Skip to content

Privacy Policy

Effective date: March 7, 2026 · Last updated: March 7, 2026

1. Introduction

This Privacy Policy describes how OpenLegion (“we,” “us,” “our”) collects, uses, and discloses information when you visit openlegion.ai (the “Website”) or use our managed hosting service, APIs, and related services (collectively, the “Service”).

By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

  • Account information: Email address, name, and password when you create an account.
  • Payment information: Billing details processed by our third-party payment processor (e.g., Stripe). We do not store full credit card numbers on our servers.
  • Communications: Information you provide when contacting us via email, live chat (Tawk.to), or Discord.
  • Customer Data: Agent configurations, workflow definitions, and other data you submit to the Service.

2.2 Information Collected Automatically

  • Usage data: Pages visited, features used, timestamps, referral URLs, and general interaction patterns.
  • Device information: Browser type, operating system, screen resolution, and device identifiers.
  • IP address: Collected for security, analytics, and approximate geolocation purposes.
  • Cookies and similar technologies: See Section 6 below.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service;
  • Process payments and send billing-related communications;
  • Respond to your inquiries and provide customer support;
  • Analyze usage patterns to improve the Service (via Google Analytics and Microsoft Clarity);
  • Detect, prevent, and address technical issues, fraud, or abuse;
  • Send transactional emails (account confirmation, password reset, billing receipts);
  • Comply with legal obligations.

We do not sell your personal information. We do not use Customer Data to train AI models.

4. Third-Party Services

We use the following third-party services that may collect information as described in their respective privacy policies:

  • Google Analytics — website analytics and traffic measurement.
  • Microsoft Clarity — session recording and heatmaps for UX analysis.
  • Tawk.to — live chat widget for customer support.
  • Stripe (or equivalent) — payment processing.
  • LLM API providers (e.g., Anthropic, OpenAI, Google, Mistral) — AI model inference. Prompts and agent data sent to these providers are governed by their respective privacy policies and data processing terms. OpenLegion is not responsible for how third-party LLM providers handle data.

We encourage you to review the privacy policies of these third-party services.

5. Data Sharing & Disclosure

We may share your information only in the following circumstances:

  • Service providers: Third-party vendors who assist in operating the Service (hosting, payment processing, analytics) under contractual obligations to protect your data.
  • Legal requirements: When required by law, subpoena, court order, or governmental request.
  • Protection of rights: To enforce our Terms of Service, protect our rights or safety, or investigate fraud.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Cookies & Tracking Technologies

We use cookies and similar technologies (pixels, local storage) for analytics, functionality, and security purposes. The Website uses:

  • Essential cookies: Required for the Service to function (session management, authentication).
  • Analytics cookies: Google Analytics and Microsoft Clarity cookies to understand how visitors interact with the Website.
  • Third-party cookies: Set by Tawk.to for live chat functionality.

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the Service.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. We may also retain information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements. When data is no longer needed, we will delete or anonymize it within a reasonable timeframe.

8. Data Security

We implement commercially reasonable technical and organizational measures to protect your information. However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security and are not liable for any unauthorized access, data breach, or loss of data.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing of your personal information for certain purposes.
  • Opt-out of sale: We do not sell personal information. If this changes, we will provide a clear opt-out mechanism.

To exercise any of these rights, contact us at support@openlegion.ai. We will respond within 30 days (or as required by applicable law).

10. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell personal information. To exercise your CCPA rights, contact support@openlegion.ai.

11. European Economic Area (GDPR)

If you are in the EEA, our legal basis for processing your personal data includes: (a) your consent; (b) performance of a contract; (c) compliance with a legal obligation; and (d) our legitimate interests (improving and securing the Service) where those interests are not overridden by your data protection rights.

You may lodge a complaint with your local data protection authority if you believe we have violated your rights under the GDPR.

12. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your jurisdiction. By using the Service, you consent to such transfers.

13. Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

14. Changes to This Policy

We may update this Privacy Policy at any time. Changes will be reflected by updating the “Last updated” date at the top of this page. Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at:

support@openlegion.ai