OAOpenApp
Login
Legal

Effective 2026-06-26

Privacy Policy

This Privacy Policy explains how OpenApp ("OpenApp", "we", "us", or "our") collects, uses, and protects personal data when you use OpenApp, our physical access control platform offered as a service ("Service"). This Policy forms part of our Terms of Service.

1. Data we collect

  • Account data: name, email address, and — where you sign in with a phone number — your phone number, used to create and secure your account.
  • Authentication data: identifiers from identity providers you choose to use (such as Google), limited to what is needed to verify your identity.
  • Access and audit data: records of access events, device and entity configuration, policies, and invitations that you create within the Service.
  • Technical data: log data such as IP address, browser or device information, and timestamps, used to operate and secure the Service.

2. How we use data

We use personal data to:

  • provide, maintain, and secure the Service;
  • authenticate users and authorize physical access;
  • produce audit logs and other features you enable;
  • communicate with you about your account and the Service; and
  • comply with legal obligations and enforce our Terms of Service.

3. Sign-in with Google and other providers

When you sign in with a third-party identity provider, we receive basic profile information (such as your name and email address) needed to create and authenticate your account. We do not use this information for advertising, and we request only the scopes necessary to provide the Service. Your use of the provider is also governed by that provider's privacy policy.

4. How we share data

We do not sell personal data. We share data only:

  • with service providers who process data on our behalf under appropriate confidentiality and security obligations;
  • with third-party integrations you explicitly connect to your account;
  • within your organization, with administrators who manage your access; and
  • when required by law or to protect the rights, safety, and security of users, the public, or OpenApp.

5. Data retention

We retain personal data for as long as your account is active and as needed to provide the Service. Audit and access records may be retained for a longer period to support security, compliance, and dispute resolution. When data is no longer needed, we delete or anonymize it after a reasonable retention period.

6. Security

We apply administrative, technical, and physical safeguards designed to protect personal data against unauthorized access, loss, or misuse. No system is completely secure, and we cannot guarantee absolute security.

7. Your rights

Depending on your jurisdiction, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact us using the details below. We will respond as required by applicable law.

8. International transfers

We may process and store data in countries other than where you live. Where required, we use appropriate safeguards for international transfers of personal data.

9. Children's privacy

The Service is not directed to children, and we do not knowingly collect personal data from children. If you believe a child has provided us personal data, please contact us so we can delete it.

10. Changes to this Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date below and, where appropriate, provide additional notice.

11. Contact

Questions about this Privacy Policy or your personal data can be sent to tomer@openapp.house.