Last updated: May 1, 2026
OpenCentric, Inc. ('we', 'us', 'our') is committed to protecting your personal data. This Privacy Policy describes what data we collect, how we use it, who we share it with, and your rights. It applies to all users of the OpenCentric platform and website.
Account data: name, email address, company name, and billing information provided during registration.
Profile data: content you add to your Venture Profile, including service descriptions, pricing, team information, and compliance attestations.
Usage data: pages visited, features used, match interactions, API calls, and other platform activity logs.
Payment data: Stripe processes all payment card data. We store only transaction references, amounts, and status — never raw card numbers.
Communication data: emails, support tickets, and in-platform messages.
To operate the platform: matching, contract generation, payment processing, and SLA monitoring.
To improve the Services: analytics, feature development, and abuse prevention.
To communicate with you: transactional emails, product updates, and support responses.
To comply with legal obligations: fraud prevention, tax reporting, and responding to lawful requests.
With other users: your Venture Profile data is public by default. Match introductions share only the information necessary for the introduction.
With service providers: Stripe (payments), AWS (infrastructure), Postmark (email), Datadog (monitoring). All processors are bound by data processing agreements.
With legal authorities: only when required by law, court order, or to protect rights and safety.
We do not sell your personal data.
We retain account data for as long as your account is active and for up to 7 years after closure for legal and tax compliance. You may request deletion of personal data not subject to legal retention requirements.
Under GDPR (EU/UK) and CCPA (California), you have rights to access, correct, delete, and port your personal data.
To exercise your rights, email privacy@opencentric.ai. We will respond within 30 days.
Data is processed primarily in AWS us-east-1 (Virginia) and eu-west-1 (Ireland). Transfers from the EU to the US rely on Standard Contractual Clauses.
We use essential, functional, and analytics cookies. See our Cookie Policy for details and opt-out options.
For privacy questions, contact privacy@opencentric.ai or our DPO at dpo@opencentric.ai.
Questions about this document? Contact us at legal@opencentric.ai