Privacy Policy
Last updated 2026-06-17
This Privacy Policy explains what OpenCMO collects, why it is used, and how early customers can request deletion or export while the product is invite-first.
OpenCMO may collect account details, workspace membership, product URLs, product descriptions, brand context, campaign drafts, approvals, reports, inbound request details, support messages, billing identifiers, and product usage events.
Do not submit secrets, passwords, private API keys, service-role keys, or credentials through chat, support messages, product forms, or campaign context fields.
OpenCMO uses customer information to provide the product, set up workspaces, create draft marketing artifacts, support approval workflows, respond to support requests, maintain security, improve product quality, and handle billing or account administration.
OpenCMO does not sell customer data. Customer-facing work remains approval-led and should not be auto-published by the product.
OpenCMO uses hosted infrastructure and operational providers such as Vercel and Supabase. Stripe may be used for billing, and PostHog may be used for product analytics after production capture is verified.
RevenueCat may be used later only for mobile subscription signal ingestion. OpenCMO web billing should use Stripe as the source of truth.
Analytics should use public-safe event names and sanitized properties. The product should not send raw secrets, private keys, or hidden credentials to analytics tools.
OpenCMO may use cookies, local storage, and similar technologies for authentication, session handling, product state, analytics, abuse prevention, and user experience.
Browser settings may let you limit some storage, but doing so can affect login, workspace access, or product functionality.
Send export or deletion requests to yuhua21223@gmail.com with the workspace email, workspace name, and requested action.
OpenCMO aims to acknowledge requests within 24 hours, verify requester identity and workspace authority, and complete standard exports or deletions within 30 days when feasible.
OpenCMO may reserve up to 45 days for requests involving complex verification, legal review, billing reconciliation, security review, or technical cleanup. Records may be retained when required for security, fraud prevention, legal, tax, billing, or dispute reasons.
OpenCMO uses access controls, invite gating, row-level security patterns, and operational review to protect customer workspaces.
No online service can guarantee perfect security. Report security concerns to the temporary support inbox at the address on this page.
For privacy, support, billing, export, deletion, or security questions, contact yuhua21223@gmail.com.
OpenCMO plans to move to a branded opencmo.ai support address in the future.