How it worksWhy Agentic PlatformWhat StrategiesUse CasesServicesPartnersFAQContactsDocsBook a demo

Privacy Policy

Last updated: February 2, 2026

1. Introduction

OpenProdkt ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Agentic Platform and related services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our Services, including:

  • Account information (name, email address, company name)
  • Billing and payment information
  • Configuration data for workflows and automation
  • Support requests and communications
  • Feedback and survey responses

2.2 Information Collected Automatically

When you access our Services, we automatically collect certain information, including:

  • Log data (IP address, browser type, pages visited, timestamps)
  • Usage metrics and performance data
  • Device information (operating system, device type)
  • Cookies and similar tracking technologies

2.3 Tenant Data

Our platform operates on a Control Plane / Data Plane architecture. Your tenant Data Plane executes workflows in an isolated environment. The Control Plane collects metadata about workflow execution (execution plans, policy decisions, metering data) but does not access tenant secrets or proprietary data stored in your Data Plane.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Provide, operate, and maintain our Services
  • Process transactions and send billing information
  • Improve and personalize user experience
  • Communicate with you about updates, security alerts, and support
  • Monitor and analyze usage and trends
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our Terms of Service
  • Generate anonymized analytics and aggregate statistics

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information in the following circumstances:

  • Service Providers: With third-party vendors who perform services on our behalf (hosting, payment processing, analytics) under strict confidentiality agreements
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, where your information may be transferred
  • Legal Requirements: When required by law, subpoena, or legal process, or to protect our rights, property, or safety
  • With Your Consent: When you explicitly authorize us to share information with third parties

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption in transit (TLS) and at rest
  • Isolated tenant Data Planes with network boundaries
  • Cryptographic signing and verification of execution plans (ES256)
  • Access controls and role-based permissions
  • Regular security audits and vulnerability assessments
  • Incident response and breach notification procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. When you terminate your account, we will delete or anonymize your personal information within 90 days, except for data we are required to retain for legal, tax, or regulatory purposes.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Portability: Request transfer of your data to another service provider
  • Objection: Object to certain processing activities
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at privacy@openprodkt.com.

8. Compliance with GDPR and HIPAA

8.1 GDPR Compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). We process your personal data lawfully, fairly, and transparently. You have the rights outlined in Section 7, and you may file a complaint with your local data protection authority.

8.2 HIPAA Compliance

For healthcare customers handling Protected Health Information (PHI), we offer HIPAA-compliant configurations and will execute a Business Associate Agreement (BAA). Our isolated Data Plane architecture ensures PHI remains within your controlled environment and is not exposed to the Control Plane.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We implement appropriate safeguards, including Standard Contractual Clauses approved by the European Commission, to ensure your data receives adequate protection.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and provide personalized content. You can control cookies through your browser settings. Disabling cookies may limit certain features of our Services.

11. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of the Services after changes indicates acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@openprodkt.com

Address: OpenProdkt, [Company Address]