Privacy Policy

This Privacy Policy describes how Opper Technology AB, a company registered in Stockholm, Sweden ("Opper," "we," "us," or "our"), collects, uses, and shares personal information when you use our Platform as a Service ("PaaS") for creating safe and production-grade Artificial Intelligence ("AI") functions within the European Economic Area ("EEA"). By accessing or using the Opper PaaS, you agree to the terms of this Privacy Policy.

We are committed to protecting your privacy and ensuring that your personal data is handled responsibly. This privacy policy outlines how we collect, use, and safeguard your personal information in compliance with the General Data Protection Regulation (GDPR).

  1. Data controller If you live in the European Economic Area (EEA), or Switzerland, Opper Technology AB is the controller and is responsible for the processing of your Personal Data as described in this policy.

  2. Information We Collect: First name, Last Name, Email Address.

Personal Information you provide:

Account information, including your name and email address. This information is essential for us to provide you with our services, communicate with you, and respond to your inquiries. User content: When you use our services, we collect Personal Data, including uploaded documents, function inputs and prompts. Personal data we receive from your use of the services: Usage data: We automatically collect information about your usage of the services, such as which pages you view, features you use and actions you take. Log data: Information that your browser or API client automatically sends when you use our services, including your IP address, browser type and how you use our services. Cookies and similar technologies: We use cookies and similar technologies to operate our services.

  1. How We Use Your Information:

    3.1 To Provide and Improve Our Services: We use the information we collect to provide and improve our PaaS, including to personalize your experience, analyze trends, and optimize our platform's performance and functionality.

    3.2 To Communicate with You: We may use your contact information to communicate with you about our services, respond to your inquiries, provide customer support, and send you important updates and notifications.

    3.3 For Legal Compliance: We may use your information to comply with applicable legal obligations, such as tax or regulatory requirements, or to investigate and prevent fraud, abuse, or other illegal activities.

  2. How We Share Your Information:

    4.1 With Third-Party Service Providers: We do not share your personal data with third parties, except as necessary to provide our service, comply with the law, or protect our rights.

    4.2 For Legal Purposes: We may disclose your information to comply with legal obligations, enforce our policies, respond to legal requests from law enforcement or government authorities, or protect the rights, property, or safety of Opper, our users, or others.

  3. Your Choices:

    5.1 Account Information: You may update or modify your account information by logging into your account settings. You may also request the deletion of your account and personal information by contacting us at, subject to applicable legal requirements.

    5.2 Marketing Communications: You may opt-out of receiving marketing communications from us by following the unsubscribe instructions provided in the communication or by contacting us at

  4. Legal Basis for Processing: Your personal data is processed based on your consent, which you provide by using our service and agreeing to this policy.

  5. Data Retention: We retain your personal data only for as long as necessary to provide you with our services and for legitimate and essential business purposes, such as maintaining the performance of our services, making data-driven business decisions, complying with our legal obligations, and resolving disputes.

  6. Data Subject Rights: You have the right to access your personal data, request corrections, ask for deletion, object to processing, and request data portability. Please contact us at to exercise these rights.

  7. International Data Transfers: Your personal data may be transferred to, and processed in, countries other than the country in which you reside. We ensure that any such transfers comply with GDPR and that your data remains protected.

  8. Sub processors: When Opper engages a sub-processor, it will require any appointed sub-processor to protect the customer data to the standard required by Applicable Data Protection Law, such as including the same data protection obligations referred to in Article 28(3) of the GDPR. A list of sub processors, in addition to the LLM providers in Appendix 1, is available in Appendix 2.

  9. Security: We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, disclosure, alteration, or destruction. More details of our security measures can be found in Opper Platform Security Overview.

  10. Access policy Your data is stored on secure servers and is accessible only by relevant authorized personnel that need access to this data to perform Opper’s services. All requests to access data and data access is logged. This data includes: Organizations and their users Functions and evaluations Indexes Events Such authorized Opper personnel accounts in AWS are secured using SAML login with Google as the authentication provider. The Google accounts have mandatory 2FA / passkey enabled.

  11. Children's Privacy: Our PaaS is not directed to children under the age of 16, and we do not knowingly collect personal information from children under the age of 16. If we become aware that we have collected personal information from a child under the age of 16, we will take steps to delete such information as soon as possible.

  12. Updates to this Privacy Policy: We may update this Privacy Policy from time to time by posting a revised version on our website. We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our PaaS after the posting of changes constitutes your acceptance of such changes.

  13. Contact Us: If you have any questions about this Privacy Policy or our privacy practices, please contact us at Effective Date: December 10, 2023