Privacy Policy

Information you provide: When you create an account, we collect your name, email address, and password. If you set up a seller profile, we also collect your professional details, portfolio items, and payout information. If you subscribe to a paid plan, Stripe collects and processes your payment details on our behalf.

Information we collect automatically: When you use Otterneti, we collect standard technical data including your IP address, browser type, device information, and pages visited. We use this to improve the Platform, diagnose issues, and understand how people use our product.

Files and content: Files you upload (profile photos, portfolio images, order deliverables) are stored on Amazon Web Services (AWS) S3. We only access these files as needed to provide the service or respond to support requests.

We use your information to operate and improve Otterneti. This includes: creating and managing your account, processing orders and payments, sending transactional emails (order confirmations, delivery notifications), providing customer support, and preventing fraud.

We may also use your information to send you product updates and announcements. You can opt out of non-essential emails at any time through your account settings.

We use anonymized, aggregated data to understand usage patterns and improve the Platform. This data cannot be used to identify individual users.

We do not sell your personal data. Period. We never have and never will sell your information to advertisers, data brokers, or any other third party.

We share information with third-party service providers only as necessary to operate the Platform. These providers include: Stripe (payment processing), AWS (file storage and infrastructure), Resend (transactional email delivery), and Google Cloud (hosting). Each provider is contractually obligated to protect your data.

We may disclose your information if required by law, such as in response to a court order or government request. We will notify you if this happens, unless we are legally prohibited from doing so.

We implement industry-standard security measures to protect your data, including encryption in transit (TLS/SSL) and at rest, secure password hashing, and access controls that limit who on our team can access user data.

For customers on our Agency plan with HIPAA compliance enabled, we provide additional safeguards including multi-factor authentication requirements, enhanced audit logging, and Business Associate Agreements (BAA) as required.

No system is perfectly secure. While we work hard to protect your information, we cannot guarantee absolute security. If we become aware of a data breach that affects your personal information, we will notify you in accordance with applicable law.

Otterneti uses cookies and similar technologies to keep you logged in, remember your preferences, and understand how people use the Platform. We use two types of cookies:

Essential cookies are required for the Platform to function. These handle authentication, security, and core features. You cannot opt out of these.

Analytics cookies help us understand how the Platform is used so we can improve it. These collect anonymized data about page visits and feature usage. You can opt out of analytics cookies through your browser settings or our cookie preferences panel.

You have the right to access, correct, or delete your personal data at any time. You can update most of your information directly through your account settings. For data deletion requests, contact us at hello@otterneti.com.

If you are located in the European Economic Area (EEA) or California, you have additional rights under GDPR and CCPA respectively, including the right to data portability, the right to restrict processing, and the right to object to certain uses of your data. We will respond to all legitimate requests within 30 days.

You can download a copy of your data at any time through your account settings. We provide your data in a standard, machine-readable format.

We retain your account data for as long as your account is active. If you close your account, we will delete your personal information within 90 days, except where we are required by law to retain certain records (such as financial transaction data for tax and accounting purposes).

Order records, payment history, and invoices are retained for a minimum of 7 years to comply with financial regulations. This data is anonymized where possible. Audit logs and security-related data are retained for up to 2 years.

Otterneti is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from someone under 18, we will delete that information promptly.

If you believe a minor has provided us with personal information, please contact us at hello@otterneti.com so we can take appropriate action.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will notify you by email or through a prominent notice on the Platform at least 30 days before the changes take effect.

We encourage you to review this policy periodically. The "Last updated" date at the top of this page indicates when the policy was most recently revised.

If you have any questions or concerns about this Privacy Policy or how we handle your data, please reach out to us at hello@otterneti.com or visit our contact page.

We take every privacy inquiry seriously and aim to respond within 5 business days. For urgent privacy-related matters, please include "URGENT: Privacy" in your subject line.