Privacy policy

Last updated: 18 April 2026

This policy describes the personal data we collect through this website and through our appliance service, and what we do with it. It is drafted in plain language; the binding legal document is our Data Processing Agreement (DPA) available on request.

Website

This website sets no third-party tracking cookies. We log request method, path, status, approximate size, and an anonymised client IP for thirty days for abuse detection and capacity planning. We do not share these logs.

Contact form

When you submit the contact form we collect your name, email, optional company and team size, and the message you sent us. We retain these records for 24 months from last contact, then delete them.

Appliance service

The appliance keeps your prompts, documents, and audit bodies on your premises. The central plane receives heartbeats, signed audit heads, virtual-key metadata, and usage rollups. It never sees prompt or response content.

For staff access to the operator portal we rely on OIDC identities from your chosen IdP. We store the minimum necessary to run a session: subject, email, display name, and role claims.

Contact

For any privacy or data-protection request, email privacy@operayde.com. We reply within five business days.