This Privacy Policy describes how Optemate LLC (“Optemate,” “we,” or “us”) collects, uses, discloses, and safeguards information when you visit our website at optemate.com or use our products and services (collectively, the “Services”). For personal data Optemate processes on behalf of business clients, Optemate acts as a “processor” (GDPR) or “service provider” (CCPA), and the client's privacy notice and instructions govern. For Optemate's own marketing, account, and website operations, Optemate acts as a “controller” or “business.”
A quick introduction to Optemate and the data we handle on your behalf.
Three categories of data: what you give us, what your business uses, and what we observe when you interact with our Services.
We may collect the following personal information directly from you:
In the course of providing Services, we may process:
We may automatically collect:
We only use information for the purposes that keep our Services running, secure, and compliant.
We use collected information to:
Our Services use machine learning. Here's what that means for accuracy and accountability.
Our Services utilize artificial intelligence and machine learning technologies, including third-party AI providers.
Nothing provided through the Services constitutes legal, financial, tax, medical, or other regulated professional advice. You agree to consult qualified professionals before relying on any output generated through our Services.
We work with trusted third parties to deliver our Services. Here's who we share with and how data moves across borders.
We may share information with:
Optemate is not responsible for the privacy practices, outages, policy changes, or failures of third-party services.
We may transfer, store, and process data outside your country of residence, including in the United States. Where we transfer personal data from the European Economic Area, the United Kingdom, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses (and the UK International Data Transfer Addendum or the Swiss-equivalent, as applicable), supplemented by transfer impact assessments and additional measures where required. A copy of the safeguards used can be requested from support@Optemate.com. By using the Services, you understand that the laws of the destination country may differ from the laws of your country.
How we protect your information and how long we keep it.
We implement commercially reasonable administrative, technical, and physical safeguards, including encryption in transit (TLS 1.2 or higher) and at rest where supported by our infrastructure, role-based access controls, multi-factor authentication for administrative access, vendor security review, employee training, and periodic risk assessments. However, no system is 100% secure, and we disclaim liability for unauthorized access beyond our reasonable control. In the event of a security incident affecting personal data, we will notify affected clients without undue delay and, where required, no later than seventy-two (72) hours after becoming aware (consistent with GDPR Art. 33), and will notify individuals and regulators when required by applicable law (including U.S. state breach-notification statutes).
We retain information only as long as necessary for business, legal, or contractual purposes, unless a longer retention period is required by law. Indicative retention periods: (a) account and billing records: for the duration of the account plus seven (7) years for tax and accounting compliance; (b) Client Data and AI inputs/outputs: for the duration of the engagement and up to ninety (90) days after termination, after which it is deleted or de-identified, except as required by law or to enforce these terms; (c) support tickets and email correspondence: three (3) years; (d) website analytics and log files: thirteen (13) months; (e) marketing contact data: until you unsubscribe or three (3) years of inactivity, whichever is earlier; and (f) backup copies: rotated out of backup within thirty (30) days of deletion from primary systems. We may retain data longer to comply with legal holds, defend claims, or resolve disputes.
Depending on where you live, you may have specific rights regarding the data we hold.
Depending on your location, you may have rights to access, correct, delete, or restrict processing of your data. Specifically:
EEA/UK/Switzerland (GDPR/UK GDPR): access, rectification, erasure, restriction, portability, objection, withdrawal of consent (without affecting prior lawful processing), and the right to lodge a complaint with your supervisory authority. Our legal bases for processing are: performance of a contract with you (Art. 6(1)(b)), our legitimate interests in operating and securing the Services (Art. 6(1)(f)), compliance with legal obligations (Art. 6(1)(c)), and consent where required (Art. 6(1)(a)).
California (CCPA/CPRA): right to know what personal information we collect and how it is used and shared; right to delete; right to correct; right to opt out of sale or sharing of personal information for cross-context behavioral advertising; right to limit use of sensitive personal information; and right not to be discriminated against for exercising these rights.
Other U.S. states (VA, CO, CT, UT, TX, OR, MT, IA, DE, NH, NJ, TN, etc.): comparable rights under your state's comprehensive privacy law, including (where applicable) the right to opt out of profiling that produces legal or similarly significant effects and the right to appeal a denied request.
Sale/Sharing:Optemate does not “sell” personal information for money, but use of analytics and advertising platforms (e.g., Google Analytics, Meta) may constitute “sharing” under CCPA. You may opt out via the “Do Not Sell or Share My Personal Information” link on our website or by emailing support@Optemate.com. We honor Global Privacy Control (GPC) signals.
Verification & Timing: we will verify your identity using information already on file before fulfilling a request and respond within forty-five (45) days (CCPA) or one (1) month (GDPR), with a possible extension as permitted by law. Authorized agents may submit requests with proof of authorization. Requests may be submitted to support@Optemate.com.
We may deny requests where permitted by law.
Our Services are not intended for individuals under 13 years of age. We do not knowingly collect data from children.
Our liability, how we update this policy, and how to reach us with questions.
To the maximum extent permitted by law, Optemate LLC shall not be liable for indirect, incidental, consequential, special, or punitive damages arising from data handling or AI outputs. The limitations and disclaimers in this Section apply only to the extent permitted by applicable law and do not limit any rights you have under mandatory consumer-protection or data-protection law (including GDPR, UK GDPR, and U.S. state privacy statutes). The Limitation of Liability and indemnification provisions in the Terms of Service govern as between Optemate and its business clients; nothing in this Privacy Policy is intended to limit any statutory privacy rights or remedies.
We reserve the right to modify this Privacy Policy from time to time. We will update the “Last Updated” date and, for material changes, provide reasonable advance notice (at least thirty (30) days, where practicable) by email to account holders or through a prominent in-product or website notice. Where required by law, we will obtain your consent before applying material changes to existing data. Continued use of the Services constitutes acceptance of changes.
Questions regarding this Privacy Policy should be sent to:
Optemate LLC, Attn: Privacy
240 Kennedy Street, State College, PA 16801, United States
Email: support@Optemate.com
Phone: 814-424-5367
Website: optemate.com
EU/UK residents may also contact our designated representative (if appointed) at the address above. The applicable supervisory authority is the data protection authority in your country of residence; California residents may contact the California Privacy Protection Agency.