Privacy Policy

This Privacy Policy explains how Blind OS collects, uses, stores, shares, and deletes information when you visit our website, create an account, connect communication channels, use AI automation, manage leads, book meetings, or use payment tracking features.

Blind OS is built for business users. The service is not intended for consumers under 18 years old.

Account information: name, email address, login method, authentication records, profile settings, plan status, and support messages.

Business profile information: company name, company email, operating region or market information you provide, selling product, target market, business brief, purpose of use, and configuration preferences.

Connected channel information: account identifiers, connection status, tokens or credentials required to operate connected channels, and related sync metadata.

Gmail and email data: emails Blind OS sends on your behalf, incoming emails received after you connect your Gmail account, message bodies, snippets, thread data, sender and recipient details, timestamps, labels, and related metadata needed to power email workflows.

WhatsApp data: connected account details, contacts, chat records, inbound and outbound messages, timestamps, lead mapping, conversation state, and related metadata.

LinkedIn data: connected account details, profile URLs, connection identifiers, conversation records, inbound and outbound messages, timestamps, lead mapping, and related metadata.

Lead and prospect data: names, roles, companies, emails, phone numbers, LinkedIn URLs, public profile data, enrichment details, source metadata, notes, lead status, campaign state, and conversation history. Lead data may come from users, manual entry, AI-assisted workflows, and external providers or agents using publicly available data.

Calendar and meeting data: availability, booked meeting details, meeting status, notes, reminders, time zones, and scheduling context required to book and manage meetings.

Payment and revenue data: customer payment records, payment status, payment links, client records, revenue tracking information, and Stripe API or secret keys when you choose to connect your own Stripe account for payment tracking and automation.

Billing information for Blind OS subscriptions: subscription plan, checkout session, payment status, renewal status, cancellation status, and billing identifiers processed through Whop.

Technical information: device, browser, IP-derived request metadata, session cookies, local storage used for app notifications, error logs, security logs, and usage events needed to operate and protect the service.

To provide the Blind OS service, authenticate users, manage subscriptions, enforce plan limits, operate dashboards, and keep account data synchronized.

To send, receive, store, classify, and display Gmail, WhatsApp, and LinkedIn conversations after you connect those accounts.

To generate AI-assisted and autonomous replies, follow-ups, lead conversations, booking logic, payment follow-up logic, and other workflow outputs requested by the user.

To pass relevant context to AI systems, including lead data, prior conversation history, user business information, calendar availability, and payment context when needed for the specific feature.

To rotate connected accounts, manage outreach workflows, detect reply state, stop or continue campaigns, schedule meetings, and recover missed follow-ups.

To fetch and process payment records from connected Stripe accounts, create or track payment links, and power Blind OS payment manager features.

To provide support, troubleshoot bugs, prevent abuse, improve reliability, secure the platform, and comply with legal obligations.

When you connect a Google or Gmail account, Blind OS uses Google user data only to provide user-facing Gmail features that you request, such as sending emails on your behalf, receiving new replies after connection, syncing conversation context, displaying email threads, generating replies, and powering follow-up automation.

Blind OS does not access emails from before the point of connection except where the user explicitly imports or syncs them through a supported feature.

Blind OS does not sell Google user data, use it for advertising, or use it to train Blind OS models.

Blind OS' use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Blind OS uses AI model providers, including Kimi and Groq, to generate replies, reason about lead conversations, qualify prospects, draft follow-ups, support booking decisions, and help operate autonomous workflows.

To make the AI useful, Blind OS may send the model relevant business context, lead records, connected-channel messages, previous conversation history, calendar availability, payment context, and instructions for the requested task.

The AI Worker feature is optional and requires a separate in-app consent before use. If enabled, AI Worker can receive a temporary, user-scoped workspace snapshot and can call server-side tools to search records or perform requested actions such as adding leads, updating leads, generating payment links, or sending channel messages through connected accounts.

AI Worker chats are designed to be temporary in the browser session and are not saved by Blind OS after the panel is closed. Tool executions may still create or update normal product records, such as leads, messages, payment-link tracking rows, or audit timestamps, when the user asks AI Worker to perform those actions.

Blind OS does not train its own AI models on user data. We do not permit customer data to be sold or used for advertising. We select AI processing partners and settings with a focus on no-training and limited-retention behavior where available.

AI output can be wrong, incomplete, or inappropriate. Users are responsible for configuring their accounts, supervising automation, complying with applicable laws, and disconnecting channels or disabling automation when they do not want Blind OS to act on their behalf.

We share information only as needed to operate Blind OS, including with database, infrastructure, authentication, workflow automation, channel connection, AI model, billing, payment, email, messaging, support, security, and analytics-free operational providers.

We may share data with Google/Gmail, WhatsApp-related systems, LinkedIn-related systems, Whop, Stripe, AI model providers, and other technical processors where necessary to provide features that you enable.

We may disclose information if required by law, to enforce our Terms, to protect Blind OS, users, leads, or the public, or in connection with a business transfer such as merger, acquisition, restructuring, or sale of assets.

We do not sell user data, lead data, conversation data, Gmail data, WhatsApp data, LinkedIn data, or payment data to advertisers or data brokers.

If you connect Stripe, Blind OS may ask for your Stripe API key and secret key so the app can fetch payment records, create or track payment links, and power autonomous payment tracking. This is currently used because Blind OS uses Whop for its own subscription billing while Stripe may be used for a user's own business payments.

You should use restricted Stripe keys with only the permissions needed for the Blind OS payment features, keep your Stripe credentials secure, and rotate or revoke keys if you believe they may be compromised.

Blind OS plans to move toward OAuth-style Stripe connection where available and practical.

Blind OS uses necessary cookies and similar technologies for authentication, session management, security, and core app functionality.

Blind OS may use browser local storage or session storage for in-app notification state and temporary UI preferences.

We do not currently use advertising pixels or sell/share cookie data for cross-context behavioral advertising.

We keep personal data for as long as needed to provide Blind OS, maintain security, resolve disputes, enforce agreements, comply with law, and support active accounts.

Users can delete their account from app settings. When an account is deleted, Blind OS deletes the user's account data, leads, connected-channel records, conversation records, calendar records, payment records, and related records from active Blind OS databases immediately.

Some limited technical records may remain temporarily where required for security, legal compliance, fraud prevention, billing evidence, backups, or audit logs. External platforms and providers may retain data according to their own policies.

Depending on where you live, you may have rights to access, correct, delete, export, restrict, object to, or withdraw consent for certain processing of your personal data.

California users may have rights to know, delete, correct, opt out of sale or sharing, limit certain sensitive personal information uses, and not be discriminated against for exercising privacy rights. Blind OS does not sell personal data.

European Economic Area, UK, and similar-region users may have rights under privacy laws such as GDPR-style rules. Our legal bases may include contract performance, consent, legitimate interests, legal compliance, and user instructions.

To exercise rights, delete your account from settings or email us. We may need to verify your identity before completing a request.

Blind OS uses technical and organizational safeguards designed to protect personal data, including authenticated access, permission controls, encrypted connections where supported, database protections, operational monitoring, and limited internal access.

No internet service can guarantee perfect security. Users should protect their login credentials, restrict connected account permissions where possible, rotate sensitive keys, and disconnect accounts they no longer want Blind OS to access.

Blind OS is available to users in multiple countries. Your data may be processed in countries other than where you live by our infrastructure, AI, billing, payment, communication, and workflow providers.

Where required, we rely on appropriate legal mechanisms, user instructions, contractual protections, or other safeguards for international processing.

Blind OS is not intended for anyone under 18. If we learn that a user under 18 has provided personal data, we will delete the account and related data.

We may update this Privacy Policy as Blind OS changes. When changes are material, we may notify users by email, in-app notice, or an updated consent prompt. Continued use after an updated policy becomes effective means you accept the updated policy.

For privacy questions, data requests, account deletion support, or security concerns, contact Blindeos04@gmail.com.