Privacy Policy

Last updated: April 9, 2026

OperonAI provides AI-powered workflow and operations software for business teams. This policy outlines how we collect, use, and protect information from visitors and product users.

1. Information We Collect

• Account data — name, email address, organization name, and authentication credentials you provide during registration.
• Operational data — tasks, reminders, contacts, partner records, comments, and other content you submit into the product.
• Usage and technical data — browser type, IP address, device information, and interaction logs necessary to operate, secure, and improve the service.
• Billing data — payment and subscription information processed through our Merchant of Record partner (Paddle). We do not store full payment card details.

2. How We Use Information

• To provide, maintain, and improve the OperonAI service.
• To support authentication, access control, and product security.
• To process payments and manage subscriptions.
• To send important service, billing, or security notifications.
• To power AI features you explicitly enable (task analysis, recommendations, nudge reminders).

3. AI Data Processing

When AI features are enabled, task and team context may be processed by third-party AI providers (Google, OpenAI, Anthropic, or OpenRouter) configured by your organization administrator. AI processing is tenant-scoped and occurs only for the specific organization that enabled it. No AI provider retains your data for model training.

4. Data Sharing

We do not sell personal information. Data may be shared with infrastructure and service providers strictly for hosting, security, email delivery, payment processing, and product operations. Each provider is bound by their own privacy obligations.

5. Data Isolation

OperonAI is a multi-tenant system with strict organization-level data isolation. Each organization's data is separated through row-level security policies. Users in one organization cannot access data belonging to another organization.

6. Security

We use industry-standard technical and organizational measures to protect your data, including encrypted connections (TLS), row-level security in the database, role-based access control, and audit logging. No method of transmission or storage is absolutely secure, so we cannot guarantee absolute security.

7. Data Retention

We retain data for as long as needed to provide the service and meet legal obligations. When an account or organization is deleted, associated data is removed within a reasonable timeframe, except where retention is required by law.

8. Your Rights

Depending on your jurisdiction, you may have rights related to accessing, correcting, deleting, or porting your personal data. To exercise these rights, contact us through the channels listed below.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated through the product or via email to account owners.

10. Contact

For privacy-related inquiries, contact us at [email protected] or through the contact page.