Privacy Policy
Last updated: 2 May 2026
This Privacy Policy describes how Opbox Ltd ("Opbox", "we", "us", or "our") collects, uses, stores, and protects personal data when you use the Opbox platform at opbox.app (the "Platform").
We are committed to protecting your privacy and handling your data in an open and transparent manner. This policy applies to all users of the Platform, including workspace administrators, team members, and clients who access the client portal.
1. Data controller
Opbox Ltd is the data controller for personal data processed through the Platform. For questions about this policy, contact us at privacy@opbox.app.
2. Data we collect
2.1 Account information
When you create an account or are invited to a workspace, we collect:
- Full name, email address, and profile photo (optional)
- Organisation name and workspace details
- Authentication credentials (hashed and salted - we never store plaintext passwords)
- SSO/OIDC provider tokens when using single sign-on
2.2 Platform usage data
As you use the Platform, we process:
- Matters, documents, table records, form submissions, and files you create or upload
- Audit trail entries (user actions, timestamps, IP addresses)
- AI assistant conversation history within your workspace
- E-signature data including signing events, IP addresses, and audit logs
2.3 Client data
When your workspace processes data about third parties (individuals, companies, beneficial owners), your organisation is the data controller for that data and Opbox acts as a data processor. We process this data only on your instructions and in accordance with our Data Processing Agreement.
2.4 Technical data
- IP address, browser type, device information
- Cookies and similar technologies (see our Cookie Policy)
- Error logs and performance metrics
3. How we use your data
| Purpose | Legal basis |
|---|---|
| Providing and operating the Platform | Contract performance |
| Account authentication and security | Contract performance / Legitimate interest |
| Audit trail and compliance logging | Legal obligation / Legitimate interest |
| AI features (document generation, search, analysis) | Contract performance |
| E-signature processing and verification | Contract performance / Legal obligation |
| Product improvement and analytics | Legitimate interest |
| Customer support | Contract performance |
| Marketing communications (with consent) | Consent |
4. Data sharing
We do not sell your personal data. We share data only in these circumstances:
- Infrastructure providers - hosting and database (Fly.io), email delivery (MailerSend), and payment processing (Stripe) as necessary to operate the Platform
- AI providers - queries sent to AI models (Anthropic) for features you initiate. AI providers do not use your data for training.
- Integrations you enable - when you connect third-party services (DocuSign, HubSpot, etc.), data flows according to those services' own policies
- Legal requirements - when required by law, regulation, or valid legal process
- Within your organisation - workspace members can access data according to their role permissions
5. Data security
We implement appropriate technical and organisational measures to protect your data:
- Encryption at rest - AES-256-GCM for all stored files and sensitive data
- Encryption in transit - TLS 1.2+ for all connections
- Access controls - role-based permissions with per-workspace data isolation
- Audit logging - comprehensive, tamper-evident audit trail with configurable retention
- Authentication - bcrypt password hashing, optional SSO (SAML 2.0 / OIDC), SCIM provisioning
- CSRF and rate limiting - protection against cross-site request forgery and brute-force attacks
6. Data retention
We retain your personal data for as long as your account is active or as needed to provide the Platform. Workspace administrators can configure retention policies with archive-before-delete safeguards.
- Account data - retained until account deletion, then purged within 30 days
- Audit logs - configurable retention tiers (workspace setting), archived before deletion
- E-signature records - retained for a minimum of 7 years for legal compliance
- Backups - retained for up to 30 days after data deletion
7. Your rights
Depending on your jurisdiction, you may have the right to:
- Access - request a copy of the personal data we hold about you
- Rectification - correct inaccurate or incomplete data
- Erasure - request deletion of your data (subject to legal retention obligations)
- Restriction - limit how we process your data
- Portability - receive your data in a structured, machine-readable format
- Objection - object to processing based on legitimate interests
- Withdraw consent - where processing is based on consent, withdraw at any time
To exercise any of these rights, contact us at privacy@opbox.app. We will respond within 30 days.
8. International transfers
Your data may be processed in jurisdictions outside your country of residence, including the United States and European Union, where our infrastructure providers operate. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where applicable.
9. Children's privacy
The Platform is not intended for use by individuals under 16 years of age. We do not knowingly collect personal data from children.
10. Changes to this policy
We may update this Privacy Policy from time to time. We will notify workspace administrators of material changes via email or in-app notification. The "Last updated" date at the top indicates when this policy was last revised.
11. Contact
For privacy-related questions or concerns, contact our team:
- Email: privacy@opbox.app
- General enquiries: hello@opbox.app