Otper

Privacy Policy

Effective date: May 15, 2026

This Privacy Policy explains how we collect, use, store, and protect information when you use our applications, websites, and related services (collectively, the "Service").

By using the Service, you agree to this Privacy Policy.

1. Information We Collect

Information you provide

We may collect information you provide directly, including:

  • Name and username
  • Email address
  • Password and authentication credentials
  • Profile photo
  • Workspace and team information
  • Boards, lists, cards, comments, checklists, labels, attachments, and other content you create
  • Preferences and account settings
  • Information shared through integrations you connect to the Service

Authentication and security information

To help keep accounts secure, we may collect and process:

  • Sign-in activity
  • IP address
  • Approximate location derived from IP address
  • Browser, device, and operating system information
  • Authentication method used
  • Multi-factor authentication and passkey information
  • Active session information
  • Security and audit logs

We use this information for account protection, fraud prevention, suspicious-login detection, and security monitoring.

We do not access your device GPS or precise location.

Information collected automatically

When you use the Service, we may automatically collect limited technical and usage information such as:

  • Device and browser type
  • Session activity
  • Error and diagnostic information
  • General usage and collaboration activity within the Service

We do not collect the content of your keystrokes.

2. How We Use Information

We use information to:

  • Provide and maintain the Service
  • Authenticate users and secure accounts
  • Enable collaboration and workspace functionality
  • Sync updates and notifications
  • Store and manage files and attachments
  • Improve reliability, performance, and security
  • Detect abuse, unauthorized access, and suspicious activity
  • Communicate important service and account-related information
  • Comply with legal obligations and enforce our terms

We do not sell personal information.

We do not use your content to train artificial intelligence or machine-learning models.

3. Collaboration and Workspace Visibility

The Service is designed for collaborative work.

Information such as your name, username, profile photo, comments, cards, tasks, and other workspace content may be visible to members of shared workspaces or teams based on permissions and roles.

If you leave a shared workspace or delete your account, some collaborative content may remain available to the workspace where it was created.

4. Cookies and Session Technologies

The web application uses essential cookies and similar technologies required to:

  • Keep you signed in
  • Maintain secure sessions
  • Protect against unauthorized requests
  • Remember authentication preferences

We do not use advertising cookies or third-party advertising trackers.

5. Third-Party Services and Integrations

We may use trusted service providers and infrastructure partners to operate the Service, including services for:

  • Cloud hosting
  • File storage
  • Transactional email delivery
  • Real-time communication
  • Security and authentication
  • Optional third-party integrations

If you connect external services or integrations, we may access and process information necessary to support those features.

Third-party services operate under their own privacy policies and terms.

6. Data Retention

We retain information for as long as necessary to provide the Service, maintain security, comply with legal obligations, and resolve disputes.

Retention periods may vary depending on:

  • The type of information
  • Workspace and account activity
  • Legal or operational requirements
  • Security and fraud-prevention needs

Information may remain in backups and operational logs for a limited period after deletion.

7. Security

We use administrative, technical, and organizational safeguards designed to protect information and maintain account security.

These measures may include:

  • Encrypted connections
  • Secure password hashing
  • Multi-factor authentication
  • Passkey support
  • Session management controls
  • Access restrictions
  • Security monitoring and logging

No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Your Choices and Rights

Depending on your location and applicable laws, you may have rights to:

  • Access your information
  • Correct or update information
  • Delete your account or personal information
  • Manage communication preferences
  • Revoke connected integrations or sessions
  • Object to or restrict certain processing activities

You can manage many of these controls directly through the Service.

9. Age Requirements

The Service is intended for users who are legally permitted to use it under applicable laws.

If local laws require parental or guardian consent for certain users, such consent must be obtained before using the Service.

We do not knowingly collect personal information in violation of applicable child-data protection laws.

10. International Data Transfers

Your information may be processed and stored in countries other than your own, where our service providers or infrastructure operate.

We take reasonable steps to protect information during such transfers in accordance with applicable laws.

11. Changes to This Policy

We may update this Privacy Policy from time to time.

If material changes are made, we may provide notice through the Service or other appropriate channels before the updated policy becomes effective.

The latest version will always be posted on this page.

12. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or your information, please contact us through the contact methods provided on our website.