Here's how we protect your data and respect your privacy.
If you are a Opendraft customer or subscriber, or just visiting our website, this policy applies to you.
If you are a registered Opendraft customer or a visitor to our website we act as the "data controller" of personal data. This means we determine how and why your data are processed.
From the moment you request a quote of Opendraft, we start collecting data. Sometimes you provide us with data, sometimes data about you is collected automatically.
Here’s when and how we do this:
You request a demo of Bearer
We call you
You use Bearer
You receive emails from us
You chat with us for customer support
You opt-in to marketing messages
You request a quote from Opendraft
We call you
You use Opendraft
You receive emails from us
You chat with us for customer support
You opt-in to marketing messages
Your name, email address, role in your company, etc.
Your bank account number, sort code, credit/debit card details, etc.
The name of your code repositories / projects, APIs & databases, URLs to GitHub / GitLab files, last commit dat, etc.
Your data sources & destinations, types of data, business processes, hosting location, security measures, etc.
Your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version, etc.
Your URL clickstreams (the path you take through our site), pages viewed, page response times, download errors, how long you stay on our pages, what you do on those pages, how often, and other actions.
We don’t collect any "sensitive data" about you (like racial or ethnic origin, political opinions, religious/philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about your sexual life or orientation, and offences or alleged offences).
Bearer is a business-to-business service directed to and intended for use only by those who are 18 years of age or over. We do not target Opendraft at children, and we do not knowingly collect any personal data from any person under 16 years of age.
Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:
Login and authentication, processing payments.
Product analytics, heat mapping our site, testing features, and session replay.
Notifying you of any changes to our service, solving issues via live chat support, phone or email including any bug fixing.
Sending you emails and messages about new features, products and services, and content.
You have given clear consent for you to process your personal data for a specific purpose.
If you have previously given consent to our processing your data you can freely withdraw such consent at any time. You can do this by emailing us at .
If you do withdraw your consent, and if we do not have another legal basis for processing your information, then we will stop processing your personal data. If we do have another legal basis for processing your information, then we may continue to do so subject to your legal rights.
Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:
In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests.
If you choose to do this, you can continue to use the website and browse its pages, but we will not be able to process transactions without personal data.
You can block cookies by activating a setting on your browser allowing you to refuse cookies. You can also delete cookies through your browser settings. If you turn off cookies, you can continue to use Bearer but certain services (like Intercom) will not work effectively.
We will inform you (before collecting your data) if we intend to use your data for marketing and if third parties are involved. You can opt out from marketing by emailing us at hello@opendraft.io
You can exercise your rights by sending us an email at .
This includes the right to ask us supplementary information about:
We will provide you with the information within one month of your request, unless doing so would adversely affect the rights and freedoms of other (e.g. another person’s confidentiality or intellectual property rights). We’ll tell you if we can’t meet your request for that reason.
You can object to us using your data for profiling you or making automated decisions about youWe may use your data to determine whether we should let you know information that might be relevant to you (for example, tailoring emails to you based on your behavior). Otherwise, the only circumstances in which we will do this is to provide the Opendraft service to you.
We will give you a copy of your data in CSV or JSON so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you. We will not do so to the extent that this involves disclosing data about any other individual.
You can do this by asking us to erase any personal data we hold about you, if it is no longer necessary for us to hold the data for purposes of your use of Opendraft.
Please tell us first, so we have a chance to address your concerns. If we fail in this, you can address any complaint to the CNIL, either by calling their helpline or as directed on their website at https://www.cnil.fr/.
We have physical, electronic, and managerial procedures to safeguard and secure the information we collect.
And please remember:
The personal data we collect is primarily stored in our Amazon Web Services servers in Ireland. As we are a remote company, we process data in the countries we live in (including: Belgium, France, Netherlands, Poland, Portugal, South Africa, the United-Kingdom, the United States) and in any data processing facilities operated by the third parties identified below.
By submitting your personal data, you agree to this transfer, storing or processing by us. If we transfer or store your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this Privacy Policy.
We will archive and stop actively using any personal identifiable information about you within 3 months from the last time you used Opendraft. We will delete your personal data from our archives no later than 6 years from the last time you used Opendraft or as agreed with you in a separate contract.
Tech businesses often use third parties to help them host their application, communicate with customers, power their emails etc. We partner with third parties who we believe are the best in their field at what they do.
When we do this, sometimes it is necessary for us to share your data with them in order to get these services to work well. Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy. Where personal data is transferred to a third party in the United States we take steps to ensure we agree the standard contractual clauses with them. We continually monitor this transfer mechanism. Any data transfers to the US are encrypted and generally consist of insensitive personal data.
Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:
This is a web hosting provider: we use it to store data you generate by using the service securely in the cloud.
EU (Ireland)
Amazon Web Services, Inc.
Privacy PolicyThis is a web hosting provider: we use it to store data you generate by using the service securely in the cloud.
EEA (Ireland)
This enables users to authenticate via Single Sign-On.
US
WorkOS, Inc.
Privacy PolicyThis enables users to authenticate via Single Sign-On.
US
We use this service for customer communications, user interaction and helpdesk assistance.
US
We use this service for customer communications.
US
We use this service for customer communications, user interaction and helpdesk assistance.
US
We use this service for sending, storing and tracking emails.
US
Calendly LLC
Privacy PolicyWe use this service to set up calls and meetings with customers.
US
Intercom, Inc.
Privacy PolicyWe use this service for customer communications, user interaction and helpdesk assistance.
US
Livestorm
Privacy PolicyWe use this service to provide webinars to our customers.
EEA (France)
Salesforce, Inc.
Privacy PolicyWe use this service for customer communications, user interaction and helpdesk assistance.
US
Twilio, Inc.
Privacy PolicyWe use this service for sending, storing and tracking emails.
US
Webflow, Inc.
Privacy PolicyWe use this service to build our website and our demo form.
US
Zapier, Inc.
Privacy PolicyWe use this service to automate tasks like sending emails.
US
This service processes payments for us.
EU & US
Stripe, Inc.
Privacy PolicyThis service processes payments for us.
EEA & US
This privacy notice was built base on an open-source design from Juro adapted to Webflow by Bearer. Get these patterns free: privacy policy template and Webflow template.
Please don’t make this the last time you read it as we will post any changes on this page - significant changes will of course be notified to you by email.