLL does not record or store any of your input or output activities, such as keyboard inputs, mouse movements, display, or speaker activity. Additionally, your data accessed via the “Accessibility” privileges by using the AMPLL app will:

      • Never be sold to a third party.
      • Not be shared with anyone at your company in an identifiable way, without your express permission.
      • Not be used in any other way beyond delivering you the service represented by the AMPLL app and its functionality.
      • Not be kept beyond your direction: You can delete your personal information at any time from within the app.

Back to the full list

Screen Recording on Mac

What is being requested...

      • Apple bundles a set of system access privileges under the “Screen Recording” section of “System Preferences” on Mac computers. These privileges can only be used by applications if they are granted by the device’s owner.
screen-recording-permission
Why this is requested...

The "Screen Recording" permission is also not appropriately named for AMPLL. AMPLL does not record your screen. In fact, there is no capability in the AMPLL app to make an image recording of what is on your screen at all. However, this privilege is required by Mac OS X 10.15 (Catalina) and higher for an application to see the names of the open windows on your computer.

AMPLL requires this permission to detect the time you spend working in your various applications, as well as to detect when you are away from your computer. Knowing the application names you spend time in on your Mac is only possible by enabling this “Screen Recording” privilege. This is essential data for AMPLL to be able to create an accurate picture of your working style and provide you with relevant data-driven coaching.

How your data is used...

For known applications, AMPLL uses this permission and stores information about the open windows on your computer, including the timestamp, window title, application name, and the underlying process ID.

The time you spend working on your computer in various applications is organized into “activity slices” by AMPLL. This activity data is also grouped by activity types such as meetings (like Zoom and Google Meet), impromptu conversations (like chat and email), focus time (like in documents or coding apps), and well-being (like listening to music). All of the work activity on your computer is then represented in the AMPLL app both in terms of how it impacts your energy levels throughout the day and in a detailed log and calendar view format designed to deliver you insights about your working style over time.

AMPLL gives you control of the data it incorporates from your device. You can see the list of known applications you have used in the Settings window. You can also suppress the usage and storage of information about known applications in the Settings area of the AMPLL app.

How your data is not used...

Your data accessed via the “Screen Recording” privileges by using the AMPLL app will:

      • Never be sold to a third party.
      • Not be shared with anyone at your company in an identifiable way, without your express permission.
      • Not be used in any other way beyond delivering you the service represented by the AMPLL app and its functionality.
      • Not be kept beyond your direction: You can delete your personal information at any time from within the app.

Back to the full list

Email Read-only Access

What is being requested...

      • Microsoft calls this email permission “Read your mail.”
      • Google calls this email permission “View your email messages and settings.”
google-email-permissions-1
Why this is requested...

As an optional capability, AMPLL can detect the time you spend reading and writing emails. To perform these functions, AMPLL requests email permissions.

We recognize that there are many security implications around email privileges and remain vigilant to minimize the data used and stored by AMPLL. Still, with the “always on” culture in modern work and the growing incidence of burnout (even as documented by the World Health Organization), we feel that providing objective measurements of time spent reading and composing emails can be both useful and important.

How your data is used...

AMPLL neither “reads” nor stores the contents of your email. However, the limitations of the providers’ programming interfaces require AMPLL to request "read" permissions to obtain the metadata used to measure the time you spend on email.

To determine whether you are reading email, AMPLL looks for the marking of messages from “unread” to “read.” It also looks for the deletion or movement of email from the Inbox. To identify the emails you interact with, AMPLL stores the mailbox ID, timestamps, and counter of overall message changes (read, moved, deleted). AMPLL does not store any content of your emails.

To determine whether you are composing emails, AMPLL uses two different methods. If your email client writes to the Drafts folder, AMPLL looks for the writes to the Drafts folder and changes to underlying word counts to measure the actual time you spent writing emails. If your email client does not write to the Drafts folder, AMPLL simply stores a word count for the sent email to estimate the time you spent writing them. Similarly, to analyze email messages you sent prior to setting up your AMPLL account, AMPLL uses this sent email word count method. To identify individual emails you compose, AMPLL also stores their unique IDs (mailbox ID, message ID, thread ID), timestamps, message sent status, the from name and email address, and recipients’ names and email addresses. The recipient information is used to show you the time you spent on specific emails in the AMPLL app user interface. AMPLL does not store any content of the emails you compose.

How your data is not used...

Your email data accessed by using the AMPLL app will:

      • Not store your email data beyond what is listed above.
      • Never be sold to a third party.
      • Not be shared with anyone at your company in an identifiable way, without your express permission.
      • Not be used in any other way beyond delivering you the service represented by the AMPLL app and its functionality.
      • Not be kept beyond your direction: You can delete your personal information at any time from within the app.

Back to the full list

Cloud File System Metadata

What is being requested...

      • Microsoft calls this file sharing permission “Read all the files you have access to.”
      • Google calls this file sharing permission “See information about your Google Drive files.”
google-drive-permissions-1
Why this is requested...

As an optional capability, AMPLL can measure the time you spend in your files accessed via cloud systems, including those written to Google Drive by Google Docs, Google Sheets, Google Slides or those written to Microsoft OneDrive by Microsoft 365 applications. The aim is to help you measure your uninterrupted “deep work.”

Providing objective measurements of “focus time” was a top concern in the market research that informed functionality for the AMPLL app. This file metadata permission for cloud systems provides a good balance of measurement ability with minimal privileges. In addition, with the growing use of real-time document sharing during meetings, the AMPLL can begin to help you track and measure the efficacy of modern business habits.

How your data is used...

With its requested permissions to read shared file metadata, AMPLL can view information about your activity on files. To measure time spent in files, AMPLL stores the file's unique ID, file name, file content type, revision ID, timestamp, and the name and email address of the user making the revision for each activity. AMPLL does not read or modify your file contents.

How your data is not used...

Your file data accessed by using the AMPLL app will:

      • Not store your file data beyond what is listed above.
      • Never be sold to a third party.
      • Not be shared with anyone at your company in an identifiable way, without your express permission.
      • Not be used in any other way beyond delivering you the service represented by the AMPLL app and its functionality.
      • Not be kept beyond your direction: You can delete your personal information at any time from within the app.

Back to the full list

Slack

What is being requested...

      • Slack calls the permissions for public channel access “View messages and other content in your public channels” and “View messages about public channels in your workspace.”
      • The permissions the AMPLL app uses to show where your time in Slack was spent are called “View the name, email domain, and icon for the workspaces you’re connected to,” “View people in your workspace,” and “View email addresses of people in your workspace.”
Why this is requested...

As an optional capability, AMPLL can measure some of the time you spend in Slack more accurately by connecting to your workspace, such as time using Slack from your mobile phone, as well as from your historical usage prior to creating your AMPLL account. The interpretation of time you spend on Slack using this method augments the Slack application usage detected by the AMPLL app on your Mac for a better picture of your time.

How your data is used...

Information about your Slack usage is limited to information about messages written or Slack calls in public channels. AMPLL does not store the content of your messages or listen to the content of your calls. In addition, AMPLL does not see information from your private DMs, your private group DMs, and your private channels at all.

To read information about your activity in public channels, AMPLL requests access to view information about your public channels. Information collected from your Slack messages include the message ID, timestamp, word count, public channel ID, public channel name, workspace ID, and the internal ID of the message author. AMPLL does not store the content of the Slack messages. To help make the collected data readable in the AMPLL application, AMPLL collects some information about the workspace itself and the users to convert machine-generated IDs into human-readable names.

Information collected from your Slack calls include the call ID, timestamp, public channel ID, public channel name, workspace ID, and the internal ID of the call originator. AMPLL does not have the permissions to listen to your calls.

How your data is not used...

Your Slack data accessed by using the AMPLL app will:

      • Not store your Slack data beyond what is listed above.
      • Never be sold to a third party.
      • Not be shared with anyone at your company in an identifiable way, without your express permission.
      • Not be used in any other way beyond delivering you the service represented by the AMPLL app and its functionality.
      • Not be kept beyond your direction: You can delete your personal information at any time from within the app.

Back to the full list