Legal

Privacy Policy

How we collect, use, and protect information you share with us.

Effective date: 1 January 2026  ·  Last updated: 5 June 2026

The short version: we collect your email when you ask us to, and — if you choose Sign in with Google — your basic Google profile (name, email, picture) to create your account. We use that data only to provide the service you signed up for, we never sell it or use it for advertising, and you can ask us to delete it any time.

1. Who we are

osdp.dev is operated by the team behind the Osprio product line — hardware and software tools for the Open Supervised Device Protocol (OSDP). When this policy says "we", "us", or "our", it means osdp.dev. Questions can be sent to [email protected].

2. Services this policy covers

This single privacy policy applies to osdp.dev and to the related sites and applications we operate on the same osdp.dev domain:

  • osdp.dev — our main website, with product information, waitlist sign-ups, and a contact form.
  • view.osdp.dev — the Osprio View application (USB protocol analyzer and OSDP emulator), where you can sign in to access your account.
  • shop.osdp.dev — our online store, where you can sign in to place and manage orders.

view.osdp.dev and shop.osdp.dev do not publish a separate privacy policy; this page is their privacy policy. Because all three are served under the verified osdp.dev domain, the same data practices described here apply to all of them.

3. Information we collect

We collect information only when you actively provide it:

  • Waitlist sign-ups. When you submit your email address through a waitlist form, we store that email address and the product you expressed interest in.
  • Contact form submissions. When you use the contact form on this website, we collect your name, email address, subject, and message body.
  • Sign in with Google. When you choose to sign in to view.osdp.dev or shop.osdp.dev using your Google Account, Google shares a limited set of profile information with us — your name, your email address, your profile picture, and a unique Google account identifier. We use this only to create and secure your account. We do not receive your Google password, and we do not request access to your Gmail, Google Drive, Google Calendar, contacts, or any other Google service. See section 4 for details.
  • Account and order data. If you create an account or place an order, we store the account details and order information you provide (such as items, and the shipping and billing details you enter at checkout).
  • Website analytics. We may use privacy-respecting analytics (no cookies, no cross-site tracking) to understand aggregate traffic patterns — page views and referrers only. No personal identifiers are collected through analytics.

We do not collect payment card information directly. Payment processing is handled by a certified payment processor (e.g. Stripe) and governed by their privacy practices.

4. Sign in with Google and Google user data

view.osdp.dev and shop.osdp.dev let you sign in with your Google Account so you don't have to create a separate password. When you use this option:

  • What we receive. Only basic profile data: your name, email address, profile picture, and a unique Google account identifier. These come from the openid, email, and profile scopes, which are non-sensitive.
  • What we do not access. We never request access to Gmail, Google Drive, Google Calendar, Google Contacts, or any other Google API beyond basic sign-in, and we never receive your Google password.
  • How we use it. Solely to authenticate you, create and identify your account, display your name and picture in the app, and contact you about your account. We do not use it for advertising, profiling, or any unrelated purpose.
  • Sharing. We do not sell or transfer Google user data to third parties, advertising platforms, data brokers, or information resellers, and we do not use it to train artificial intelligence or machine learning models. It is shared only with the infrastructure providers that operate our sign-in and hosting on our behalf, under agreements that restrict them to that purpose.
  • Retention and deletion. We keep your Google profile data for as long as your account is active. You can disconnect Google access at any time from your Google Account permissions page, and you can delete your account and the associated Google data by emailing [email protected].

osdp.dev's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

5. How we use your information

We use the information you provide solely for the purpose you provided it:

  • Waitlist emails are used to notify you about early access openings, beta milestones, and availability updates for the specific product you signed up for.
  • Contact form data is used to respond to your enquiry. We do not add contact form senders to any mailing list without explicit consent.

We do not use your data for advertising, profiling, or any purpose beyond what is described above.

6. Data sharing

We do not sell, rent, or trade your personal information to any third party, and we never transfer it to advertising platforms, data brokers, or information resellers. We may share your data only in the following limited circumstances:

  • Service providers. We may share data with trusted infrastructure providers (e.g. email delivery, hosting, and payment processing) that process it on our behalf, under data processing agreements that prohibit them from using your data for any other purpose.
  • Legal obligations. We may disclose information if required by law, regulation, or a valid legal process such as a court order.

7. Data retention

We retain waitlist data until you unsubscribe or request deletion, or until the relevant product launches and the waitlist is closed, whichever comes first. Contact form submissions are retained for up to 24 months for reference purposes, then deleted. Account data — including the Google profile data described in section 4 — is retained for as long as your account is active and deleted when you delete your account or request deletion.

8. Your rights

Depending on where you are located, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to or restrict certain processing
  • Receive a portable copy of your data

To exercise any of these rights, email [email protected] with "Privacy Request" in the subject line. We will respond within 30 days.

9. Cookies and browser storage

We store a small number of strictly necessary items in your browser (your cookie-banner choice and your theme preference) and, only with your explicit consent, basic Google Analytics cookies for aggregate traffic measurement. We do not run third-party advertising or cross-site tracking. The complete list — with names, providers, purposes, durations, and the legal basis for each item — is on our Cookie Notice, along with instructions for changing your choice.

10. Security

We take reasonable technical measures to protect personal data from unauthorised access, loss, or misuse. All data transmitted between your browser and our servers is encrypted using TLS. That said, no system is perfectly secure, and we cannot guarantee absolute security.

11. Children

Our services are not directed at children under 16. We do not knowingly collect personal information from anyone under 16. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

12. Changes to this policy

We may update this policy from time to time. If we make material changes, we will update the "Last updated" date at the top of this page. Continued use of our website after changes constitutes acceptance of the revised policy.

13. Contact

For any privacy-related questions, concerns, or requests, contact us at [email protected].