Back to home

Last updated: January 15, 2026

Privacy Policy

At Operative, we take your privacy seriously. This policy describes how we collect, use, and protect your personal information.

Information We Collect

We collect information you provide directly to us, information we obtain automatically when you use our services, and information from third-party sources.

Information You Provide

  • Account Information: Name, email address, company name, job title, phone number when you create an account
  • Billing Information: Payment card details, billing address (processed securely by Stripe)
  • Project Information: Agent briefs, requirements documents, feedback, and communications with our team
  • Support Communications: Messages, emails, and calls with our support and success teams

Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent on the platform
  • Device Information: Browser type, operating system, device identifiers
  • Log Data: IP address, access times, referring URLs
  • Agent Performance Data: Conversation logs, error rates, response times for agents we build

How We Use Your Information

We use the information we collect for the following purposes:

  • Provide, maintain, and improve our services
  • Build and deploy AI agents according to your specifications
  • Process transactions and send related information
  • Send technical notices, updates, security alerts, and support messages
  • Respond to your comments, questions, and customer service requests
  • Monitor and analyze trends, usage, and activities
  • Detect, investigate, and prevent fraudulent transactions and abuse
  • Personalize and improve your experience

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers

We work with third-party service providers who need access to your information to provide services to us:

  • Cloud Infrastructure: AWS, Google Cloud for hosting and data storage
  • AI Model Providers: OpenAI, Anthropic, and others for model inference (data is not used for training)
  • Payment Processing: Stripe for secure payment handling
  • Analytics: PostHog for product analytics (anonymized)
  • Communication: Intercom for customer support

Legal Requirements

We may disclose information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

  • Account Data: Retained while your account is active, deleted within 90 days of account closure
  • Agent Conversation Logs: Retained for 12 months by default, configurable per your requirements
  • Billing Records: Retained for 7 years for tax and legal compliance
  • Support Communications: Retained for 3 years

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Access and Portability

Request a copy of your personal data in a structured, machine-readable format

Correction

Request correction of inaccurate or incomplete personal information

Deletion

Request deletion of your personal information, subject to legal retention requirements

Opt-Out

Opt out of marketing communications at any time via unsubscribe links or account settings

To exercise any of these rights, please contact us at privacy@operative.ai. We will respond to your request within 30 days.

Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • SOC 2 Type II certified infrastructure
  • Regular security audits and penetration testing
  • Employee security training and background checks
  • Access controls and audit logging
  • Incident response procedures

For more details, see our Security page.

International Transfers

Operative is based in the United States. If you are accessing our services from outside the US, please be aware that your information may be transferred to, stored, and processed in the US and other countries where our service providers operate.

For transfers from the European Economic Area (EEA), UK, or Switzerland, we rely on Standard Contractual Clauses approved by the European Commission and UK authorities. We also comply with the EU-US Data Privacy Framework.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Operative, Inc.

Attn: Privacy Team

548 Market St, Suite 72840

San Francisco, CA 94104

Email: privacy@operative.ai

This Privacy Policy may be updated from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.