Privacy Policy

Last Updated: September 8, 2025

This Privacy Policy explains how OpenSession LLC ("OpenSession," "we," "us," or "our") collects, uses, discloses, and protects your personal information when you interact with our website (opensession.co), services, or business operations.

We respect your privacy and are committed to protecting your personal information. This policy describes our privacy practices in compliance with applicable laws, including the California Consumer Privacy Act (CCPA) and other relevant data protection regulations.

If you have any questions, comments, or concerns about this policy or how we handle your information, please contact us at hello@opensession.co.

Information We Collect

We collect personal information from you in several ways when you interact with our business:

Information You Provide Directly

  • Contact Information: Name, email address, phone number, company name, and job title when you fill out forms, subscribe to newsletters, or contact us

  • Project Information: Details about your business, project requirements, preferences, and communications during our service engagement

  • Newsletter Subscriptions: Email address and preferences when you subscribe to our marketing communications

  • Workshop Attendance: Contact information, dietary restrictions, accessibility needs, and other relevant details for in-person or virtual events

  • Social Media Interactions: Information when you interact with us on Instagram, YouTube, LinkedIn, or other social platforms

Information We Collect Automatically

  • Website Analytics: IP address, browser type, device information, pages visited, time spent on site, referring websites, and other usage data via Google Analytics

  • Cookies and Tracking: Information collected through cookies, pixels, and similar technologies (see our Cookie Policy for details)

  • Social Media Tracking: Data from Facebook Pixel, LinkedIn Insight Tag, and other social media tracking tools for advertising and analytics

  • Marketing Analytics: Information collected through Sprout Social and other marketing platforms for campaign effectiveness

Information from Third Parties

  • Social Media Platforms: Publicly available information from your social media profiles when you interact with us

  • Client Referrals: Information provided by existing clients or business partners who refer you to our services

  • Service Providers: Information from payment processors, project management tools, and other service providers we use

How We Use Your Information

We use your personal information for the following purposes:

Service Delivery and Communication

  • Provide design, development, and consulting services as requested

  • Respond to inquiries and communicate about projects

  • Send project updates, invoices, and service-related communications

  • Manage workshop attendance and event logistics

Marketing and Business Development

  • Send newsletters, marketing materials, and company updates (with your consent)

  • Analyze website and marketing campaign performance

  • Improve our services and user experience

  • Showcase completed work in our portfolio (with appropriate permissions)

Legal and Business Operations

  • Comply with legal obligations and respond to legal requests

  • Protect our rights, property, and safety

  • Process payments and maintain financial records

  • Conduct business analytics and reporting

AI Training and Development

  • Use Figma files and design assets for AI model training and experimental purposes

  • Improve our design processes and service delivery capabilities

  • Develop new tools and methodologies for client engagement

Legal Basis for Processing: We process your information based on:

  • Your consent (which you can withdraw at any time)

  • Our legitimate business interests

  • Performance of contracts with you

  • Compliance with legal obligations

Information Sharing and Disclosure

We may share your personal information in the following circumstances:

Service Providers and Partners

We work with trusted third-party service providers who help us operate our business, including:

  • Analytics Providers: Google Analytics, Facebook, LinkedIn

  • Communication Tools: Email marketing platforms, social media management tools (Sprout Social)

  • Project Management: Notion, Figma, and other collaboration platforms

  • Payment Processing: Secure payment processors for billing

  • Cloud Storage: Secure cloud storage providers for project files

Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal processes, court orders, or government requests

  • Protect our rights, property, or safety

  • Investigate fraud or other illegal activities

  • Enforce our Terms & Conditions

Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

With Your Consent

We may share your information for other purposes with your explicit consent.

International Data Transfers

OpenSession serves clients globally. When we transfer your personal information outside the United States, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by relevant authorities

  • Adequacy decisions by regulatory bodies

  • Other appropriate safeguards as required by applicable law

For clients in the European Union, United Kingdom, or other jurisdictions with specific data protection requirements, we comply with applicable cross-border transfer regulations.

Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this policy:

General Business Information

  • Contact information and communications: 7 years after last interaction

  • Financial records and invoices: 7 years for tax and legal compliance

  • Marketing data: Until you unsubscribe or request deletion

Client Project Information

  • Design Files and Assets: Retained indefinitely for portfolio, showcase, AI training, and reference purposes

  • Project Communications: 3 years after project completion

  • Contracts and Agreements: 7 years after contract termination

Website and Analytics Data

  • Cookie and tracking data: Up to 26 months

  • Website analytics: Up to 38 months

  • Marketing campaign data: Up to 2 years

Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

California Residents (CCPA Rights)

If you are a California resident, you have the right to:

  • Know: Request information about the categories and specific pieces of personal information we collect, use, disclose, and sell

  • Delete: Request deletion of your personal information (subject to certain exceptions)

  • Opt-Out: Opt-out of the sale of your personal information (we do not currently sell personal information)

  • Non-Discrimination: Not be discriminated against for exercising your privacy rights

General Rights (All Users)

  • Access: Request a copy of the personal information we hold about you

  • Correction: Request correction of inaccurate or incomplete information

  • Portability: Request your data in a structured, machine-readable format

  • Withdrawal: Withdraw consent for processing based on consent

  • Restriction: Request limitation of processing in certain circumstances

To exercise these rights, contact us at hello@opensession.co with your specific request.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

  • Analyze website performance and user behavior

  • Provide personalized content and advertisements

  • Enable social media features

  • Remember your preferences and settings

You can manage your cookie preferences through your browser settings. However, disabling certain cookies may limit website functionality.

For detailed information about our cookie practices, please see our Cookie Policy.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

Security Measures

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest

  • Regular security assessments and updates

  • Access controls and authentication procedures

  • Secure hosting and cloud storage solutions

  • Employee training on data protection practices

However, no internet transmission is completely secure, and we cannot guarantee absolute security.

Third-Party Websites and Services

Our website may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those external sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, services, or applicable laws. We will notify you of material changes by:

  • Posting the updated policy on our website

  • Sending email notifications to subscribers

  • Other appropriate communication methods

Your continued use of our services after any changes constitutes acceptance of the updated policy.

Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, please contact us:

OpenSession LLC
Email: hello@opensession.co
Website: opensession.co

For California residents exercising CCPA rights, please include "CCPA Request" in your subject line and specify which right you wish to exercise.

Effective Date

This Privacy Policy is effective as of the date listed at the top of this document and applies to all information collected by OpenSession LLC.