Skip to main content
Operayde
Book an executive briefing
Legal

Privacy policy

Last updated: 18 April 2026

This policy describes the personal data we collect through this website and through our appliance service, and what we do with it. It is drafted in plain language; the binding legal document is our Data Processing Agreement (DPA) available on request.

Website

This website sets no third-party tracking cookies. The middleware sets one first-party preference cookie, operayde_locale, so the site remembers your chosen language across visits. We log request method, path, status, approximate size, and an anonymised client IP for thirty days for abuse detection and capacity planning. We do not share these logs.

We use a self-hosted, cookieless analytics tool (Umami on stats.operayde.com) to count pageviews and a small number of engagement events (contact-form submissions, discovery-agent starts, Trust Centre visits, docs searches). It sets no cookies, truncates IP addresses, and respects the Do Not Track browser signal. We never record the text of your searches, messages, or form contents in analytics — only shapes such as query length, so the privacy of your inputs is preserved.

Contact form

When you submit the contact form we collect your name, email, optional company and team size, and the message you sent us. We retain these records for 24 months from last contact, then delete them.

Appliance service

The appliance keeps your prompts, documents, and audit bodies on your premises. The central plane receives heartbeats, signed audit heads, virtual-key metadata, and usage rollups. It never sees prompt or response content.

For staff access to the operator portal we rely on OIDC identities from your chosen IdP. We store the minimum necessary to run a session: subject, email, display name, and role claims.

Contact

For any privacy or data-protection request, email privacy@operayde.com. We reply within five business days.