Trust and data use
Privacy Policy
Last updated: May 9, 2026 | Effective: May 9, 2026
This page explains what data OpenTide collects, why it is used, and how to contact us about privacy requests.
This Privacy Policy ("Policy") describes how OpenTide ("Company," "we," "us," or "our") collects, uses, discloses, and otherwise processes your personal information in connection with the OpenTide web application, progressive web application, and all related services (collectively, the "Service") available at https://www.opentide.app.
By using the Service, you acknowledge that your information will be handled as described in this Policy. If you do not agree, please do not access or use the Service.
Summary of Information We Collect
The table below provides a high-level overview. Full details follow in Section 1.
| Category | Examples | Purpose | Shared With |
|---|---|---|---|
| Account data | Email address, hashed password | Account access, security | Auth/database providers |
| Payment data | Transaction confirmation, amount, partial payment details | Purchases, fraud prevention, tax records | Payment processors |
| Location data | Approximate or precise location if enabled | Near Me, maps, recommendations | Hosting, analytics, map providers as needed |
| Usage data | Pages, clicks, sessions, device data | Analytics, security, product improvement | Analytics/service providers |
| User submissions | Reviews, listings, place suggestions, photos | Display, moderation, service improvement | Public users, service providers |
1. Information We Collect
1.1 Information You Provide
- Account Information: When you create an account, we collect your email address and a hashed version of your password. We never store passwords in plain text.
- Payment Information: When you make a purchase, payment is processed by a secure third-party payment processor. We receive limited transaction details such as confirmation status, purchase amount, partial payment method details where available, and a keyed hash of your checkout email for secure access recovery. We do not store full credit card numbers, CVV codes, or complete payment credentials.
- Place Submissions: If you submit a place or business listing, we collect the information you provide, including your name, email address, and details about the location.
- Waitlist Sign-ups: If you join a destination waitlist, we collect your email address and the destination you selected.
- Communications: When you contact us, we retain the content of your correspondence and any information you choose to provide.
1.2 Information Collected Automatically
- Device and Browser Information: We collect information about the device and browser you use to access the Service, including device type, operating system, browser type, screen resolution, and language preferences.
- Usage Data: We collect information about your interactions with the Service, including pages viewed, features used, time spent, and navigation patterns.
- Location Information: With your permission, we may collect precise or approximate location information from your device to provide location-based features. We may also infer approximate location from IP address for security, localization, analytics, and fraud prevention. You can disable device location through your browser or device settings.
- Browsing Presence: We may collect aggregated or de-identified session signals to display activity indicators, such as approximate numbers of users exploring a destination. We do not intend these indicators to identify individual users.
- Cookies and Similar Technologies: We use cookies and similar tracking technologies to maintain session state, remember your preferences, and analyze Service usage. See Section 6 for details.
1.3 Information from Third Parties
- Authentication Providers: If you sign in through an external authentication option, we receive the account information authorized through that sign-in flow, such as your email address and basic profile details.
- Analytics and Advertising Partners: We may receive aggregated, pseudonymous, or campaign-level analytics data to understand usage trends, referral sources, and marketing performance.
1.4 Sensitive Personal Information
We do not seek to collect sensitive personal information unless necessary for specific features or where you choose to provide it. Precise location, where collected, is used only to provide location-based features, security, or other disclosed purposes. We do not use sensitive personal information to infer characteristics about you except as permitted by law.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Provide and Maintain the Service: Process transactions, authenticate users, deliver purchased content, and ensure the Service operates as intended.
- Personalize Your Experience: Generate personalized itineraries, tailor AI concierge responses, and display relevant content based on your preferences and location.
- Communicate with You: Send transactional emails (purchase confirmations, password resets, account notifications), respond to inquiries, and send Service-related announcements. If you opt in to marketing emails, you may unsubscribe at any time using the link in the email or by contacting us.
- Improve the Service: Analyze usage patterns, diagnose technical issues, conduct research, and develop new features.
- Ensure Security: Detect, investigate, and prevent fraudulent transactions, unauthorized access, and other illegal activities.
- Comply with Legal Obligations: Meet applicable legal, regulatory, or contractual requirements.
3. How We Share Your Information
We do not sell your personal information. We may share your information with the following categories of recipients:
- Service Providers: Third-party companies and contractors that help us operate, secure, improve, and deliver the Service - including hosting and infrastructure providers, authentication and database providers, payment processors, email delivery providers, customer support tools, analytics providers, advertising measurement partners, fraud-prevention services, and AI or automation service providers. They are authorized to process personal information only as needed to provide services to us and are subject to contractual confidentiality, security, and data-processing obligations.
- AI and Automation Providers: We may use AI service providers to process prompts, user inputs, location preferences, itinerary requests, and related context to generate responses or improve Service functionality. We do not permit service providers to use personal information for their own independent purposes except as allowed by their agreements with us or applicable law.
- Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
- Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of such transaction. We will provide notice before your information becomes subject to a materially different privacy policy.
4. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service, and for as long as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.
| Data Type | Typical Retention |
|---|---|
| Account data | Until account deletion or inactivity cleanup, subject to legal exceptions |
| Transaction records | As needed for tax, accounting, fraud prevention, legal compliance, and dispute resolution |
| Usage analytics | Retained in identifiable form only as long as reasonably needed, then deleted, aggregated, or de-identified |
| Browsing presence signals | Purged or aggregated within a short period, generally within 24 hours |
After account deletion, we may retain limited records where needed for legal compliance, fraud prevention, dispute resolution, tax and accounting, security, backups, or enforcement. Public or submitted content may remain if it has been incorporated into the Service, de-identified, aggregated, or is necessary to preserve platform integrity.
5. Data Security
We use administrative, technical, and organizational safeguards designed to protect personal information, such as encryption in transit and at rest, access controls, secure authentication practices, monitoring, and vendor controls. These measures may vary depending on the nature of the data and the risks involved.
No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of your account credentials.
If we become aware of a security incident affecting personal information, we will assess the incident and provide notices where required by applicable law.
6. Cookies and Tracking Technologies
We use the following categories of cookies:
- Essential Cookies: Required for the Service to function properly, including authentication tokens and session management. These cannot be disabled.
- Functional Cookies: Remember your preferences (e.g., returning visitor status, temperature unit preference). These enhance your experience but are not strictly necessary.
- Analytics Cookies: Help us understand how visitors interact with the Service, diagnose performance issues, and improve product design. Analytics data is used in aggregated or pseudonymous form where practical.
- Marketing Cookies: If enabled, help measure the effectiveness of advertising campaigns and understand whether ads lead to visits, sign-ups, or purchases. You can control these through browser settings, device settings, and any consent or opt-out tools we make available.
You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Service. Where required, we honor recognized browser-based opt-out preference signals, such as Global Privacy Control, for applicable opt-out rights.
7. Your Rights and Choices
Depending on your jurisdiction, you may have the following rights: access, correction, deletion, portability, restriction, objection, and withdrawal of consent where processing is based on consent.
To exercise any of these rights, contact us at contact@opentide.app. We will respond within the timeframe required by applicable law (generally within 30 days, unless a different period or extension applies). We may ask you to verify your identity before completing certain requests. Some rights may be limited where an exception applies, such as fraud prevention, security, legal compliance, or completing a transaction you requested.
8. International Data Transfers
Your information may be transferred to and processed in countries other than the country in which you reside, including the United States and other jurisdictions where we or our service providers operate. Where required, we use appropriate safeguards such as contractual data-protection terms, transfer impact assessments, or other lawful transfer mechanisms.
9. Children's Privacy
The Service is not directed to children under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information promptly. If you believe we may have collected information from a child under 18, please contact us immediately.
10. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), including the right to know, access, correct, delete, and obtain a copy of personal information, and the right to opt out of the sale or sharing of personal information for cross-context behavioral advertising. We do not sell personal information for money. If advertising measurement is enabled, certain disclosures may be considered "sharing" under California law. We will provide a "Do Not Sell or Share My Personal Information" mechanism where required. To exercise California privacy rights, contact us at contact@opentide.app.
11. European Data Subjects (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, our legal bases for processing may include: (a) performance of a contract, when processing is needed to provide the Service you requested; (b) legitimate interests, such as securing, improving, and operating the Service; (c) consent, where required for optional location access, marketing communications, or certain cookies; and (d) legal obligations, where processing is needed for compliance, accounting, tax, or safety reasons. You may have the right to lodge a complaint with your local data protection authority.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will post the revised Policy on this page with an updated "Last Updated" date. Material changes will be communicated via email or a prominent notice on the Service. Your continued use of the Service after such changes constitutes acceptance of the revised Policy.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Email: contact@opentide.app
Website: https://www.opentide.app