Privacy Policy

Last updated: February 15, 2026

Introduction

At OpenGuardrails, we are committed to protecting your privacy and data security. As a security and safety-focused company, we understand the critical importance of safeguarding your information. This Privacy Policy explains our approach to data handling and your rights.

Our Core Privacy Commitment

We do not save, use, sell, or train AI models on your personal data or business secrets. Your information remains yours, and we are committed to:

  • Not storing your sensitive data beyond what is technically necessary for service operation
  • Not using your data for AI model training or commercial purposes
  • Not selling your data to third parties under any circumstances
  • Not sharing your business secrets or proprietary information

Data Sanitization

We employ a multi-layer data sanitization approach:

  • Local Sanitization: Data is sanitized on your local system before being uploaded for security detection
  • Server-Side Sanitization: Even if data is transmitted directly to our services, it undergoes sanitization before processing
  • Personal Information Removal: All personally identifiable information (PII) is stripped from data during sanitization

This ensures that your sensitive information never reaches our processing systems in an identifiable form.

What We Collect and Why

As a security-focused company, personal information is not useful for our business operations. We only collect:

  • Security Behavior Patterns: Anonymized patterns related to security threats and anomalies
  • Technical Metadata: Information necessary for service operation (e.g., API usage, error logs)
  • Account Information: Basic information necessary to provide you with service access (email, company name for enterprise accounts)

These security behavior patterns help us continuously optimize our security models to better protect all users, without compromising your privacy.

Data Processing and Storage

When you use OpenGuardrails services:

  • Data is processed in real-time for security analysis
  • Sanitized data is analyzed to detect security threats and vulnerabilities
  • Processed data is aggregated and anonymized for security model improvement
  • Original content and PII are not retained after processing

Third-Party Sharing

We do not sell, trade, or share your personal information with third parties, except:

  • When required by law or legal process
  • To protect our rights, safety, or property
  • With service providers who assist in operations (under strict confidentiality agreements)

Any third-party service providers are carefully vetted and bound by confidentiality obligations.

Your Rights

You have the right to:

  • Access your account information
  • Request deletion of your account and associated data
  • Opt-out of any non-essential data collection
  • Request information about what data we process
  • Lodge a complaint with relevant data protection authorities

Data Security

We implement industry-standard security measures including:

  • Encryption in transit and at rest
  • Access controls and authentication
  • Regular security audits and updates
  • Compliance with security best practices

Open Source Transparency

As an open-source project, much of our code is publicly available on GitHub. This transparency allows the community to verify our privacy and security practices.

Cookies and Tracking

We use minimal cookies for:

  • Essential site functionality and authentication
  • Anonymous analytics to improve our website (no personal tracking)

You can control cookie preferences through your browser settings.

Children's Privacy

Our services are not directed to individuals under 13 years of age. We do not knowingly collect personal information from children.

International Data Transfers

Our services are operated from the United States. If you are accessing our services from outside the US, please note that your information may be transferred to and processed in the US, where data protection laws may differ.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: