Privacy Policy
Last updated: June 28, 2026
Introduction
Operum ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our desktop application and website (collectively, the "Service").
Information We Collect
Account Information
When you create an account, we collect:
- Email address
- Name (optional)
- Password (encrypted)
Usage Data
We automatically collect certain information when you use the Service:
- Device information (operating system, device type)
- Application version
- Feature usage statistics
- Error logs and crash reports
Payment Information
Payment processing is handled by Stripe. We do not store your full credit card number. We receive only the last four digits of your card, card type, and billing address for record-keeping purposes.
How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service
- Process transactions and send related information
- Send technical notices, updates, and support messages
- Respond to your comments and questions
- Detect, prevent, and address technical issues
- Comply with legal obligations
Data Storage and Security
Your data is stored securely using industry-standard encryption. We use Supabase for authentication and database services, which employs enterprise-grade security measures.
The desktop application stores authentication tokens securely in your operating system's native keychain (macOS Keychain, Windows Credential Manager, or Linux Secret Service).
AI Processing and Data Handling
Operum orchestrates AI agents powered by third-party AI models. Here is how your data interacts with AI services:
- Local-first architecture: Your code and project files remain on your device. AI API calls are made directly from your machine to the AI provider (Anthropic) — your data does not pass through our servers.
- Your API keys: You provide your own Anthropic API key. We do not have access to your API key or the content of your AI interactions.
- AI-generated outputs: Code, text, and other outputs generated by AI agents are created locally on your device. We do not collect, store, or have access to AI-generated content.
- Agent activity logs: The desktop application stores agent activity logs locally on your device. These logs are never transmitted to our servers.
- No training on your data: We do not use your code, prompts, or AI outputs to train any models. Refer to Anthropic's data usage policy for how the AI provider handles API requests.
Third-Party Services
We use the following third-party services:
- Supabase - Authentication and database
- Stripe - Payment processing
- Anthropic - AI model provider (API calls made directly from your device using your API key)
- GitHub - Code repository integration (with your explicit authorization)
- PostHog - Product analytics (anonymized usage data)
- Vercel - Website hosting
Each third-party service has its own privacy policy. We encourage you to review them. We share only the minimum data necessary with each service to provide the functionality described above.
Your Rights
You have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your account and associated data
- Export your data
- Opt out of marketing communications
To exercise these rights, contact us at privacy@operum.ai.
Data Retention
We retain your personal information for as long as your account is active or as needed to provide you services. You may permanently delete your account at any time — from Settings → Danger Zone in the desktop app, or from your account page on the web. Two paths are available on both surfaces: Delete with a recovery window, which starts a 7 calendar-day recovery window during which you can sign back in and choose Cancel deletion to revert; and Delete immediately, which permanently destroys your account and all associated data right away with no recovery window.
Either path permanently deletes all data associated with your account, including any managed / Operum-provisioned (Quick-start) repositories hosted for your teams, except where we are required to retain specific records for legal purposes. Once the deletion completes — immediately, or at the end of the 7 calendar-day window for the recoverable path — the data cannot be recovered.
Exporting or transferring any data you wish to keep before deletion is your responsibility. If a team uses a Quick-start repository provisioned by Operum, you can download it as a ZIP or transfer it to your own GitHub account first — see how to keep your repository. Only you, signed in to your own account, can export or transfer your managed repository; no other Operum user can read, export, or transfer it. Operum is not liable for data — including managed repositories — lost as a result of your own decision to delete your account.
Data Retention — Subscription Lifecycle
Separately from the user-requested deletion described above, project data is subject to automatic retention rules tied to your subscription status.
If Stripe reports your subscription as past_due after its automatic retry attempts have failed, your account is suspended and a 30 calendar-day grace period begins from the date of suspension. (Voluntary cancellation is not a non-payment suspension — it follows the separate, shorter timeline described under Data Retention — Voluntary Cancellation below.)
During the grace period:
- You can still log in. Existing projects become read-only — you can browse and export, but cannot run agents, start new chats, or make changes.
- We send reminder emails on day 7, day 21, day 28, and day 29 of the grace period. Each reminder names the exact scheduled deletion date and includes a link to restore your subscription.
- Restoring your subscription at any point during the 30 calendar days fully unlocks your account, restores write access to your projects, and cancels the scheduled deletion.
On day 30, if the subscription has not been restored, all project data — including projects, agents, chat history, schedules, and team configurations — is removed from our active systems and is no longer accessible to you or to Operum's regular operations. Your account login is preserved so you can re-subscribe and start fresh.
This automatic retention policy applies in addition to, and is distinct from, the user-requested deletion described in the section above.
Data Retention — Voluntary Cancellation
Voluntary cancellation is handled separately from a non-payment suspension, on a shorter timeline. When you cancel your subscription, your account and login remain, and you keep full access until the end of your current paid period. After that, your projects are archived for a 7 calendar-day window during which re-subscribing restores everything exactly as you left it.
If you do not re-subscribe within those 7 calendar days, the archived projects are permanently deleted from our active systems. This cancellation timeline is distinct from the 30 calendar-day grace period that applies to a suspension for non-payment described above.
Data Retention — Subscription Tier Changes
Each subscription plan has a defined maximum number of teams (sometimes called "projects"). The specific limits for each plan — Standard, Premium, and Team — are maintained on the pricing page, not this Privacy Policy, so the published limits always match the product.
Upgrades: Moving to a higher-tier plan is immediate and has no effect on your existing data. No teams are archived or deleted.
Downgrades below your current team count: If the new tier's team limit is lower than the number of teams you currently have, excess teams are archived rather than immediately deleted. The method by which we choose which teams to archive depends on where you initiate the downgrade:
- From the Operum app: we prompt you to pick which teams to keep. Any teams you do not select are archived.
- From the Stripe billing portal: we automatically archive excess teams using an oldest-touched-first rule — the teams you have used most recently are kept, and the teams that have gone the longest without activity are archived first.
Archived teams enter a 30 calendar-day recovery window. During that window the team's data is retained but hidden from normal use. You can restore archived teams by:
- Upgrading back to a plan whose team limit accommodates them, or
- Re-subscribing above the current limit within the window.
We send notification emails at the start of archival, at a mid-window warning, and a final deletion notice, following the same cadence pattern used for the payment-suspension lifecycle described above.
On day 30, any team still in archived state is removed from our active systems. Your account and any remaining (non-archived) teams are unaffected.
Data Retention — User-Initiated Team Deletion
Separately from any subscription-related retention, you can delete a team yourself at any time from Settings → Danger Zone ("Move Team to Trash"). The team then moves to Trash, where it is hidden from your normal team list but its data is preserved for 7 calendar days so you can change your mind.
Within the 7-day Trash window you can:
- Restore the team — it becomes fully accessible again, exactly as it was before deletion.
- Delete Permanently — the team is removed from your account immediately.
On day 7, any team still in Trash is removed automatically. The 7-day Trash window applies regardless of subscription status and is independent of the subscription-lifecycle and tier-change retention rules described above.
Data Retention — Backups
We may retain encrypted backups for a short period for security and incident recovery. These backups are not a user-accessible restore path — to recover your data, use the relevant grace, archival, or Trash window described above before it closes.
Children's Privacy
The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.
Contact Us
If you have questions about this Privacy Policy, or want to make a data access or deletion request, use the form below.
Prefer email? You can also reach us directly at privacy@operum.ai.