Legal

Privacy Policy

Last updated: February 2, 2026

1. Introduction

OpenBSIS ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial data platform.

2. Information We Collect

2.1 Account information

When you create an account, we collect:

  • Email address
  • Display name (optional)
  • Password (stored securely hashed)

2.2 Usage information

We automatically collect information about your use of the Service:

  • Pages visited and features used
  • Search queries and institutions viewed
  • Reports accessed and exported
  • Device type, browser, and operating system
  • IP address and general location

2.3 Settings and preferences

We store your preferences including display settings, institution shortcuts, and saved items to provide a personalized experience.

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain the Service
  • Authenticate users and manage accounts
  • Personalize your experience with saved preferences
  • Analyze usage patterns to improve the Service
  • Send service-related notifications and updates
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Authentication: Keep you logged in securely
  • Preferences: Remember your display settings
  • Analytics: Understand how users interact with our platform

We use PostHog for analytics to help us understand usage patterns and improve the Service. You can opt out of analytics tracking by adjusting your browser settings or using a privacy-focused browser extension.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service providers: Third-party services that help us operate (Supabase for authentication, PostHog for analytics)
  • Legal requirements: When required by law or to protect our rights
  • Business transfers: In connection with a merger, acquisition, or sale of assets

6. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure password hashing
  • Regular security audits
  • Access controls and authentication

7. Data Retention

We retain your account information as long as your account is active. Usage data and analytics are retained for up to 24 months. You may request deletion of your account and associated data at any time.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information
  • Object to or restrict certain processing
  • Export your data in a portable format
  • Withdraw consent where applicable

To exercise these rights, contact us at david.openbsis@gmail.com.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

10. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact

For questions about this Privacy Policy or our data practices, contact us at david.openbsis@gmail.com.