Privacy Policy
Last updated: March 2026
At OpenedLink ("we", "our", or "the platform") we are committed to protecting your privacy and that of the end users who interact with the bots you manage through our service. This Privacy Policy describes how we collect, use, store, and protect information when you use openedlink.com and its associated services.
1. Information We Collect
We collect the following information depending on context: • Account data: name, email address, phone number, and password of users who register on the platform. • Business data (tenant): company name, industry, billing information, and bot configuration. • End-user data: phone numbers, names, WhatsApp messages, and AI-extracted information (key facts) from conversations with your bots. This information is processed on behalf of your business. • Usage data: API logs, conversation metrics, response times, and technical device information.
2. How We Use Your Information
We use the collected information to: • Provide, maintain, and improve OpenedLink services. • Process WhatsApp conversations through AI models (Anthropic's Claude). • Send notifications, reminders, and email campaigns on your behalf to your customers. • Generate analytics and reports on your bots' performance. • Fulfill legal obligations and prevent fraudulent use. • Send you communications about the service, updates, and billing.
3. Legal Basis for Processing
We process your data based on: • Contract performance: to provide the services you contracted. • Legitimate interest: to improve security, detect fraud, and optimize the platform. • Consent: for marketing communications and optional features. • Legal obligation: where applicable law requires it.
4. Data Sharing with Third Parties
We do not sell your personal information. We share data only with: • Anthropic: to process messages through the Claude AI model. Anthropic has its own privacy policies and does not retain conversation data beyond immediate processing. • Meta (WhatsApp): to send and receive messages through the official WhatsApp Business API. • Brevo (Sendinblue): for sending email campaigns and notifications. • Paddle: for processing payments and subscriptions. • Google Cloud Platform: for server infrastructure, storage, and databases. All providers are subject to Data Processing Agreements (DPAs) that guarantee information protection.
5. Storage and Security
Your data is stored on Google Cloud Platform servers located in the United States. We implement security measures including: • AES-256-GCM encryption for sensitive credentials (WhatsApp tokens, API keys). • HTTPS/TLS connections for all communications. • Automatic daily backups with 30-day retention. • Role-based access control and JWT authentication. • Activity monitoring and security alerts. No system is 100% secure. In the event of a security breach affecting your data, we will notify you within 72 hours of discovery.
6. Data Retention
We retain your data for as long as necessary to provide the service: • Active account data: while the subscription is active. • Conversations and messages: 24 months from last activity. • System logs: 90 days. • Billing data: 7 years per legal requirements. You may request deletion of your data at any time. We will proceed within 30 days, except where the law requires us to retain it.
7. Your Rights
Under applicable legislation, you have the right to: • Access: request a copy of the data we hold about you. • Rectification: correct inaccurate or incomplete data. • Erasure: request deletion of your data ("right to be forgotten"). • Portability: receive your data in a structured, machine-readable format. • Objection: object to processing your data for marketing purposes. • Restriction: request that we limit processing in certain cases. To exercise any of these rights, contact us at contact@openedlink.com.
8. Cookies and Tracking Technologies
We use essential cookies for the admin panel to function (JWT session) and analytical cookies to understand website usage. We do not use third-party advertising cookies. You can configure your browser to reject cookies, although this may affect the functionality of the admin panel.
9. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you by email about material changes with at least 15 days notice. Continued use of the service after the effective date implies acceptance of the new policy.
Questions about your privacy?
If you have questions about this policy or want to exercise your rights, write to us at:
contact@openedlink.com