Privacy Policy
How OpenOS handles information and customer data.
This page summarizes the published OpenOS Privacy Policy for website visitors, customers, procurement teams, and privacy reviewers evaluating how data is collected, used, protected, and governed across OpenOS services.
Information collected
The Privacy Policy states that OpenOS provides AI, analytics, process intelligence, workflow optimization, knowledge management, and data-processing solutions primarily for business and enterprise customers.
The policy describes several broad categories of information that may be processed, including account information such as names, business emails, organization names, usernames, and authentication credentials; customer data such as uploaded datasets, documents, workflows, operational records, knowledge repositories, and other enterprise information; and technical and usage information such as IP addresses, browser and device details, login activity, diagnostics, system performance data, and security or audit logs.
How information is used
OpenOS states that information may be processed to operate and deliver services, authenticate users, maintain platform security, monitor reliability, improve system functionality, generate analytics and insights, respond to support requests, prevent misuse or unauthorized access, and comply with legal obligations.
The source policy also notes that OpenOS services may use AI technologies, including large language models and machine learning systems, to analyze customer-provided information, generate summaries or recommendations, identify patterns, and assist with workflow or process optimization.
AI processing, ownership, and sharing
OpenOS states that AI-powered outputs are intended to support decision-making and should be reviewed by qualified personnel before being used for critical business decisions. The Privacy Policy also states that customer data is not used to train public AI models unless that use is explicitly authorized through a separate agreement.
Customers retain ownership of customer-provided data, while OpenOS acts as a service provider and processor of that data. The policy states that OpenOS does not sell, rent, or commercially exploit customer data.
Information may be shared with authorized service providers that support infrastructure, hosting, security, or technical operations, with legal authorities where disclosure is required by law or necessary to protect legal rights, and in connection with corporate transactions such as mergers or restructuring where applicable protections apply.
Security, retention, and rights
The Privacy Policy describes technical and organizational safeguards such as encryption in transit, role-based access controls, authentication mechanisms, and audit logging. It also states that information is retained only as long as needed for legitimate business, operational, contractual, or legal purposes.
The published policy covers user rights, including rights related to access, correction, deletion, objection, and data portability where applicable, as well as specific rights under India’s Digital Personal Data Protection Act (DPDP Act), 2023. It also includes sections on children’s privacy, third-party links, cookies and essential technologies, policy updates, and grievance or contact pathways.
Privacy questions, requests, or grievance-related communications can be directed to hello@openost.com. Teams that need the original Word version can download the source document above.