Privacy Policy
At Opsmatic, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our services.
This policy applies to all users of Opsmatic, including both free and paid subscription tiers.
For any questions about this Privacy Policy, please contact us.
1. Data Controller
The data controller for your personal data is:
Cottonhat Software Unipessoal LDA AVENIDA D JOÃO II EDIFICIO INFANTE 35 PISO 11A 1990-083 Lisboa, Portugal
Email: opsmatic.io Data Protection Officer: [email protected] (if applicable)
2. Personal Data We Collect
2.1 Information You Provide When you create an account or use our services, we may collect: -- Account Information: Name, email address, password, company name -- Profile Information: User preferences, profile settings, avatar -- Payment Information: Billing address, payment method details (processed by our payment processors) -- Communication Data: Messages you send to our support team, feedback, survey responses
2.2 Information We Collect Automatically -- Usage Data: Features used, time spent, actions taken within the service -- Technical Data: IP address, browser type, device information, operating system -- Log Data: Server logs, error reports, performance metrics -- Analytics Data: User behavior patterns, feature adoption, usage statistics
2.3 Cookies and Tracking Technologies We use cookies and similar technologies to: -- Maintain your login session -- Remember your preferences -- Analyze service usage -- Improve user experience
3. Legal Basis for Processing
We process your personal data based on:
3.1 Contractual Necessity -- Providing the Opsmatic service -- Managing your account and subscriptions -- Processing payments -- Providing customer support
3.2 Legitimate Interests -- Improving our services and developing new features -- Preventing fraud and ensuring security -- Marketing our services (where permitted) -- Analytics and business intelligence
3.3 Legal Compliance -- Complying with applicable laws and regulations -- Responding to legal requests -- Protecting our legal rights
3.4 Consent -- Email marketing communications (where required) -- Optional analytics and tracking
4. How We Use Your Personal Data
4.1 Service Provision -- Creating and managing your account -- Providing access to Opsmatic features -- Processing transactions and billing -- Delivering customer support
4.2 Service Improvement -- Analyzing usage patterns to improve functionality -- Developing new features and services -- Conducting research and analytics -- Performance monitoring and optimization
4.3 Communications -- Sending service-related notifications -- Security alerts and important updates -- Marketing communications (with consent where required) -- Responding to your inquiries
4.4 Legal and Security -- Preventing fraud and unauthorized access -- Enforcing our Terms of Service -- Complying with legal obligations -- Protecting our rights and interests
5. Data Sharing and Disclosure
5.1 We DO NOT sell your personal data to third parties.
5.2 We may share your data with:
Service Providers: -- Customer support tools -- Email delivery services -- Security and monitoring services
Business Transfers: -- In case of merger, acquisition, or sale of assets
Legal Requirements: -- When required by law or legal process -- To protect our rights, safety, or property -- To prevent fraud or illegal activities
5.3 All third-party service providers are contractually obligated to protect your data and use it only for specified purposes.
6. International Data Transfers
6.1 Your data may be processed in countries outside the European Economic Area (EEA).
6.2 We ensure adequate protection through: -- EU-US Data Privacy Framework (if applicable) -- Standard Contractual Clauses approved by the European Commission -- Adequacy decisions by the European Commission
6.3 For more information about international transfers, contact us at [email protected].
7. Data Retention
7.1 We retain your personal data only as long as necessary for the purposes outlined in this policy.
7.2 Retention periods: -- Account Data: Until account deletion plus 14 days -- Payment Data: (as required by law) -- Support Communications: 14 days -- Analytics Data: 14 days -- Legal Compliance: As required by applicable laws
7.3 After the retention period, we securely delete or anonymize your data.
8. Your Rights (GDPR)
If you are in the European Union, you have the following rights:
8.1 Right of Access Request a copy of the personal data we hold about you.
8.2 Right to Rectification Request correction of inaccurate or incomplete personal data.
8.3 Right to Erasure ("Right to be Forgotten") Request deletion of your personal data in certain circumstances.
8.4 Right to Restrict Processing Request that we limit how we process your personal data.
8.5 Right to Data Portability Request a copy of your data in a structured, machine-readable format.
8.6 Right to Object Object to processing based on legitimate interests or for marketing purposes.
8.7 Right to Withdraw Consent Withdraw consent for consent-based processing at any time.
8.8 Right to Lodge a Complaint File a complaint with your local data protection authority.
To exercise these rights, contact us at [email protected].
9. Data Security
9.1 We implement appropriate technical and organizational measures to protect your data: -- Encryption: Data encrypted in transit and at rest -- Access Controls: Role-based access to personal data -- Security Monitoring: Continuous monitoring for security threats -- Regular Audits: Security assessments and penetration testing -- Staff Training: Regular privacy and security training for employees
9.2 While we strive to protect your data, no method of transmission or storage is 100% secure.
9.3 In case of a data breach affecting your rights and freedoms, we will notify you and relevant authorities within 72 hours as required by GDPR.
10. Children's Privacy
10.1 Opsmatic is not intended for children under 16 years old.
10.2 We do not knowingly collect personal data from children under 16.
10.3 If we discover we have collected data from a child under 16, we will delete it promptly.
10.4 Parents or guardians who believe their child has provided personal data should contact us immediately.
11. Marketing Communications
11.1 We may send you marketing communications about our services if: -- You have consented to receive them, or -- They relate to services you have purchased (where legally permitted)
11.2 You can opt out of marketing communications: -- Using the unsubscribe link in emails -- Updating your account preferences -- Contacting us directly
11.3 You will continue to receive service-related communications even after opting out of marketing.
12. Cookies and Analytics
12.1 We use cookies and similar technologies for: -- Essential cookies: Required for service functionality -- Performance cookies: Analyze how you use our service -- Functional cookies: Remember your preferences -- Marketing cookies: Deliver relevant advertisements (with consent)
12.2 You can control cookies through your browser settings.
12.3 We use analytics services including: -- Fathom Analytics, Plausible Analytics, Google Analytics (with anonymized IPs) -- PostHog for product analytics
13. Third-Party Services
13.1 Our service may contain links to third-party websites or integrate with third-party services.
13.2 This Privacy Policy does not apply to third-party services.
13.3 We recommend reviewing the privacy policies of any third-party services you use.
13.4 Third-party integrations we use include: -- Stripe (payment processing) -- Chatwoot (customer support)
14. Business Transfers
14.1 If Opsmatic is involved in a merger, acquisition, or sale of assets, your personal data may be transferred.
14.2 We will provide notice before your data is transferred and subject to a different privacy policy.
14.3 You will have the opportunity to delete your account before any such transfer.
15. Updates to This Policy
15.1 We may update this Privacy Policy from time to time.
15.2 We will notify you of material changes by: -- Email notification to your registered address -- Prominent notice on our website
15.3 The updated policy will include the effective date.
15.4 Continued use of our service after the effective date constitutes acceptance of the updated policy.
16. Contact Us
For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:
Privacy Team
Cottonhat Software Unipessoal LDA
AVENIDA D JOÃO II EDIFICIO INFANTE 35 PISO 11A
1990-083 Lisboa, Portugal
Email: [email protected]
Data Protection Officer: [email protected] (if applicable)
17. Supervisory Authority
If you are in the EU and have concerns about how we handle your personal data, you can contact your local data protection authority:
https://www.cnpd.pt/
You can also find your local authority at: https://edpb.europa.eu/about-edpb/about-edpb/members_en
Last updated: 25/09/2025
Effective date: 25/09/2025