OpenOS Technologies

Built For Enterprise Review

Clear answers across privacy, security, and AI governance.

Whether you are evaluating OpenOS for procurement, legal due diligence, or an AI governance review, this Trust Center provides the core material buyers usually request first.

Privacy & data protection

OpenOS acts as a service provider and processor, handling customer data solely to deliver contracted services.

  • Customer data ownership stays with the customer
  • Privacy practices are documented and reviewable
  • DPA, Privacy Policy, and Cookie Policy are linked publicly

Security & platform reliability

OpenOS documents layered safeguards covering access controls, transport security, monitoring, resilience, and response processes.

  • Role-based access controls and account protections
  • HTTPS/TLS for data in transit
  • Incident response and operational continuity practices

Responsible AI

AI is used to support decision-making, not replace human judgment, with transparency and review expectations built into the policy framework.

  • Human-in-the-loop oversight
  • Transparency around AI-generated outputs
  • No public model training on customer data without written agreement

Data lifecycle management

Retention, deletion, backup handling, and data return expectations are covered through dedicated lifecycle and DPA documentation.

  • Retention categories and timelines are documented
  • Deletion requests are supported under applicable agreements
  • Customer data is retained only for legitimate business or legal purposes

Procurement & legal review

Enterprise buyers can review contractual and procurement-facing policies before deeper diligence or commercial conversations.

  • Terms of Service and DPA
  • Disclaimer and Subprocessor List
  • Privacy, retention, and cookie documentation

Security researcher support

OpenOS publishes responsible disclosure guidance for security researchers and customers who identify vulnerabilities affecting OpenOS systems.

  • Reporting process and scope details
  • Safe harbor and responsible disclosure guidance
  • Public contact pathway for security reports

Resources

Every trust resource in one place.

Use these pages during enterprise sales cycles, security reviews, legal diligence, and AI governance conversations.

Privacy

Privacy Policy

How OpenOS collects information, uses it, protects it, and responds to user rights requests.

  • Information categories
  • Legal basis and data sharing
  • DPDP and contact details
Open page
Security

Security Overview

Core security principles, platform safeguards, incident response, and customer responsibilities.

  • Access controls and encryption
  • Continuity and resilience
  • Security contacts
Open page
Responsible AI

AI Usage Policy

Responsible AI expectations across oversight, transparency, fairness, privacy, and reporting.

  • Human review expectations
  • AI limitations and accuracy
  • Customer data and model training rules
Open page
Contracts

Terms of Service

Service terms, account responsibilities, acceptable use, data rights, and commercial provisions.

  • Use of AI services
  • Security and confidentiality
  • Liability and termination terms
Open page
Procurement

Data Processing Addendum

Processor obligations, security measures, transfers, sub-processors, and audit considerations.

  • Controller and processor roles
  • Rights and breach notification
  • Return or deletion of data
Open page
Lifecycle

Data Retention & Deletion

Retention windows, deletion practices, backups, anonymization, and customer request handling.

  • Retention categories
  • Account termination handling
  • Deletion and backup practices
Open page
Cookies

Cookie Policy

How OpenOS uses essential and security-focused cookies across the website and product properties.

  • Cookie categories
  • Session and persistent cookies
  • Managing cookie preferences
Open page
Security research

Vulnerability Disclosure

How security findings can be reported responsibly and the guidelines OpenOS asks researchers to follow.

  • Scope and reporting steps
  • Safe harbor guidance
  • Authorized versus prohibited activity
Open page
Vendors

Subprocessor List

Categories of third-party providers that may support infrastructure, AI, storage, and security functions.

  • Provider categories
  • Transfer and due diligence controls
  • Update and contact process
Open page

FAQ

Fast answers for enterprise review teams.

These are the questions buyers and governance stakeholders most often need answered early.

Does OpenOS sell customer data?

No. OpenOS states that customer data remains customer-owned and is processed solely to provide contracted services, maintain platform functionality, support security operations, and fulfill related obligations.

Can OpenOS support procurement and security reviews?

Yes. The Trust Center brings together privacy, DPA, security overview, AI policy, retention, cookie, disclosure, disclaimer, and subprocessor material in one place.

Does OpenOS use customer data to train public AI models?

OpenOS states that customer data is not used to train public AI models unless explicitly agreed in writing with the customer through a separate agreement.

How can a security issue be reported?

Security-related questions and responsible disclosure reports can be sent to hello@openost.com, with full guidance published in the Vulnerability Disclosure Policy.