Privacy Policy

Last updated: April 16, 2026

This Privacy Policy explains how Optimo One ("we," "us," or "our") collects, uses, and protects information when you use our website and services (the "Service"). We keep things simple: we collect only what we need, we don't sell your data, and we give you control.

1. Information We Collect

We collect information in three categories:

• Account information — name, email, company, password hash, and profile details you provide when you sign up.
• Usage data — IP address, browser type, pages viewed, actions taken, and timestamps. Used to operate, improve, and secure the Service.
• Content you upload — client data, messages, files, tasks, reports, and forms. This is Your Content. We store it to provide the Service and do not access it except as needed for support or legal compliance.

2. How We Use Information

We use your information to:

• Provide, operate, and maintain the Service.
• Process payments through Stripe.
• Send transactional emails (account notifications, receipts, security alerts).
• Provide customer support and respond to your requests.
• Improve the Service and develop new features.
• Detect and prevent fraud, abuse, and security incidents.
• Comply with legal obligations.

3. Payments and Stripe

Payments are processed by Stripe. We do not store credit card numbers. Stripe collects and processes payment data under its own privacy policy. When you use Optimo One to collect payments from your clients, you are acting as the merchant of record via your own connected Stripe account — we pass the transaction through without holding funds.

4. AI Processing

When you use AI features (such as AI-drafted inbox replies), relevant message content and context may be sent to a third-party AI provider (Anthropic) to generate output. The AI provider processes this data under its own terms and does not use it to train models. AI-generated output is stored with your account just like any other content.

You can disable AI features at any time from your account settings.

5. How We Share Information

We do not sell your personal information. We share information only in these cases:

• Service providers — companies that help us run the Service (hosting, email, analytics, payment processing, AI). They're bound by confidentiality obligations and process data only on our instructions.
• Legal requirements — when required by law, court order, or to protect the rights, property, or safety of Optimo One, our users, or the public.
• Business transfers — if we're involved in a merger, acquisition, or asset sale, your data may transfer to the new entity. We'll notify you if this happens.

6. Data Security

We take security seriously. Data is encrypted in transit (TLS) and at rest. Passwords are hashed. Client data is isolated per account using Row-Level Security (RLS) at the database layer. We use reputable hosting and infrastructure providers with strong security practices.

No system is 100% secure. If a breach occurs, we'll notify affected users promptly in accordance with applicable law.

7. Data Retention

We retain your account data while your account is active. After you cancel, we keep your data for 30 days in case you change your mind, then we delete it. Backups may persist for up to 90 days. Certain records may be retained longer to meet legal obligations (e.g., tax, accounting).

8. Your Rights

Depending on where you live, you may have rights to:

• Access the personal information we hold about you.
• Correct inaccurate information.
• Request deletion of your data.
• Export your data in a portable format.
• Object to or restrict certain processing.
• Withdraw consent where processing is based on consent.

To exercise any of these rights, email hello@optimoone.com.

9. Cookies

We use cookies and similar technologies for authentication, session management, and analytics. You can control cookies through your browser settings. Disabling cookies may affect Service functionality.

10. International Transfers

Optimo One operates globally. Your data may be processed in countries other than your own, including the United States and the European Union. We use standard contractual clauses or equivalent safeguards for international transfers as required by law.

11. Children's Privacy

The Service is not intended for children under 18. We do not knowingly collect personal information from children. If you believe we have, contact us and we'll delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or in-app notice at least 14 days before they take effect.

13. Contact

Questions or privacy requests? Email hello@optimoone.com.