Privacy Policy

Last updated: April 2026 — Draft — subject to legal review before public launch.

1. Who We Are

OpalEdge is operated by Opal Business Solutions. This policy explains how we collect, use, and protect your personal data in accordance with the UK GDPR and Data Protection Act 2018.

2. What Data We Collect

• Account data: name, email address, company name, trade type, password (hashed)
• Business data: quotes, jobs, invoices, customers, materials, price sheets
• Documents: files you upload to AskEdge (e.g. supplier agreements, certificates)
• Billing data: processed by Stripe — we store only your Stripe customer ID, not full card details
• Usage data: page views, feature usage (for improving the Service)

3. How We Use Your Data

• To provide and improve the Service
• To process payments and manage subscriptions
• To send transactional emails (welcome, invoices, alerts)
• To generate AI-powered insights using your business data
• To comply with legal obligations

4. Data Sharing

We do not sell your data. We share data only with trusted processors necessary to operate the Service:

• Supabase — database and file storage (EU region)
• Vercel — hosting and edge functions
• Stripe — payment processing
• Anthropic / OpenAI — AI processing (your business data is sent to these APIs to generate responses)
• Resend — transactional email delivery

5. Data Retention

We retain your data for as long as your account is active. On account deletion, your data is permanently removed within 30 days, except where required by law.

6. Your Rights

Under UK GDPR, you have the right to access, correct, delete, and port your personal data. To exercise these rights, contact privacy@opaledge.app.

7. Cookies

See our Cookie Policy for details on how we use cookies.

8. Changes to This Policy

We may update this Privacy Policy. We will notify you by email of material changes.

9. Contact

Data controller: Opal Business Solutions. Contact: privacy@opaledge.app.