Sign inPrivate preview

Privacy

Privacy policy for the website, platform, support portal, and responder app.

Last updated 7 April 2026. This page is intended to give a clear operational explanation of how OpsBell handles personal information across the public site and product surfaces that are live today.

OpsBell websiteOpsBell platformSupport portalOpsBell Responder

Scope

This policy explains how OpsBell handles personal information when you visit our public website, use the OpsBell platform, use the OpsBell Responder mobile app, connect third-party services, or contact us for support.

It is written to cover our current launch-stage public site, the main incident operations product, the support portal, and the responder app without forcing you to guess which policy applies to which surface.

Who controls the data

OpsBell acts as the data controller for the public website, account administration data, support interactions, and other information we decide how to use ourselves.

For most workspace operational data that customers choose to place into the service, the customer organization is the controller and OpsBell acts as a processor or service provider on that customer's instructions. That includes incident data, alerts, on-call schedules, runbooks, integrations, timelines, retrospectives, and similar operational records.

If you use OpsBell through your employer or another organization, some privacy requests may need to be handled first by that organization.

What we collect

The exact information we handle depends on how you use the service and which integrations your workspace enables.

  • Account and identity data, such as name, work email address, workspace membership, role assignments, and authentication or single sign-on metadata.
  • Operational workspace data, such as alerts, incidents, timelines, notes, tasks, ownership records, schedules, runbooks, retrospectives, exports, and change or deployment records.
  • Integration data, such as identifiers, messages, metadata, tickets, bridge links, calendar details, and transcript or incident-room data from services your workspace connects.
  • Support data, such as support tickets, replies, attachments, and related account or workspace context needed to investigate and respond.
  • Responder app and notification data, such as mobile device key, platform, device name, device model, app version, build number, and push token used to deliver on-call notifications.
  • Technical and security data, such as IP address, timestamps, request logs, browser or device metadata, session cookies, local storage preferences, and audit or security events.

How we use information

We use personal information to provide and secure the service, authenticate users, route and deliver notifications, operate workspaces, troubleshoot incidents, support customers, prevent abuse, and comply with legal obligations.

Where AI-assisted features are used, relevant incident context may be sent to the model provider needed to generate the feature output. At the time of writing, OpsBell uses OpenAI for incident-summary features.

  • Operate the website, platform, support portal, and responder app.
  • Create and manage user accounts, sessions, permissions, and workspace access.
  • Deliver incident, on-call, and support notifications by email, chat, voice, SMS, WhatsApp, or mobile push, depending on workspace and user settings.
  • Run incident management features such as timelines, runbooks, retrospectives, transcripts, AI summaries, and reporting.
  • Provide support, investigate bugs, protect the service, and improve reliability.
  • Meet legal, accounting, security, and compliance obligations.

Legal bases

Where UK GDPR or EU GDPR applies, we generally rely on one or more of these legal bases: performance of a contract, legitimate interests, compliance with legal obligations, and consent where consent is the appropriate basis.

For customer workspace content, the relevant customer organization will often determine the appropriate legal basis as controller.

How we share information

We share information only where needed to operate the service, follow customer instructions, or comply with law.

  • Cloud, storage, networking, and hosting providers used to run OpsBell.
  • Identity, email, telephony, messaging, push-notification, and collaboration providers needed to deliver the features you enable.
  • Integration providers that a workspace connects, such as chat, ticketing, meeting, status, documentation, or change-management services.
  • AI providers used to generate AI-assisted features when those features are used.
  • Professional advisers, regulators, courts, or law enforcement where disclosure is legally required or reasonably necessary to protect rights, safety, or the service.
  • A successor entity if OpsBell is involved in a merger, acquisition, financing, or asset sale.

Cookies, local storage, and similar technologies

OpsBell uses essential session technologies to keep users signed in, secure support-portal access, complete authentication flows, and remember basic interface preferences such as theme settings.

We may also keep standard server and security logs as part of operating the website and platform. If we later introduce non-essential analytics, advertising, or preference technologies, we will update this notice and, where required, ask for consent.

Responder app and push notifications

If you enable mobile notifications, OpsBell registers the device with your workspace account so it can send operational alerts and on-call notifications. The responder app is designed for operational response and does not include in-app advertising.

Push delivery depends on notification infrastructure providers and the mobile operating system, including Expo and the underlying Apple or Google notification services used for delivery.

International transfers

OpsBell and its service providers may process personal information in countries other than your own. When we do that, we use contractual, organizational, and technical safeguards intended to protect the data appropriately.

Retention

We keep information for as long as needed to provide the service, support customers, secure the platform, meet contractual obligations, and comply with law.

Retention periods vary by data type. For example, workspace data is typically kept while the workspace remains active, support records are retained for support history and compliance, mobile device registrations remain until revoked or replaced, and logs or backups may persist for limited periods afterwards.

Security

We use administrative, technical, and organizational safeguards intended to protect personal information against unauthorized access, loss, misuse, or alteration. No system is perfectly secure, but we design the service to reduce risk and limit unnecessary exposure.

Support attachments may be scanned or checked before being made available, depending on the configuration of the support environment.

Your rights

Depending on where you are located, you may have rights to request access, correction, deletion, restriction, objection, portability, or withdrawal of consent. You may also have the right to complain to your local regulator, including the UK Information Commissioner's Office where applicable.

If your information is part of a customer workspace, we may need to direct your request to that customer as the relevant controller.

You can also learn more about UK privacy rights from the Information Commissioner's Office.

Changes to this policy

We may update this policy from time to time to reflect changes in the product, mobile app, legal requirements, or the way we process information. When we make material changes, we will update the date on this page and may provide a more prominent notice where appropriate.

Contact

Privacy questions, requests, or complaints can be sent to hello@opsbell.com.

If you are reviewing the OpsBell Responder app for Google Play or another app store, this page is the public privacy policy for that app.