Privacy Policy

• We never sell or share your data with advertisers.
• Your documents belong to you — you can export or delete them anytime.
• We use AI providers (Anthropic, OpenAI, Google) only to process content you explicitly send through our AI features.
• Authentication uses JWT with passwords hashed via bcrypt. Optional Google OAuth is available.
• If you self-host OpenLoad, none of this applies — your server, your rules.

When you sign up we ask only for an email and a password (or your Google identity if you use OAuth). When you create documents we store their content so we can sync them back to you across devices.

We collect minimal product analytics to understand which features are used — page views, button clicks, anonymous session recordings via PostHog. You can opt out from your account settings at any time.

We do not collect browsing history outside of OpenLoad, location, contacts, microphone or camera unless you explicitly grant access for a specific feature (e.g., Screen Recorder, Hey Forge voice command).

When you use an AI feature (Copilot, Ask, slash-AI, summarise, OG image generator, etc.) the content you send is forwarded to one of our model providers — Anthropic (Claude Sonnet 4.5), OpenAI (GPT-5.2 / Image-1), or Google (Gemini / Nano Banana) — for inference.

Providers run under zero-data-retention contracts where available. Your AI requests are NOT used to train any provider's models.

If you self-host, you can swap providers via the Emergent Universal LLM Key configuration.

Documents are private by default. You can choose to share via a public link, password-protected link, embed iframe, or invite-only collaboration. Public/embedded content is served from our CDN; passwords are stored hashed (bcrypt). You can revoke any share link from the editor at any time.

We use a small number of cookies: a session cookie for authentication, a preference cookie for theme/locale, and a third-party PostHog cookie for product analytics. No advertising or cross-site-tracking cookies. We honour the Global Privacy Control (GPC) signal.

You can at any time:

• Export your data (JSON, DOCX, XLSX, PPTX, PDF) from the editor or via the API.
• Delete individual documents or your entire account from Settings → Account → Delete.
• Request a copy of all data we hold about you by emailing privacy@openload.app.

If you are in the EU/UK, you have additional rights under GDPR / UK-GDPR (correction, restriction, portability, objection). We respond to verifiable requests within 30 days.

Questions? Concerns? Email privacy@openload.app — a real human will reply. Our Data Protection Officer is reachable at the same address.