Privacy

A working draft. Final terms will be published before launch. Last updated 25 May 2026.

This policy explains what Opuss & Co Ltd ("Opuss", "we") collects, why, and your rights over it. Opuss is a commonplace book. We try to collect as little as the service needs, and to be plain about the rest.

1. Information we collect

• Your account. Your name and email address, provided through Sign in with Apple, and your chosen username.
• What you collect. The items you collect (the passage, its source, the date) and any private annotations you add.
• Basic technical data. Information your device sends when it connects, such as IP address and user agent, used to operate and secure the service.
• Analytics, only with your consent. If you accept analytics cookies on the web (see section 5), aggregated, pseudonymous usage data about how the site is used.

2. How we use your information, and our legal basis

• To provide, maintain, and secure Opuss, and to send transactional messages such as sign-in and recollections. Legal basis: performance of our contract with you (GDPR Article 6(1)(b)).
• To prevent fraud and abuse and to comply with law. Legal basis: our legitimate interests and legal obligations (Article 6(1)(f) and (c)).
• To understand how the site is used, through analytics. Legal basis: your consent (Article 6(1)(a)), which you can withdraw at any time.
• To send optional product updates, only if you opt in. Legal basis: your consent.

Opuss is free; this version processes no payments and stores no card details.

3. What you keep is yours

A collected item is a quotation from someone else's work; you are its keeper, not its author. The text of items you collect may help Opuss work for everyone, but we never attach your identity to an item when it is used to serve another reader. Your annotations are your own words and stay private unless you choose to publish them alongside an item. Publishing an item is always an explicit, per-item choice.

4. Email

Transactional email (authentication, recollections) is sent so the service can function. Marketing email (updates and recommendations) is opt-in, and you can opt out at any time.

5. Cookies and analytics

The Opuss app authenticates with an opaque token stored on your device, not a browser cookie, and the app itself sets no advertising or tracking cookies.

On the website (opuss.com) we use Google Analytics to understand, in aggregate, how the site is used, so we can improve it. This is strictly opt-in. When you first visit, a banner asks whether you accept analytics cookies. Until you choose Accept, no analytics script loads and no analytics cookie is set. If you Decline, nothing is loaded and we remember that choice. If you Accept, Google Analytics loads, sets its cookie, and records pseudonymous usage events with your IP address anonymised. We do not use analytics to identify you personally, and we do not sell or share this data for advertising. You can change your mind at any time by clearing the opuss_consent cookie (and Google's analytics cookies) in your browser, or by declining when next asked.

6. Sharing and the processors we use

We do not sell your personal information. We share it only with service providers who process it on our behalf, under contract, to run Opuss: Apple (Sign in with Apple), our hosting provider, our email-delivery provider, and, where you have consented, Google (Google Analytics).

7. International transfers

Some of these providers, including Google Analytics, may process data outside the United Kingdom and the European Economic Area, including in the United States. Where they do, we rely on appropriate safeguards such as the UK and EU standard contractual clauses or an adequacy decision.

8. Your rights under GDPR

• Access the personal data we hold about you.
• Correct inaccurate data: update your profile at any time.
• Export your personal data: request a copy via privacy@opuss.com.
• Withdraw consent for analytics or marketing at any time, without affecting the lawfulness of earlier processing.
• Object or restrict certain processing, and complain to the UK Information Commissioner's Office (ico.org.uk).
• Delete your account and data: see below.

9. Deleting your account and data

You can delete your account from Settings. This permanently removes your account and personal information and signs you out everywhere. True to "what you keep is yours", the text of items you collected is severed from your identity (anonymised) rather than always erased, so the shared corpus survives without you being named; any items you had published immediately stop resolving.

If you cannot reach your account, email privacy@opuss.com with your username and registered email; under GDPR we will complete deletion within 30 days. A small number of records (for example, audit logs for fraud prevention and legal disputes) may be retained where the law allows, under GDPR Article 17(3).

10. Data retention

We retain your account data for as long as your account exists. Analytics data is retained for a limited period and then deleted or aggregated. After account deletion we retain only what we are required to, as described above.

11. Children

Opuss is not directed at children under 13, and we do not knowingly collect their data. If you believe a child has given us personal data, contact us and we will remove it.

12. Data security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, or destruction.

13. Changes to this policy

We may update this policy from time to time. If a change is material we will take reasonable steps to let you know, and we will update the date at the top.

14. Contact

For privacy questions or to exercise your rights, contact privacy@opuss.com.