OpenRep Canva App Privacy Policy

Last Updated: [11-11-2023]

1. Introduction

Welcome to OpenRep. This Privacy Policy describes how we, OpenRep, collect, use, and store your personal information. This information is categorized into personally identifiable information ("personal data") and non-personally identifiable information, based on whether it can identify you as a specific person. We are committed to protecting your privacy and handling your data in an open, transparent manner, and in compliance with the General Data Protection Regulation (GDPR) and the California Privacy Rights Act (CPRA). If you have any questions or concerns regarding your privacy, please contact us at [OpenRep contact email].

2. Personal Data We Process

In the course of using our services or interacting with us, we may process various types of personal data including but not limited to:


Contact/Identity Data: Email address, and telephone number.

Transaction Data: Details if payments are successful and services you have purchased.

Marketing Data: Your preferences in receiving marketing from us.

Note: Storage refers to data at rest (e.g., saved on servers)


Content Data: Any content that you provide for processing by our AI tools.

Note: Transmission pertains to data in transit (e.g., data sent between devices)

We adhere to the principles of data minimization, accuracy, and storage limitation as mandated by GDPR and CPRA.

3. Purposes for Processing Personal Data

We use your personal data for various purposes, including to provide and improve our services, manage your account and relationship with us, process transactions and payments, for customer support, to send you updates and marketing communications, for internal research and development, and to comply with legal and regulatory obligations. Our processing activities are aligned with GDPR and CPRA requirements, ensuring that personal data is used in a manner that is fair, lawful, and transparent.

4. Legal Basis for Data Processing

Our processing of your personal data is based on your consent for specific processing activities, the necessity of processing for the performance of our services and contractual obligations, compliance with our legal obligations, and our legitimate interests, such as for improving our services and for administrative purposes. We ensure that our data processing activities have a solid legal basis as required by GDPR and CPRA.

5. General Provisions

Access to certain services requires your personal data; for instance, you cannot register an account without providing your name and email. We keep records of communications for customer support purposes and do not sell or rent personal information to third parties. We use the information in accordance with this Privacy Policy and may disclose it if required by law.

6. Security Measures

We take data security seriously and have implemented appropriate measures to protect your personal data against unauthorized access, disclosure, alteration, and misuse. However, no internet-based service can guarantee absolute security. We will promptly notify relevant authorities and you in case of a data breach. Our security measures are designed to meet the standards of GDPR and CPRA.

7. Children's Privacy

Our services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information, consistent with the GDPR and CPRA.

Note: Users under 16 should seek parental consent before using the service

8. Storage and Transfer of Personal Data

We store personal data on secure servers and take reasonable steps to protect your data. We retain your personal data for as long as necessary to provide the services you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our policies. We will delete all data for your account 7 days after you cancel your subscription or you were to request it. Our data storage and transfer practices are compliant with GDPR and CPRA, ensuring that personal data is stored securely and transferred only under secure and lawful conditions.

9. User's Rights

You have certain rights regarding your personal data, as accorded by GDPR and CPRA, including the right to access, correct, and request the deletion of your personal data. You can also object to the processing of your personal data, request the restriction of processing, or request portability of your personal data. If we have collected and processed your personal data with your consent, you can withdraw your consent at any time. Additionally, under GDPR, you have the right to data portability and the right to be forgotten, and under CPRA, you have the right to correct information and limit the use and disclosure of sensitive personal information. You may exercise these rights by contacting us at

Examples of requests: Data Deletion, Opting out of marketing emails, etc

10. Changes to the Privacy Policy

We may update this policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors. We encourage you to review this policy periodically to stay informed about how we are protecting the personal information we collect. Your continued use of our services constitutes your agreement to this Privacy Policy and any updates.

11. AI Use and Data Processing

a. Overview of AI Integration in Services

OpenRep employs advanced artificial intelligence (AI) technology to provide enhanced social media management services. Our AI tools are designed to streamline your social media strategy through automated content generation, optimization, and analytics. This section explains how we use AI and the data privacy considerations specific to AI technology.

b. Types of Data Processed by AI

Our AI systems only process User-Provided data to generate social media captions. User-Provided Data includes content that you provide, which are the inputs (Description, Audience, Tone, Goal) for AI processing.

c. AI-Generated Content and Privacy

Confidentiality: We maintain strict confidentiality over the data you provide for AI processing. Our AI tools are designed to respect user privacy and data security.

Anonymization: Wherever possible, we anonymize the data used by our AI systems to reduce any privacy risks.

Data Retention: AI-generated content and the data used for creating such content is NOT stored after it is processed.

d. Ethical Considerations and AI

We are committed to the ethical use of AI. Our AI systems are developed and operated under principles that prioritize fairness, transparency, and respect for user privacy. We regularly review our AI models and algorithms to ensure they are free of biases and align with ethical standards.

e. User Control Over AI Data

User Consent: We obtain explicit consent from our users before using their data for AI processing, especially for data that could be sensitive.

User Access: You have the right to access the data used by our AI systems and understand how it is being processed.

Opt-Out Options: Users have the option to opt-out of AI data processing. However, this may impact the effectiveness and personalization of the services offered.

f. AI and Data Security

Security Measures: We employ robust security measures to protect the data processed by our AI systems against unauthorized access and misuse.

Monitoring: Our systems are continuously monitored for any security vulnerabilities to ensure the ongoing confidentiality and integrity of your data.

g. Changes in AI Technology

As AI technology evolves, so will our use of it in our services. We commit to keeping our users informed about significant changes in how we use AI and the impact on data privacy.

h. Contact for AI-Related Inquiries

For any questions or concerns about how we use AI technology and its impact on your data privacy, please reach out to us at