Privacy Policy

1. Who We Are

OpSystem is operated by Experienced Results LLC, a Mississippi limited liability company ("we," "us," or "our"). This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the OpSystem platform ("Service").

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and the business information you provide during onboarding (business name, phone, website, industry).

Vault Data

All data you input into your vault (client records, job details, financial information, documents, photos, communications) is stored in your isolated vault. We process this data to provide the Service.

Usage Data

We collect usage metrics including API token consumption, feature usage counts, login timestamps, and IP addresses for billing, security, and service improvement purposes.

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers or bank account details on our servers. Stripe's privacy policy applies to payment data.

3. How We Use Your Information

• To provide, maintain, and improve the Service
• To process your AI requests via the Anthropic Claude API
• To send automated communications on your behalf (SMS, email) via Twilio and Mailgun
• To process payments and manage subscriptions via Stripe
• To send service notifications (account, billing, security alerts)
• To detect and prevent fraud, abuse, and security incidents
• To comply with legal obligations

4. Third-Party Services

We use the following third-party services to operate OpSystem. Your data is shared with these services only as necessary to provide the Service:

Anthropic does not use your data to train their AI models. See Anthropic's commercial terms for details.

5. Data Storage and Security

Your data is stored on Hetzner Cloud servers. Each customer's vault lives in its own isolated filesystem directory and is never colocated with another customer's data in a shared database row.

• All connections encrypted with TLS 1.3
• Authentication tokens stored in httpOnly secure cookies
• 20-point security audit on every deployment
• Role-based access control on all API endpoints
• Path traversal protection on all vault operations

6. Data Retention

We retain your data for the duration of your subscription plus 30 days. After cancellation, you may request a full data export. After the 30-day retention period, all data is permanently deleted from our servers and backups.

Audit logs and billing records may be retained for up to 7 years as required by tax and accounting regulations.

7. Your Rights

You have the right to:

• Access your data at any time through the Service
• Export your complete vault as a ZIP archive
• Correct any inaccurate personal information
• Delete your account and all associated data
• Restrict processing of your data (by downgrading or disabling features)
• Object to processing for marketing purposes

To exercise any of these rights, contact us at privacy@opsystem.ai

8. Cookies

The OpSystem app uses a single httpOnly secure session cookie for authentication. We do not use tracking cookies, advertising cookies, or third-party analytics on the application. The marketing site (opsystem.ai) may use minimal analytics in the future, with separate disclosure.

9. Children's Privacy

OpSystem is designed for business use and is not intended for children under 16. We do not knowingly collect personal information from children.

10. Changes

We may update this Privacy Policy with 30 days' notice via email. Material changes will be highlighted at the top of this page.

11. Contact

Privacy questions or requests? Contact us at privacy@opsystem.ai

Experienced Results LLC
Hurley, Mississippi 39555
United States