1. Introduction
OpenDevice Ltd ("OpenDevice", "we", "us", or "our") respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website (www.opendevice.ai), use our AI-powered devices, applications, educational tools, or otherwise interact with us.
This policy applies to all OpenDevice websites, products, services, and applications unless a separate, more specific privacy policy is provided.
2. Who We Are
OpenDevice Ltd is a technology company developing AI-powered devices, applications, and educational technologies. We are registered in England and Wales with company number #17240792.
Contact Details: Email: privacy@opendevice.ai
Website: www.opendevice.ai
3. Information We Collect
3.1 Information You Provide
- Name, email address, phone number
- Organisation name and job title
- Account credentials and preferences
- Communications, support requests, feedback, and survey responses
3.2 Automatically Collected Information
- IP address, device type, operating system, browser type
- Usage data, interaction logs, and session information
- Diagnostic, crash, and performance data
3.3 Product & AI Usage Data
When using our AI services, we may collect:- Prompts and inputs you submit- Generated outputs- Feature usage patterns and interaction data
We do not collect sensitive personal data (e.g., health, racial origin, religious beliefs) unless you voluntarily provide it.
4. AI Services & Data Processing
Our products use artificial intelligence models (including third-party models) to process your inputs and generate responses.
- User prompts may be processed by OpenDevice and authorised third-party AI providers (e.g., OpenAI, Anthropic, Google, etc.).
- We implement technical measures to minimise data exposure (e.g., anonymisation/pseudonymisation where feasible).
- We do not use your personal conversations/prompts to train third-party foundation models unless you explicitly opt in.
- Data may be used internally to improve our own services, ensure safety, and prevent abuse.
5. Children's Privacy
We offer certain educational products that may be used by children.
We comply with applicable laws including the UK GDPR, Age Appropriate Design Code (AADC), and other relevant regulations.
Where our service is directed at children under 13 (or 16 in some jurisdictions), we require verifiable parental consent.
Parents/guardians are responsible for supervising their children's use of our products. We do not knowingly collect personal data from children without appropriate consent.
6. How We Use Your Information
We use your information to:
- Provide, personalise, and improve our products and services
- Process requests and respond to communications
- Ensure security, prevent fraud, and debug issues
- Conduct research, analytics, and product development
- Send important service announcements and (with consent) marketing communications
- Comply with legal obligations
7. Legal Basis for Processing (UK GDPR)
We rely on the following legal bases:
- Performance of contract — to deliver the services you requested
- Legitimate interests — to improve our products, maintain security, and grow our business
- Consent — for marketing and certain non-essential cookies/AI training
- Legal obligation — to comply with applicable laws
8. Sharing Your Information
We share information only in the following circumstances:
8.1 Service Providers (under strict data processing agreements):
- Cloud hosting (e.g., AWS, Azure)
- AI service providers
- Analytics, customer support, payment processors, email services
8.2 Corporate Transactions — in the event of merger, acquisition, or asset sale.
8.3 Legal Requirements — when required by law, court order, or government authority.
We do not sell your personal data to third parties.
9. International Data Transfers
Your data may be transferred outside the UK and EEA.
We ensure appropriate safeguards are in place, including:
- UK International Data Transfer Agreements (IDTA) / Standard Contractual Clauses (SCCs)
- Adequacy decisions where available
- Additional technical and organisational measures
10. Data Security
We implement industry-standard security measures including encryption, access controls, regular security audits, and secure development practices. However, no method of transmission or storage is 100% secure.
11. Data Retention
We retain your personal data only for as long as necessary for the purposes outlined in this policy or as required by law.
Examples:
- Account data: while account is active + 2 years
- AI conversation data: 30–90 days (unless retained for legal/safety reasons)
- Analytics data: up to 26 months (anonymised where possible)
12. Your Rights
Under UK GDPR and equivalent laws, you have the right to:
- Access, correct, or delete your personal data-
Restrict or object to processing
- Withdraw consent
- Data portability
- Lodge a complaint with the Information Commissioner's Office (ICO)
To exercise these rights, email hello@opendevice.ai. We respond within one month.
13. Cookies and Tracking Technologies
We use essential cookies and (with consent) analytics and functional cookies.
We honour Global Privacy Control (GPC) and Do Not Track (DNT) signals where applicable.
14. Third-Party Links
Our services may link to third-party websites. We are not responsible for their privacy practices.
15. Changes to This Policy
We may update this Privacy Policy. Material changes will be notified via email (where feasible) or prominent notice on our website.